ABSTRACT
Physical Unclonable Functions (PUFs) measure manufacturing variations inside integrated circuits to derive internal secrets during run-time and avoid to store secrets permanently in non-volatile memory. PUF responses are noisy such that they require error correction to generate reliable cryptographic keys. To date, when needed one single key is reproduced in the field and always used, regardless of its reliability. In this work, we compute online reliability information for a reproduced key and perform multiple PUF readout and error correction steps in case of an unreliable result. This permits to choose the most reliable key among multiple derived key candidates with different corrected error patterns. We achieve the same average key error probability from less PUF response bits with this approach. Our proof of concept design for a popular reference scenario uses Differential Sequence Coding (DSC) and a Viterbi decoder with reliability output information. It requires 39% less PUF response bits and 16% less helper data bits than the regular approach without the option for multiple readouts.
- C. Herder, M. Yu, F. Koushanfar, and S. Devadas, "Physical unclonable functions and applications: A tutorial," Proceedings of the IEEE, vol. 102, no. 8, pp. 1126--1141, 2014.Google ScholarCross Ref
- G. E. Suh and S. Devadas, "Physical unclonable functions for device authentication and secret key generation," in ACM/IEEE Design Automation Conference (DAC), 2007, pp. 9--14. Google ScholarDigital Library
- J. Guajardo, S. S. Kumar, G. J. Schrijen, and P. Tuyls, "FPGA intrinsic PUFs and their use for IP protection," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. Lecture Notes in Computer Science, P. Paillier and I. Verbauwhede, Eds., vol. 4727. Springer Berlin / Heidelberg, 2007, pp. 63--80. Google ScholarDigital Library
- B. Gassend, D. Clarke, M. v. Dijk, and S. Devadas, "Delay-based circuit authentication and applications," in ACM Symposium on Applied Computing (SAC), 2003, pp. 294--301. Google ScholarDigital Library
- O. Gunlu and G. Kramer, "Privacy, secrecy, and storage with noisy identifiers," Tech. Rep., 2016.Google Scholar
- R. Maes, P. Tuyls, and I. Verbauwhede, "Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. Lecture Notes in Computer Science, C. Clavier and K. Gaj, Eds., vol. 5747. Springer Berlin / Heidelberg, 2009, pp. 332--347. Google ScholarDigital Library
- M. Hiller, D. Merli, F. Stumpf, and G. Sigl, "Complementary IBS: Application specific error correction for PUFs," in IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2012, pp. 1--6.Google Scholar
- V. van der Leest, B. Preneel, and E. van der Sluis, "Soft decision error correction for compact memory-based pufs using a single enrollment," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. Lecture Notes in Computer Science, E. Prou and P. Schaumont, Eds., vol. 7428. Springer Berlin / Heidelberg, 2012, pp. 268--282. Google ScholarDigital Library
- M. Hiller, M. Weiner, L. Rodrigues Lima, M. Birkner, and G. Sigl, "Breaking through xed PUF block limitations with di erential sequence coding and convolutional codes," in International Workshop on Trustworthy Embedded Devices (TrustED). ACM, 2013, pp. 43--54. Google ScholarDigital Library
- A. R. Raghavan and C. W. Baum, "A reliability output Viterbi algorithm with applications to hybrid ARQ," IEEE Transactions on Information Theory, vol. 44, no. 3, pp. 1214--1216, 1998. Google ScholarDigital Library
- M. Yu, M. Hiller, and S. Devadas, "Maximum likelihood decoding of device-specific multi-bit symbols for reliable key generation," in IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2015, pp. 38--43.Google Scholar
- Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," in Advances in Cryptology (EUROCRYPT), ser. Lecture Notes in Computer Science, C. Cachin and J. L. Camenisch, Eds., vol. 3027. Springer Berlin / Heidelberg, 2004, pp. 523--540.Google Scholar
- C. Bosch, J. Guajardo, A.-R. Sadeghi, J. Shokrollahi, and P. Tuyls, "Efficient helper data key extractor on FPGAs," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. Lecture Notes in Computer Science, E. Oswald and P. Rohatgi, Eds., vol. 5154. Springer Berlin / Heidelberg, 2008, pp. 181--197. Google ScholarDigital Library
- M. Yu and S. Devadas, "Secure and robust error correction for physical unclonable functions," IEEE Design & Test of Computers, vol. 27, no. 1, pp. 48--65, 2010. Google ScholarDigital Library
- P. Elias, "Coding for noisy channels," Proceedings of the Institute of Radio Engineers, vol. 43, no. 3, pp. 356--356, 1955.Google Scholar
- M. Bossert, Channel Coding for Telecommunications. New York: John Wiley & Sons, 1999. Google ScholarDigital Library
- A. J. Viterbi, "Error bounds for convolutional codes and an asymptotically optimum decoding algorithm," IEEE Transactions on Information Theory, vol. 13, no. 2, pp. 260--269, 1967. Google ScholarDigital Library
- M. Hiller, L. Rodrigues Lima, and G. Sigl, "Seesaw: An area-optimized FPGA Viterbi decoder for PUFs," in Euromicro Conference on Digital System Design (DSD), 2014, pp. 387--393. Google ScholarDigital Library
- J. Hagenauer and P. Hoeher, "A Viterbi algorithm with soft-decision outputs and its applications," in IEEE Global Telecommunications Conference and Exhibition (GLOBECOM), 1989, pp. 1680--1686 vol.3.Google Scholar
- J. C. Fricke and P. A. Hoeher, "Word error probability estimation by means of a modified Viterbi decoder," in IEEE Vehicular Technology Conference (VTC), 2007, pp. 1113--1116.Google Scholar
- G. Schnabl and M. Bossert, "Soft-decision decoding of Reed-Muller codes as generalized multiple concatenated codes," IEEE Transactions on Information Theory, vol. 41, no. 1, pp. 304--308, 1995. Google ScholarDigital Library
- M. Hiller, M. Yu, and G. Sigl, "Cherry-picking reliable PUF bits with differential sequence coding," IEEE Transactions on Information Forensics and Security, vol. 11, no. 9, pp. 2065--2076, 2016. Google ScholarDigital Library
Index Terms
- Online Reliability Testing for PUF Key Derivation
Recommendations
EM Side-Channel Analysis of BCH-based Error Correction for PUF-based Key Generation
ASHES '17: Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware SecurityPhysical Unclonable Functions (PUFs) provide a cost-efficient way to store a secure key on a device. But the noisy secret from a PUF must be corrected to generate a stable key. Since the error correction processes secret material, it is a target of ...
Breaking through fixed PUF block limitations with differential sequence coding and convolutional codes
TrustED '13: Proceedings of the 3rd international workshop on Trustworthy embedded devicesSecret key generation with Physical Unclonable Functions (PUFs) is an alternative to conventional secure key storage with non-volatile memory.
In a PUF, secret bits are generated by evaluating the internal state of a physical source. Typically, error ...
A Machine Learning Attack Resistant Dual-mode PUF
GLSVLSI '18: Proceedings of the 2018 on Great Lakes Symposium on VLSISilicon Physical Unclonable Function (PUF) is arguably the most promising hardware security primitive. In particular, PUFs that are capable of generating a large amount of challenge response pairs (CRPs) can be used in many security applications. ...
Comments