Entropy analysis of physical unclonable functions

Physical Unclonable Functions (PUFs) are an emerging security primitive useful for secure key storage mechanisms and anti-counterfeiting measures. To do this securely, it is imperative that PUFs are unique, i.e., possess enough entropy. The aim of this thesis is to develop and implement new methodologies to accurately estimate the entropy of PUFs. To this end, a novel method is presented which estimates the extractable entropy by calculating the mutual information between enrollment and reconstruction measurements. Furthermore, a method to determine uniqueness from the field of biometrics is modified in such a way that the entropy of PUFs can be estimated. Our newly developed entropy estimation methods are compared to other methods found in the literature using a comprehensive experimental evaluation on synthetically generated PUF data with known entropy. We find that the results from our methods are in line with results found in the literature using methods such as the context-tree weighting compression and inter-device distance tests. The contributions of our methods are that the influence of the reconstruction condition (noise) is included in the entropy estimation as well as providing insight on how entropy develops if more measurements are used during enrollment and reconstruction. We find that the extractable entropy increases as more measurements are used during enrollment and reconstruction, but only if PUF biases are reliable across conditions. Furthermore, an entropy analysis is performed on PUF data from the European Union sponsored UNIQUE project, which consists of 192 application-specific integrated circuits housing multiple instances of the most popular intrinsic PUF types. In particular, we performed a comprehensive uniqueness evaluation of four memory based PUF types: the latch, D flip-flop (DFF), buskeeper and SRAM PUF. Our analysis shows that from the four analysed PUF types, the SRAM PUF has the most extractable entropy. The buskeeper also shows strong PUF behaviour, while the DFF and latch PUF have the least extractable entropy.

[1]  Ingrid Verbauwhede,et al.  Experimental evaluation of Physically Unclonable Functions in 65 nm CMOS , 2012, 2012 Proceedings of the ESSCIRC (ESSCIRC).

[2]  Dieter Schuster Side-Channel Analysis of Physical Unclonable Functions (PUFs) , 2011 .

[3]  Patrick Schaumont,et al.  A Systematic Method to Evaluate and Compare the Performance of Physical Unclonable Functions , 2011, IACR Cryptol. ePrint Arch..

[4]  Boris Skoric,et al.  An information theoretic model for physical uncloneable functions , 2004, International Symposium onInformation Theory, 2004. ISIT 2004. Proceedings..

[5]  Berk Sunar,et al.  Differential template attacks on PUF enabled cryptographic devices , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[6]  D. V. Gokhale,et al.  Entropy expressions and their estimators for multivariate distributions , 1989, IEEE Trans. Inf. Theory.

[7]  Srinivas Devadas,et al.  Identification and authentication of integrated circuits , 2004, Concurr. Pract. Exp..

[8]  Daniel E. Holcomb,et al.  Initial SRAM State as a Fingerprint and Source of True Random Numbers for RFID Tags , 2007 .

[9]  Mario Konijnenburg,et al.  Evaluation of 90nm 6T-SRAM as Physical Unclonable Function for secure key generation in wireless sensor nodes , 2011, 2011 IEEE International Symposium of Circuits and Systems (ISCAS).

[10]  Frans M. J. Willems,et al.  The context-tree weighting method: basic properties , 1995, IEEE Trans. Inf. Theory.

[11]  Ingrid Verbauwhede,et al.  Intrinsic PUFs from Flip-flops on Reconfigurable Devices , 2008 .

[12]  Tam Tom Kevenaar,et al.  Information-theoretic analysis of capacitive physical unclonable functions , 2006 .

[13]  M. F.,et al.  Bibliography , 1985, Experimental Gerontology.

[14]  Srinivas Devadas,et al.  Controlled physical random functions , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[15]  Srinivas Devadas,et al.  Identification and authentication of integrated circuits: Research Articles , 2004 .

[16]  Peter Simons,et al.  Buskeeper PUFs, a promising alternative to D Flip-Flop PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[17]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[18]  Marten van Dijk,et al.  A technique to build a secret key in integrated circuits for identification and authentication applications , 2004, 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525).

[19]  Thomas M. Cover,et al.  Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing) , 2006 .

[20]  Ahmad-Reza Sadeghi,et al.  Reconfigurable Physical Unclonable Functions - Enabling technology for tamper-resistant storage , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[21]  G. Edward Suh,et al.  Extracting secret keys from integrated circuits , 2005, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[22]  Ingrid Verbauwhede,et al.  Physically unclonable functions: manufacturing variability as an unclonable device identifier , 2011, GLSVLSI '11.

[23]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[24]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[25]  Milan Petkovic,et al.  Security, Privacy, and Trust in Modern Data Management , 2007, Data-Centric Systems and Applications.

[26]  Boris Skoric,et al.  Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions , 2009, Inf. Syst. Frontiers.

[27]  Srinivas Devadas,et al.  Controlled physical random functions and applications , 2008, TSEC.

[28]  An Braeken,et al.  Comparison of SRAM and FF PUF in 65nm Technology , 2011, NordSec.

[29]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[30]  Ingrid Verbauwhede,et al.  Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions , 2010, Towards Hardware-Intrinsic Security.

[31]  Dieter K. Schroder,et al.  Negative bias temperature instability: What do we understand? , 2007, Microelectron. Reliab..

[32]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[33]  Ying Su,et al.  A Digital 1.6 pJ/bit Chip Identification Circuit Using Process Variations , 2008, IEEE Journal of Solid-State Circuits.

[34]  J. Meindl,et al.  The impact of intrinsic device fluctuations on CMOS SRAM cell stability , 2001, IEEE J. Solid State Circuits.

[35]  Boris Skoric,et al.  Estimating the Secrecy-Rate of Physical Unclonable Functions with the Context-Tree Weighting Method , 2006, 2006 IEEE International Symposium on Information Theory.

[36]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[37]  Geert Jan Schrijen,et al.  Comparative analysis of SRAM memories used as PUF primitives , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[38]  Sani R. Nassif,et al.  The Impact of Random Device Variation on SRAM Cell Stability in Sub-90-nm CMOS Technologies , 2008, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[39]  Stefan Katzenbeisser,et al.  The PUF Promise , 2010, TRUST.

[40]  Boris Skoric,et al.  Strong Authentication with Physical Unclonable Functions , 2007, Security, Privacy, and Trust in Modern Data Management.

[41]  Jorge Guajardo,et al.  Physical Unclonable Functions, FPGAs and Public-Key Crypto for IP Protection. , 2007 .

[42]  Georg Sigl,et al.  Semi-invasive EM attack on FPGA RO PUFs and countermeasures , 2011 .

[43]  Blaise L. P. Gassend,et al.  Physical random functions , 2003 .

[44]  John Daugman,et al.  The importance of being random: statistical principles of iris recognition , 2003, Pattern Recognit..

[45]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[46]  Jorge Guajardo,et al.  Extended abstract: The butterfly PUF protecting IP on every FPGA , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[47]  Helena Handschuh,et al.  Hardware Intrinsic Security from Physically Unclonable Functions , 2010, Towards Hardware-Intrinsic Security.

[48]  Frederik Armknecht,et al.  A Formal Foundation for the Security Features of Physical Functions , 2011, S&P 2011.