Cloning Physically Unclonable Functions

As system security demands continue to evolve, Physically Unclonable Functions (PUFs) are a promising solution for secure storage on Integrated Circuits (ICs). SRAM PUFs are among the most popular types of PUFs, since they require no additional circuitry and can be implemented with on-die memories such as caches and data memory that are readily available on both ASICs and FPGAs. This work demonstrates that SRAM PUFs are not well suited as PUFs, as they do not meet several requirements that constitute an ideal PUF. The compact nature of SRAM, standard interconnects and resiliency to environmental effects make SRAM PUFs particularly easy to clone. We consider several ways in which SRAM PUFs can be characterized and demonstrate a Focused Ion Beam circuit edit with which we were able to produce a physical clone of our Proof-of-Concept SRAM PUF implementation. As a result of the circuit edit, when challenged, the physical clone produced an identical physical response to the original device. To the best of our knowledge, this is the first work in which a physical clone of a Physically Unclonable Function was produced.

[1]  Wolfgang Rankl,et al.  Smart Card Handbook: Rankl/Smart Card Handbook , 2010 .

[2]  Ulrich Rührmair,et al.  Physical unclonable functions based on crossbar arrays for cryptographic applications , 2013, Int. J. Circuit Theory Appl..

[3]  Jean-Pierre Seifert,et al.  Simple photonic emission analysis of AES , 2013, Journal of Cryptographic Engineering.

[4]  Sergei P. Skorobogatov Optically Enhanced Position-Locked Power Analysis , 2006, CHES.

[5]  Jean-Pierre Seifert,et al.  Simple Photonic Emission Analysis of AES - Photonic Side Channel Analysis for the Rest of Us , 2012, CHES.

[6]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[7]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[8]  Stefan Katzenbeisser,et al.  PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon , 2012, CHES.

[9]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[10]  Rudolf Schlangen,et al.  RF performance increase allowing IC timing adjustments by use of backside FIB processing , 2009, 2009 16th IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits.

[11]  David Naccache,et al.  Towards Hardware-Intrinsic Security - Foundations and Practice , 2010, Information Security and Cryptography.

[12]  Jens B. Schmitt,et al.  Measurement, Modelling, and Evaluation of Computing Systems and Dependability and Fault Tolerance , 2012, Lecture Notes in Computer Science.

[13]  Vinod Vaikuntanathan,et al.  Inspection resistant memory: Architectural support for security from physical examination , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[14]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[15]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[16]  Rainer Plaga,et al.  A Formal Definition and a New Security Mechanism of Physical Unclonable Functions , 2012, MMB/DFT.

[17]  Jean-Pierre Seifert,et al.  Functional integrated circuit analysis , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[18]  Daniel Page,et al.  Hardware-Oriented Security and Trust - HOST 2008 , 2008 .

[19]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[20]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[21]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.