Biblio

Physical Unclonable Functions (PUFs) are the secured hardware primitives to authenticate Integrated Circuits (ICs) from various unauthorized attacks. The secured key generation mechanism through PUFs is based on random Process Variations (PVs) inherited by the CMOS transistors. In this paper, we proposed a chaotic-based challenge generation mechanism to feed the arbiter PUFs. The chaotic property is introduced to increase the non-linearity in the arbitration mechanism thereby the uncertainty of the keys is attained. The chaotic sequences are easy to generate, difficult to intercept, and have the additional advantage of being in a large number Challenge-Response Pair (CRP) generation. The proposed design has a significant advantage in key generation with improved uniqueness and diffuseness of 47.33%, and 50.02% respectively. Moreover, the enhancement in the reliability of 96.14% and 95.13% range from −40C to 125C with 10% fluctuations in supply voltage states that it has prominent security assistance to the Internet of Things (IoT) enabled devices against malicious attacks.

True Random Number Generator (TRNG) is an important hardware security primitive for system security. TRNGs are capable of providing random bits for initialization vectors in encryption engines, for padding and nonces in authentication protocols and for seeds to pseudo random number generators (PRNG). A TRNG needs to meet the same statistical quality standards as a physical unclonable function (PUF) with regard to randomness and uniqueness, and therefore one can envision a unified architecture for both functions. In this paper, we investigate a FPGA implementation of a TRNG using the Shift-register Reconvergent-Fanout (SiRF) PUF. The SiRF PUF measures path delays as a source of entropy within a engineered logic gate netlist. The delays are measured at high precision using a time-to-digital converter, and then processed into a random bitstring using a series of linear-time mathematical operations. The SiRF PUF algorithm that is used for key generation is reused for the TRNG, with simplifications that improve the bit generation rate of the algorithm. This enables the TRNG to leverage both fixed PUF-based entropy and random noise sources, and makes the TRNG resilient to temperature-voltage attacks. TRNG bitstrings generated from a programmable logic implementation of the SiRF PUF-TRNG on a set of FPGAs are evaluated using statistical testing tools.

Recently, as the use of Internet of Things (IoT) devices has expanded, security issues have emerged. As a solution to the IoT security problem, PUF (Physical Unclonable Function) technology has been proposed, and research on key generation or device authentication using it has been actively conducted. In this paper, we propose a method to apply PUF-based device authentication technology to the Open Connectivity Foundation (OCF) open platform. The proposed method can greatly improve the security level of IoT open platform by utilizing PUF technology.

This paper presents a MATLAB Graphical User Interface (GUI) based tool that determines the performance evaluation metrics of the physically unclonable functions (PUFs). The PUFs are hardware security primitives which can be utilized in several hardware security applications like integrated circuits protection, device authentication, secret key generation, and hardware obfuscation. Like any other technology approach, PUFs evaluation requires testing different performance metrics, each of which can be determined by at least one mathematical equation. The proposed tool (PUFs Tool) reads the PUF instances’ output and then computes and generates the values of the main PUFs’ performance metrics: uniqueness, reliability, uniformity, and bit-aliasing. In addition, it generates a bar code for each PUF instance considered in the evaluation process. The PUFs Tool is designed and developed using the app designer of MATLAB software 2021b.

Security is of importance for communication networks, and many network nodes, like sensors and IoT devices, are resource-constrained. Physical Unclonable Functions (PUFs) leverage physical variations of the integrated circuits to produce responses unique to individual circuits and have the potential for delivering security for low-cost networks. But before a PUF can be adopted for security applications, all security vulnerabilities must be discovered. Recently, a new PUF known as Interpose PUF (IPUF) was proposed, which was tested to be secure against reliability-based modeling attacks and machine learning attacks when the attacked IPUF is of small size. A recent study showed IPUFs succumbed to a divide-and-conquer attack, and the attack method requires the position of the interpose bit known to the attacker, a condition that can be easily obfuscated by using a random interpose position. Thus, large IPUFs may still remain secure against all known modeling attacks if the interpose position is unknown to attackers. In this paper, we present a new modeling attack method of IPUFs using multilayer neural networks, and the attack method requires no knowledge of the interpose position. Our attack was tested on simulated IPUFs and silicon IPUFs implemented on FPGAs, and the results showed that many IPUFs which were resilient against existing attacks cannot withstand our new attack method, revealing a new vulnerability of IPUFs by re-defining the boundary between secure and insecure regions in the IPUF parameter space.

Physically Unclonable Functions (PUFs) are hardware-based security primitives that utilize manufacturing process variations to realize binary keys (Weak PUFs) or binary functions (Strong PUFs). This primitive is desirable for key generation and authentication in constrained devices, due to its low power and low area overhead. However, in recent years many research papers are focused on the vulnerability of PUFs to modeling attacks. This attack is possible because the PUFs challenge and response exchanges are usually transmitted over communication channel without encryption. Thus, an attacker can collect challenge-response pairs and use it as input into a learning algorithm, to create a model that can predict responses given new challenges. In this paper we introduce a serial and a parallel novel 64-bits memory-based controlled PUF (Mc-PUF) architecture for device authentication that has high uniqueness and randomness, reliable, and resilient against modeling attacks. These architectures generate a response by utilizing bits extracted from the fingerprint of a synchronous random-access memory (SRAM) PUF with a control logic. The synthesis of the serial architecture yielded an area of 1.136K GE, while the parallel architecture was 3.013K GE. The best prediction accuracy obtained from the modeling attack was 50%, which prevents an attacker from accurately predicting responses to future challenges. We also showcase the scalability of the design through XOR-ing several Mc-PUFs, further improving upon its security and performance. The remainder of the paper presents the proposed architectures, along with their hardware implementations, area and power consumption, and security resilience against modeling attacks. The 3-XOR Mc-PUF had the greatest overhead, but it produced the best randomness, uniqueness, and resilience against modeling attacks.

Recently, it is predicted that interworking between heterogeneous devices will be accelerated due to the openness of the IoT (Internet of Things) platform, but various security threats are also expected to increase. However, most IoT open platforms remain at the level that utilizes existing security technologies. Therefore, a more secure security technology is required to prevent illegal copying and leakage of important data through stealing, theft, and hacking of IoT devices. In addition, a technique capable of ensuring interoperability with existing standard technologies is required. This paper proposes an IoT device authentication method based on PUF (Physical Unclonable Function) that operates on an IoT open platform. By utilizing PUF technology, the proposed method can effectively respond to the threat of exposure of the authentication key of the existing IoT open platform. Above all, the proposed method can contribute to compatibility and interoperability with existing technologies by providing a device authentication method that can be effectively applied to the OCF Iotivity standard specification, which is a representative IoT open platform.

Physical unclonable functions (PUFs) are used to create unique device identifiers from their inherent fabrication variability. Unstable readings and variation of the PUF response over time are key issues that limit the applicability of PUFs in real-world systems. In this project, we developed a fuzzy extractor (FE) to generate robust cryptographic keys from ReRAM-based PUFs. We tested the efficiency of the proposed FE using BCH and Polar error correction codes. We use ReRAM-based PUFs operating in pre-forming range to generate binary cryptographic keys at ultra-low power with an objective of tamper sensitivity. We investigate the performance of the proposed FE with real data using the reading of the resistance of pre-formed ReRAM cells under various noise conditions. The results show a bit error rate (BER) in the range of 10−5 for the Polar-codes based method when 10% of the ReRAM cell array is erroneous at Signal to Noise Ratio (SNR) of 20dB.This error rate is achieved by using helper data length of 512 bits for a 256 bit cryptographic key. Our method uses a 2:1 ratio for helper data and key, much lower than the majority of previously reported methods. This property makes our method more robust against helper data attacks.

Summary form only given, as follows. The complete presentation was not made available for publication as part of the conference proceedings. What is “hardware” security? The network designer relies on the security of the router box. The software developer relies on the TPM (Trusted Platform Module). The circuit designer worries about side-channel attacks. At the same time, electronics shrink: sensor nodes, IOT devices, smart devices are becoming more and more available. Adding security and cryptography to these often very resource constraint devices is a challenge. This presentation will focus on Physically Unclonable Functions and True Random Number Generators, two roots of trust, and their security testing.

The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreck havoc on the security it is intended to provide. This paper presents how some security properties are tested on leading primitives: True Random Number Generation (TRNG), Physically Unclonable Function (PUF), cryptographic primitives and Digital Sensor (DS). The test of TRNG and PUF to ensure a high level of security is mainly about the entropy assessment, which requires specific statistical tests. The security against side-channel analysis (SCA) of cryptographic primitives, like the substitution box in symmetric cryptography, is generally ensured by masking. But the hardware implementation of masking can be damaged by glitches, which create leakages on sensitive variables. A test method is to search for nets of the cryptographic netlist, which are vulnerable to glitches. The DS is an efficient primitive to detect disturbances and rise alarms in case of fault injection attack (FIA). The dimensioning of this primitive requires a precise test to take into account the environment variations including the aging.

To enhance the security of digital circuits, there is often a desire to dynamically generate, rather than statically store, random values used for identification and authentication purposes. Physically Unclonable Functions (PUFs) provide the means to realize this feature in an efficient and reliable way by utilizing commonly overlooked process variations that unintentionally occur during the manufacturing of integrated circuits (ICs) due to the imperfection of fabrication process. When given a challenge, PUFs produce a unique response. However, PUFs have been found to be vulnerable to modeling attacks where by using a set of collected challenge response pairs (CRPs) and training a machine learning model, the response can be predicted for unseen challenges. To combat this vulnerability, researchers have proposed techniques such as Challenge Obfuscation. However, as shown in this paper, this technique can be compromised via modeling the PUF's power side-channel. We first show the vulnerability of a state-of-the-art Challenge Obfuscated PUF (CO-PUF) against power analysis attacks by presenting our attack results on the targeted CO-PUF. Then we propose two countermeasures, as well as their hybrid version, that when applied to the CO-PUFs make them resilient against power side-channel based modeling attacks. We also provide some insights on the proper design metrics required to be taken when implementing these mitigations. Our simulation results show the high success of our attack in compromising the original Challenge Obfuscated PUFs (success rate textgreater 98%) as well as the significant improvement on resilience of the obfuscated PUFs against power side-channel based modeling when equipped with our countermeasures.

Assuring Cybersecurity for the Internet of things (IoT) remains a significant challenge. Most IoT devices have minimal computational power and should be secured with lightweight security techniques (optimized computation and energy tradeoff). Furthermore, IoT devices are mainly designed to have long lifetimes (e.g., 10–15 years), forcing the designers to open the system for possible future updates. Here, we developed a lightweight and reconfigurable security architecture for IoT devices. Our research goal is to create a simple authentication protocol based on physical unclonable function (PUF) for FPGA-based IoT devices. The main challenge toward realization of this protocol is to make it make it resilient against machine learning attacks and it shall not use cryptography primitives.

Blockchain transactions are signed by private keys. Secure key storage and tamper resistant computing, are critical requirements for deployments of trusted infrastructure. In this paper we identify some threats against blockchain wallets, and we introduce a set of physical and logical countermeasures in order to defeat them. We introduce open software and hardware architectures based on secure elements, which enable detection of cloned device and corrupted software. These technologies are based on resistant computing (javacard), smartcard anti cloning, smartcard self content attestation, applicative firewall, bare metal architecture, remote attestation, dynamic PUF (Physical Unclonable Function), and programming token as root of trust.

Physically Unclonable Functions (PUFs) have been considered as promising lightweight primitives for random number generation and device authentication. Thanks to the imperfections occurring during the fabrication process of integrated circuits, each PUF generates a unique signature which can be used for chip identification. Although supposed to be unclonable, PUFs have been shown to be vulnerable to modeling attacks where a set of collected challenge response pairs are used for training a machine learning model to predict the PUF response to unseen challenges. Challenge obfuscation has been proposed to tackle the modeling attacks in recent years. However, knowing the obfuscation algorithm can help the adversary to model the PUF. This paper proposes a modeling-resilient arbiter-PUF architecture that benefits from the randomness provided by PUFs in concealing the obfuscation scheme. The experimental results confirm the effectiveness of the proposed structure in countering PUF modeling attacks.

Neural Network Physical Unclonable Function (NN-PUF) has been proposed for the secure implementation of Edge AI. This study evaluates the tamper resistance of NN-PUF against machine learning attacks. The machine learning attack in this study learns CPRs using deep learning. As a result of the evaluation experiment, the machine learning attack predicted about 82% for CRPs. Therefore, this study revealed that NN-PUF is vulnerable to machine learning attacks.

Strong physical unclonable function (PUF) is a promising lightweight hardware security primitive for device authentication. However, it is vulnerable to machine learning attacks. This paper demonstrates that even a recently proposed dual-mode PUF is still can be broken. In order to improve the security, this paper proposes a highly flexible machine learning resistant configurable tristate (CT) PUF which utilizes the response generated in the working state of Arbiter PUF to XOR the challenge input and response output of other two working states (ring oscillator (RO) PUF and bitable ring (BR) PUF). The proposed CT PUF is implemented on Xilinx Artix-7 FPGAs and the experiment results show that the modeling accuracy of logistic regression and artificial neural network is reduced to the mid-50%.

Achieving efficient and secure accesses to real-time information from the designated IoT node is the fundamental key requirement for the applications of the Internet of Things. However, IoT nodes are prone to physical attacks, public channels reveal the sensitive information, and gateways that manage the IoT nodes suffer from the single-point failure, thereby causing the security and privacy problems. In this paper, a blockchain-based user remote authentication scheme using physical unclonable functions (PUFs) is proposed to overcome these problems. The PUFs provide physically secure identities for the IoT nodes and the blockchain acts as a distributed database to manage the key materials reliably for gateways. The security analysis is conducted and shows that our scheme realizes reliable security features and resists various attacks. Furthermore, a prototype was implemented to prove our scheme is efficient, scalable, and suitable for IoT scenarios.

A Field Programmable Gate Array (FPGA) is a digital Integrated Circuit made up of interconnected functional blocks, which can be programmed by the end-user to perform required logic functions. As FPGAs are re-programmable, partially re-configurable and have lowertime to market, FPGA has become a vital component in the field of electronics. FPGAs are undergoing many security issues as the adversaries are trying to make profits by replicating the original design, without any investment. The major security issues are cloning, counterfeiting, reverse engineering, Physical tampering, and insertion of malicious components, etc. So, there is a need for security of FPGAs. A Secret key must be embedded in an IC, to provide identification and authentication to it. Physical Unclonable Functions (PUFs) can provide these secret keys, by using the physical properties of the chip. These physical properties are not reproducible even by the manufacturer. Hence the responses produced by the PUF are unique for every individual chip. The method of generating unique binary signatures helps in cryptographic key generation, digital rights management, Intellectual Property (IP) protection, IC counterfeit prevention, and device authentication. The PUFs are very promising in signature generation in the field of hardware security. In this paper, the secret binary responses is generated with the help of a delay based Ring Oscillator PUF, which does not use a clock circuit in its architecture.

In today's world privacy is paramount in everyone's life. Alongside the growth of IoT (Internet of things), wearable devices are becoming widely popular for real-time user monitoring and wise service support. However, in contrast with the traditional short-range communications, these resource-scanty devices face various vulnerabilities and security threats during the course of interactions. Hence, designing a security solution for these devices while dealing with the limited communication and computation capabilities is a challenging task. In this work, PUF (Physical Unclonable Function) and lightweight cryptographic parameters are used together for performing two-way authentication between wearable devices and smartphone, while the simultaneous verification is performed by providing yoking-proofs to the Cloud Server. At the end, it is shown that the proposed scheme satisfies many security aspects and is flexible as well as lightweight.

Physical Unclonable Function is an innovative hardware security primitives that exploit the physical characteristics of a physical object to generate a unique identifier, which play the role of the object's fingerprint. Silicon PUF, a popular type of PUFs, exploits the variation in the manufacturing process of integrated circuits (ICs). It needs an input called challenge to generate the response as an output. In addition, of classical attacks, PUFs are vulnerable to physical and modeling attacks. The performance of the PUFs is measured by several metrics like reliability, uniqueness and uniformity. So as an evidence, the main goal is to provide a complete tool that checks the strength and quantifies the performance of a given physical unconscionable function. This paper provides a tool and develops a set of metrics that can achieve safely the proposed goal.

With the increasing prevalent of digital devices and their abuse for digital content creation, forgeries of digital images and video footage are more rampant than ever. Digital forensics is challenged into seeking advanced technologies for forgery content detection and acquisition device identification. Unfortunately, existing solutions that address image tampering problems fail to identify the device that produces the images or footage while techniques that can identify the camera is incapable of locating the tampered content of its captured images. In this paper, a new perceptual data-device hash is proposed to locate maliciously tampered image regions and identify the source camera of the received image data as a non-repudiable attestation in digital forensics. The presented image may have been either tampered or gone through benign content preserving geometric transforms or image processing operations. The proposed image hash is generated by projecting the invariant image features into a physical unclonable function (PUF)-defined Bernoulli random space. The tamper-resistant random PUF response is unique for each camera and can only be generated upon triggered by a challenge, which is provided by the image acquisition timestamp. The proposed hash is evaluated on the modified CASIA database and CMOS image sensor-based PUF simulated using 180 nm TSMC technology. It achieves a high tamper detection rate of 95.42% with the regions of tampered content successfully located, a good authentication performance of above 98.5% against standard content-preserving manipulations, and 96.25% and 90.42%, respectively, for the more challenging geometric transformations of rotation (0 360°) and scaling (scale factor in each dimension: 0.5). It is demonstrated to be able to identify the source camera with 100% accuracy and is secure against attacks on PUF.

Physical unclonable functions(PUFs) are widely used as hardware root-of-trust to secure IoT devices, data and services. A PUF exploits inherent randomness introduced during manufacturing to give a unique digital fingerprint. Static Random-Access Memory (SRAM) based PUFs can be used as a mature technology for authentication. An SRAM with a number of SRAM cells gives an unrepeatable and random pattern of 0's and 1's during power on. As it is a unique pattern, it can be called as SRAM fingerprint and can be used as a PUF. The chance of producing more number of same values (either zero or one) is higher during power on. If a particular value present at almost all the cell during power on, it will lead to the dominance of either zero or one in the cryptographic key sequence. As the cryptographic key is generated by randomly taking address location of SRAM cells, (the subset of power on values of all the SRAM cells)the probability of occurring the same sequence most of the time is higher. In order to avoid that situation, SRAM should have to produce an equal number of zeros and ones during power on. SRAM PUF is implemented in Cadence Virtuoso tool. To generate equal zeros and ones during power on, variations can be done in the physical dimensions and to increase the stability body biasing can be effectively done.

The manufacturing of integrated circuits (IC) outside of the design houses makes it possible for the adversary to easily perform a reverse engineering attack against intellectual property (IP)/IC. The aim of this attack can be the IP piracy, overproduction, counterfeiting or inserting hardware Trojan (HT) throughout the supply chain of the IC. Preventing hardware Trojan insertion is a significant issue in the context of hardware security (HS) and has not been considered in most of the previous logic encryption methods. To eliminate this problem, in this paper an Anti-Trojan insertion algorithm is presented. The idea is based on the fact that reducing the signals with low-observability (LO) and low-controllability (LC) can prevent HT insertion significantly. The security of logic encryption methods depends on the algorithm and the encryption key. However, the security of these methods has been compromised by SAT attacks over recent years. SAT attacks, can decode the correct key from most logic encryption techniques. In this article, by using the PUF-based encryption, the applied key in the encryption is randomized and SAT attack cannot be performed. Based on the output of PUF, a unique encryption has been made for each chip that preventing from counterfeiting and IP piracy.

In many industry Internet of Things applications, resources like CPU, memory, and battery power are limited and cannot afford the classic cryptographic security solutions. Silicon physical unclonable function (PUF) is a lightweight security primitive that exploits manufacturing variations during the chip fabrication process for key generation and/or device authentication. However, traditional weak PUFs such as ring oscillator (RO) PUF generate chip-unique key for each device, which restricts their application in security protocols where the same key is required to be shared in resource-constrained devices. In this article, in order to address this issue, we propose a PUF-based key sharing method for the first time. The basic idea is to implement one-to-one input-output mapping with lookup table (LUT)-based interstage crossing structures in each level of inverters of RO PUF. Individual customization on configuration bits of interstage crossing structure and different RO selections with challenges bring high flexibility. Therefore, with the flexible configuration of interstage crossing structures and challenges, crossover RO PUF can generate the same shared key for resource-constrained devices, which enables a new application for lightweight key sharing protocols.

Field-programmable gate arrays (FPGAs) are widely applied in various fields for its merit of reconfigurability. The reusable intellectual property (IP) design blocks are usually adopted in the more complex FPGA designs to shorten design cycle. IP infringement hence becomes a concern. In this paper, we propose a new pay-per-use scheme using the lock and key mechanism for the protection of FPGA IP. Physical Unclonable Function (PUF) is adopted to generate a unique ID for each IP instance. An extra Finite State Machine (FSM) is introduced for the secure retrieval of PUF information by the FPGA IP vendor. The lock is implemented on the original FSM. Only when the FPGA developer can provide a correct license, can the FSM be unlocked and start normal operation. The FPGA IP can hence be protected from illegal use or distribution. The scheme is applied on some benchmarks and the experimental results show that it just incurs acceptably low overhead while it can resist typical attacks.