Patent Grant
12131800
Physically Unclonable Function (PUF) cells are utilized in digital devices to generate a master key (bit pattern) that is applied to generate other keys utilized for (for example) encryption and decryption. The PUF cells in different devices comprise a similar circuit structure but utilize the process variation of individual circuit die to generate unique keys in each device.
To easily identify the discussion of any particular element or act, the most significant digit or digits in a reference number refer to the figure number in which that element is first introduced.
Instantaneous noise levels and other environmental variations in a device may cause the output of PUF cells to flip (change value) between uses. For consistent operation, the randomness of the PUF cell outputs is a metric to minimize. Another important consideration is the effect of voltage/temperature (V/T) on the PUF output, because the V/T interaction with the process variation is what enables the PUF functionality. Ideally, the PUF cell output is stable (does not flip) across different V/T conditions and different uses over time in noisy environments.
PUF cell embodiments utilizing a dual-interlocking scheme may demonstrate a higher noise immunity than conventional PUF cells. These dual-interlocking structures may be utilized in conjunction with error detection techniques that screen out (identify and disable) unstable cells. A set of such PUF cells may be utilized to generate a device-specific bit pattern. This bit pattern may for example be utilized as a master key for encryption.
The embodiments shown herein utilize a dual-interlocking configuration of four inverters coupled to a header device and four reset devices. One of ordinary skill in the art will readily comprehend that additional interlocking inverter pairs in addition to the two pairs illustrated herein may be implemented in analogous configurations to those shown, where such implementations offer additional stability, improved V/T response, etc.
The reset devices I5 and I6 are operated to initialize the stored state of the storage nodes Q and Qbar in the conventional PUF cell 200a.
During reset (reset signal=‘1’), the state of the storage nodes is pulled low and thereby initialized to ‘0’. Asserting the reset signal also turns the header device I4 off, disconnecting the inverters 202 from the voltage source VDD. When the reset signal goes low (reset signal=‘0’), the inverters 202 are powered up and the mismatches across these devices determines whether the structure resolves to Q=‘0’/QBar=‘1’ or Q=‘1’/QBar=‘0’.
Because these effects are transient, readings of the conventional PUF cell 200a after stabilizing from a reset may vary. Temporal majority voting may be applied to average out transient noise effects but this increases complexity of the overall system.
The storage cells comprise four inverters 306 arranged into a dual-interlocked arrangement 304. Each of the inverters 306 comprises a PFET and an NFET jointed at a midpoint node. A dual-interlock is a configuration in which the gates of each transistor in each inverter are driven by the mid-point node of a different inverter. The header device I8 controls the coupling of the inverters 306 and the voltage source VDD. The reset devices 202 (I9-I12) initialize the circuit to a known state during assertion of a RESET signal.
Applying a reset signal=‘1’ removes power from the inverters 306 and the NMOS reset devices 302 turn ON, draining charge from the storage nodes Q0-Q3. The dual-interlocked PUF cell 300a is brought out of a reset state by setting the reset signal low (reset signal=‘0’), turning header device I8 on and reset devices 302 I9-I12 off. Mismatches across the devices of the dual-interlocked arrangement 304 determine the state that each storage node Q0-Q3 settles into. The Q0/Q2 and Q1/Q3 storage node pairs, respectively, will settle and latch to the same logic state (Q0=Q2 and Q1=Q3).
The dual-interlocked PUF cell 300a demonstrates greater noise immunity over the conventional PUF cell 200a. This is due to the pairs of storage nodes (Q0/Q2 and Q1/Q3) determining the final state (as opposed to single storage node in the SRAM-based conventional PUF cell 200a). Noise effects on the strengths of individual transistors are less inclined to effectuate a toggling of the output state of the dual-interlocked PUF cell 300a.
An important consideration for PUF design is stability of the cells under different V/T conditions. An mechanism may be implemented to identify PUF cells that are more likely to be unstable across variations in V/T. These potentially unstable cells may be masked (disabled and/or removed from use in generation of bits for a multi-bit pattern).
In general, the logic 402 may be part of the device comprising the PUF cells, or separate from it (e.g., the logic 402 may be implemented in automated test equipment separately from the device with the PUF cells).
In bypassed mode, transistors I2, I3, I6, and I7 are electrically parallel to transistors I0, I1, I4, and I5 respectively. This facilitates an averaging of transistors' strengths.
The unstable cell detection mechanism may be carried out as follows. A sampling of dual-interlocked PUF cell 300a is performed at a selected voltage and temperature with switches 400 OFF followed by another sampling with switches 400 ON. If the output of the dual-interlocked PUF cell 300a is the same for both samplings, the cell is favoring a ‘0’ or ‘1’ state more strongly and is more likely to be stable across temperature and voltage. In contrast, if the output of the dual-interlocked PUF cell 300a is different between the two samplings, the cell is more likely to change its state as voltage and temperature is changed.
In another embodiment, the dual-interlocked PUF cell 300a may be disposed in a re-configurable fashion. The dual-interlocked PUF cell 300a may be sampled multiple times in interlocked mode (switches 400 of
By making VDD2 higher (or lower) than VDD through the operation of variable voltage source 502, transistor strengths may be adjusted, and stability of the cell may be tested. For example, by making VDD2 higher (e.g., 5-15% higher) than VDD, I4 and I6 are made stronger, which favors a Q1/Q3=‘0’ state for the storage nodes in the cell. Conversely, making VDD higher than VDD2 by 5%-15% may be used to favor a Q0/Q2=‘0’ output state for the storage nodes.
Other mechanisms may be utilized to adjust the strengths of the transistors to skew a PUF cell to favor a particular state. For example, additional devices may be added in parallel with the inverters 504 with appropriate switches to make them stronger. In another embodiment, logic may be used to adjust a relative arrival time of a plurality of reset signals to initialize the PUF cell.
For example, the arrival of reset signals to header devices I8 and I13 may be adjusted to change the time these devices start to turn on. The delay may be, e.g., on the order of the fan-out-four (FO4) delay of the inverters 504. In one embodiment, the reset signal to I8 may arrive 10 to 20 picoseconds before a delayed reset signal to I13 (or vice versa). This asymmetry of reset may to enhance or weaken stability to reveal an instability in the dual-interlocked PUF cell 500, similar to that revealed by the asymmetry of voltage sources discussed above.
A second sampling of the PUF cell at a selected voltage and temperature is performed at block 604 with the switches ON. At decision block 606, the outputs (storage node states) generated at block 602 and block 604 may be assessed. If the outputs from both samplings are the same, the PUF cell is identified as stable cell for purposes of contributing to a bit pattern, e.g., a master key (block 608). If the outputs from the two samplings are not the same, the PUF cell is identified as unstable/unusable at block 610, and is disabled or disqualified from contributing to a bit pattern (block 612).
At decision block 706, the outputs (storage node states) generated at block 702 and block 704 may be assessed, and it may be determined which mode generates more consistent outputs. If (on condition that) the outputs from block 702 are more consistent, the PUF cell may be configurated to contribute to a multi-bit pattern in the first mode at block 708. If the outputs from block 704 are more consistent, the PUF cell may be configurated to contribute to a multi-bit pattern in the second mode at block 710.
Various functional operations described herein may be implemented in logic that is referred to using a noun or noun phrase reflecting said operation or function. For example, an association operation may be carried out by an “associator” or “correlator”. Likewise, switching may be carried out by a “switch”, selection by a “selector”, and so on. “Logic” refers to machine memory circuits and non-transitory machine readable media comprising machine-executable instructions (software and firmware), and/or circuitry (hardware) which by way of its material and/or material-energy configuration comprises control and/or procedural signals, and/or settings and values (such as resistance, impedance, capacitance, inductance, current/voltage ratings, etc.), that may be applied to influence the operation of a device. Magnetic media, electronic circuits, electrical and optical memory (both volatile and nonvolatile), and firmware are examples of logic. Logic specifically excludes pure signals or software per se (however does not exclude machine memories comprising software and thereby forming configurations of matter).
Within this disclosure, different entities (which may variously be referred to as “units,” “circuits,” other components, etc.) may be described or claimed as “configured” to perform one or more tasks or operations. This formulation—[entity] configured to [perform one or more tasks]—is used herein to refer to structure (i.e., something physical, such as an electronic circuit). More specifically, this formulation is used to indicate that this structure is arranged to perform the one or more tasks during operation. A structure can be said to be “configured to” perform some task even if the structure is not currently being operated. A “credit distribution circuit configured to distribute credits to a plurality of processor cores” is intended to cover, for example, an integrated circuit that has circuitry that performs this function during operation, even if the integrated circuit in question is not currently being used (e.g., a power supply is not connected to it). Thus, an entity described or recited as “configured to” perform some task refers to something physical, such as a device, circuit, memory storing program instructions executable to implement the task, etc. This phrase is not used herein to refer to something intangible.
The term “configured to” is not intended to mean “configurable to.” An unprogrammed FPGA, for example, would not be considered to be “configured to” perform some specific function, although it may be “configurable to” perform that function after programming.
Reciting in the appended claims that a structure is “configured to” perform one or more tasks is expressly intended not to invoke 35 U.S.C. § 112(f) for that claim element. Accordingly, claims in this application that do not otherwise include the “means for” [performing a function] construct should not be interpreted under 35 U.S.C § 112(f).
As used herein, the term “based on” is used to describe one or more factors that affect a determination. This term does not foreclose the possibility that additional factors may affect the determination. That is, a determination may be solely based on specified factors or based on the specified factors as well as other, unspecified factors. Consider the phrase “determine A based on B.” This phrase specifies that B is a factor that is used to determine A or that affects the determination of A. This phrase does not foreclose that the determination of A may also be based on some other factor, such as C. This phrase is also intended to cover an embodiment in which A is determined based solely on B. As used herein, the phrase “based on” is synonymous with the phrase “based at least in part on.”
As used herein, the phrase “in response to” describes one or more factors that trigger an effect. This phrase does not foreclose the possibility that additional factors may affect or otherwise trigger the effect. That is, an effect may be solely in response to those factors, or may be in response to the specified factors as well as other, unspecified factors. Consider the phrase “perform A in response to B.” This phrase specifies that B is a factor that triggers the performance of A. This phrase does not foreclose that performing A may also be in response to some other factor, such as C. This phrase is also intended to cover an embodiment in which A is performed solely in response to B.
As used herein, the terms “first,” “second,” etc. are used as labels for nouns that they precede, and do not imply any type of ordering (e.g., spatial, temporal, logical, etc.), unless stated otherwise. For example, in a register file having eight registers, the terms “first register” and “second register” can be used to refer to any two of the eight registers, and not, for example, just logical registers 0 and 1.
When used in the claims, the term “or” is used as an inclusive or and not as an exclusive or. For example, the phrase “at least one of x, y, or z” means any one of x, y, and z, as well as any combination thereof.
As used herein, a recitation of “and/or” with respect to two or more elements should be interpreted to mean only one element, or a combination of elements. For example, “element A, element B, and/or element C” may include only element A, only element B, only element C, element A and element B, element A and element C, element B and element C, or elements A, B, and C. In addition, “at least one of element A or element B” may include at least one of element A, at least one of element B, or at least one of element A and at least one of element B. Further, “at least one of element A and element B” may include at least one of element A, at least one of element B, or at least one of element A and at least one of element B.
The subject matter of the present disclosure is described with specificity herein to meet statutory requirements. However, the description itself is not intended to limit the scope of this disclosure. Rather, the inventors have contemplated that the claimed subject matter might also be embodied in other ways, to include different steps or combinations of steps similar to the ones described in this document, in conjunction with other present or future technologies. Moreover, although the terms “step” and/or “block” may be used herein to connote different elements of methods employed, the terms should not be interpreted as implying any particular order among or between various steps herein disclosed unless and except when the order of individual steps is explicitly described.
Having thus described illustrative embodiments in detail, it will be apparent that modifications and variations are possible without departing from the scope of the invention as claimed. The scope of inventive subject matter is not limited to the depicted embodiments but is rather set forth in the following Claims.
| Number | Name | Date | Kind |
|---|---|---|---|
| 6118869 | Kelem et al. | Sep 2000 | A |
| 6873551 | Bedarida et al. | Mar 2005 | B2 |
| 7492630 | Scheuerlein et al. | Feb 2009 | B2 |
| 7495947 | Scheuerlein et al. | Feb 2009 | B2 |
| 7522448 | Scheuerlein et al. | Apr 2009 | B2 |
| 7719874 | Scheuerlein et al. | May 2010 | B2 |
| 8981810 | Trimberger et al. | Mar 2015 | B1 |
| 9213835 | Lesea et al. | Dec 2015 | B2 |
| 9276583 | Satpathy et al. | Mar 2016 | B1 |
| 9279856 | Laackmann et al. | Mar 2016 | B2 |
| 9355743 | Ghosh et al. | May 2016 | B2 |
| 9369277 | Augustine et al. | Jun 2016 | B2 |
| 9698611 | Li et al. | Jul 2017 | B2 |
| 9768757 | Gaspard | Sep 2017 | B1 |
| 9947391 | Mahatme et al. | Apr 2018 | B1 |
| 10224931 | Wang et al. | Mar 2019 | B1 |
| 10439613 | Karpinskyy et al. | Oct 2019 | B2 |
| 10439829 | Lin et al. | Oct 2019 | B1 |
| 10553886 | Buelte et al. | Feb 2020 | B2 |
| 10574469 | Garni et al. | Feb 2020 | B1 |
| 10644712 | Cai et al. | May 2020 | B2 |
| 10714199 | Bill | Jul 2020 | B1 |
| 10764069 | Hurwitz | Sep 2020 | B1 |
| 11171793 | Schat | Nov 2021 | B2 |
| 11411563 | Kudva et al. | Aug 2022 | B1 |
| 20020170146 | Thompson | Nov 2002 | A1 |
| 20150192637 | Falk et al. | Jul 2015 | A1 |
| 20160285639 | Mathew et al. | Sep 2016 | A1 |
| 20160329897 | Gu | Nov 2016 | A1 |
| 20170047917 | Heo et al. | Feb 2017 | A1 |
| 20170272258 | Tanamoto et al. | Sep 2017 | A1 |
| 20180218177 | Kuenemund et al. | Aug 2018 | A1 |
| 20190068190 | Karpinskyy et al. | Feb 2019 | A1 |
| 20190116052 | Kim | Apr 2019 | A1 |
| 20190165956 | Adham et al. | May 2019 | A1 |
| 20200044872 | Willsch et al. | Feb 2020 | A1 |
| 20210135886 | Lee | May 2021 | A1 |
| 20210328818 | Sonntag | Oct 2021 | A1 |
| 20210336804 | Parhi et al. | Oct 2021 | A1 |
| 20220052691 | Borrel et al. | Feb 2022 | A1 |
| 20220271752 | Kudva et al. | Aug 2022 | A1 |
| 20220271951 | Kudva et al. | Aug 2022 | A1 |
| 20220271952 | Kudva et al. | Aug 2022 | A1 |
| Number | Date | Country |
|---|---|---|
| 110020557 | Jul 2019 | CN |
| 108734030 | Jul 2020 | CN |
| 111723408 | Sep 2020 | CN |
| 2022101293606 | Feb 2022 | CN |
| 2022101293644 | Feb 2022 | CN |
| 1020221035123 | Feb 2022 | DE |
| 1020221042820 | Feb 2022 | DE |
| 3640945 | Mar 2021 | EP |
| 110111882 | Mar 2021 | TW |
| Entry |
|---|
| U.S. Appl. No. 17/481,154, Sep. 21, 2021, Sudhir Shrikantha Kudva. |
| U.S. Appl. No. 17/546,438, Dec. 9, 2021, Sudhir Shrikantha Kudva. |
| 108-0436-TW_Jul. 14, 2022_Second Office Action. |
| 20-SC-0535TW01 Official Communication Taiwan Intellectual Property Office First Office Action dated Apr. 7, 2022. |
| Calin et al, Upset Hardened Memory Design for Submicron CMOS Technology, IEEE Transactions on Nuclear Science, Dec. 1996, pp. 2874-2878, vol. 43, No. 6, Grenoble, France. |
| He et al, An Automatic Self-Checking and Healing Physically Unclonable Function (PUF), ISSCC 2021, Rice University, Houston, TX. |
| NPL_Alam et al_ Challenges and Opportunities in Analog and Mixed Signal(AMS) Integrated Circuit (IC) Security_11272017_ pp. 16-32_Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32603, USA. |
| NPL_Matthew et al _ “PVT-Variation-Tolerant Hybrid Physically Unclonable Function Circuit for 100% Stable Secure Key Generation in 22nm CMOS”_ Feb. 11, 2014 _ pp. 278-280. |
| Shifman et al, A Method to Improve Reliability in a 65-nm SRAM PUF Array, IEEE Solid-State Circuits Letters, Jun. 2018, pp. 138-141, vol. 1, No. 6. |
| Su et al, A Digital 1.6 pJ/bit Chip Identification Circuit Using Process Variations, IEEE Journal of Solid-State Circuits, Jan. 2008, pp. 69-77, vol. 43, No. 1. |
| Yang et al, A Physically Unclonable Function with BER <10 ∧ 8 for Robust Chip Authentication Using Oscillator Collapse in 40nm CMOS, ISSCC 2015, University of Michigan, Ann Arbor, MI. |
| Number | Date | Country | |
|---|---|---|---|
| 20240161800 A1 | May 2024 | US |
