The present invention relates generally to physical unclonable functions, and more particularly to reducing the amount of helper data in silicon physical unclonable functions via lossy compression without production-time error characterization.
In cryptography, a physical unclonable function (“PUF”) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Such PUFs may be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it.
PUFs depend on the uniqueness of their physical microstructure. This microstructure depends on random physical factors introduced during manufacturing. These factors are unpredictable and uncontrollable which makes it virtually impossible to duplicate or clone the structure.
Rather than embodying a single cryptographic key, PUFs implement challenge-response authentication to evaluate this microstructure. When a physical stimulus is applied to the structure, it reacts in an unpredictable (but repeatable) way due to the complex interaction of the stimulus with the physical microstructure of the device. This exact microstructure depends on physical factors introduced during manufacture which are unpredictable (like a fair coin). The applied stimulus is called the challenge, and the reaction of the PUF is called the response. A specific challenge and its corresponding response together form a challenge-response pair (“CRP”). The device's identity is established by the properties of the microstructure itself. As this structure is not directly revealed by the challenge-response mechanism, such a device is resistant to spoofing attacks. In some PUFs, such as “weak PUFs,” the challenge is a simple act of powering up a circuit.
The key distinction among different PUF constructions is between strong and weak PUFs, based on the rate at which the number of CRPs grows with the size of physical realization of a PUF. Weak PUFs are characterized by a small number of CRPs while strong PUFs are systems with a large number or even exponential number of CRPs.
Silicon physical unclonable functions (PUFs) are widely used in emerging hardware security applications, such as device identification, authentication, and cryptographic key generation. As discussed above, PUFs generate unique randomness by exploiting inherent random process variation during fabrication. Among them, Static Random-Access Memory (SRAM) PUFs that produce unique signatures with power-up states are appealing because SRAMs are widely available standard components in a multitude of existing integrated circuits (ICs).
However, the major challenge of utilizing silicon PUFs, including SRAM PUFs, lies in the reliability of responses. Ideally, an SRAM PUF bit produces a unique and identical power-up value under each evaluation. In fact, power-up is a cell-specific stochastic process determined jointly by device mismatch, instantaneous noise, and environment variation.
The standard method to ensure PUF reliability in the key derivation context is to use a fuzzy extractor that utilizes an error correction code (ECC). A fuzzy extractor algorithm involves two phases: enrollment and reconstruction. During enrollment, an ECC is used to encode raw PUF responses and compute the code syndrome to be used as helper data for reconstruction. The helper data is assumed to be public and is stored in non-volatile memory.
In some applications of PUF-based key generation for original silicon manufacturers, one-time-programmable (OTP) memory (e.g., fuses) is preferred as it cannot be modified by an adversary. In these settings, the helper data needs to be stored on-die, prior to the package-level or board-level resources (e.g., high-capacity Flash memory) are available. However, in many platforms, e.g., field-programmable gate arrays (FPGAs), the amount of OTP memory available is severely limited. As a result, the amount of required helper data should be reduced.
In one embodiment of the present invention, a method for reducing the amount of helper data that needs to be stored comprises determining individual cell bit-error-rates of a physical unclonable function. The method further comprises formulating a lossy compression problem using the determined individual cell bit-error-rates of the physical unclonable function. The method additionally comprises solving the formulated lossy compression problem. Furthermore, the method comprises storing a solution to the formulated lossy compression problem as a map representing reliable cells in a memory of a physical unclonable function system. Additionally, the method comprises constructing helper data to be utilized by a fuzzy extractor using the map representing reliable cells and error correction code helper data.
Other forms of the embodiment of the method described above are in a system and in a computer program product.
In another embodiment of the present invention, a method for reducing the amount of helper data that needs to be stored comprises extracting distribution of cells' across-temperature bit-error-rates using a population-based analysis at a technology development phase. The method further comprises measuring only nominal one-probabilities for each cell at a production phase. The method additionally comprises using the population-based analysis of the cells' across-temperature bit-error-rates for the measured nominal one-probabilities for each cell to derive a confidence level for an average across-temperature bit-error-rate of a set of cells. Furthermore, the method comprises optimizing a fuzzy extractor by identifying a subset of more reliable bits out of a population of physical unclonable function bits using the derived confidence level for the average across-temperature bit-error-rate of the set of cells.
Other forms of the embodiment of the method described above are in a system and in a computer program product.
In a further embodiment of the present invention, a method for helper data size reduction for strong physical unclonable functions comprises generating pseudo random numbers. The method further comprises inputting the generated pseudo random numbers to a strong physical unclonable function which outputs a set of responses to the inputted pseudo random numbers as input challenges that are stored in a one-dimensional indexed array. The method additionally comprises applying compression and confidence interval estimation techniques to form a compact representation of challenge response pairs of the strong physical unclonable function as entries of the array. Furthermore, the method comprises storing the representation as reduced helper data in a memory of a physical unclonable function system.
Other forms of the embodiment of the method described above are in a system and in a computer program product.
The foregoing has outlined rather generally the features and technical advantages of one or more embodiments of the present invention in order that the detailed description of the present invention that follows may be better understood. Additional features and advantages of the present invention will be described hereinafter which may form the subject of the claims of the present invention.
A better understanding of the present invention can be obtained when the following detailed description is considered in conjunction with the following drawings, in which:
As discussed in the Background section, the standard method to ensure PUF reliability in the key derivation context is to use a fuzzy extractor that utilizes an error correction code. A fuzzy extractor algorithm involves two phases: enrollment and reconstruction. During enrollment, an ECC is used to encode raw PUF responses and compute the code syndrome or code offset to be used as helper data for reconstruction. The helper data is assumed to be public and is stored in non-volatile memory. For key generation applications for original semiconductor manufacturers, helper data needs to be stored on the silicon die, prior to the package-level and/or board-level resources becoming available. Thus, for original semiconductor companies, one-time-programmable (OTP) memory (e.g., fuses) is preferred. An additional advantage of OTP is that it cannot be easily modified by an adversary. However, in many platforms, e.g., FPGAs, the amount of OTP memory available is severely limited. As a result, the amount of required helper data should be reduced.
The present invention allows a significant reduction of helper data size (HDS) through two innovative techniques. The first technique uses bit-error-rate (BER)-aware lossy compression by treating a fraction of the reliable bits as unreliable thereby effectively reducing the size of the map needed to represent these bits. With the view of practical costs of production-time error characterization, the second technique enables economically feasible across-temperature per-bit BER evaluation for use in a number of fuzzy extractor optimizations based on bit-selection to reduce overall BER (with or without subsequent compression) using room-temperature only production-time characterization. The method is based on stochastic concentration theory and allows efficient formation of confidence intervals for true average worst-case BER of a selected set of bits.
As discussed below in greater detail, the present invention proposes two innovative techniques based on lossy compression to reduce the total HDS dramatically and optimality. The first technique of lossy compression involves sacrificing a certain fraction of reliable bits by treating them as unreliable thereby leading to effective compression and large HDS reduction. In one embodiment, the present invention minimizes HDS when complete bit-specific error information is available across a range of operating conditions. To achieve that, a two-phase joint BER minimization and reliability mask compression algorithm is developed. A derived codebook is used to select a better solution that minimizes the overall average error of selected bits. This is done via the formulation using an integer linear programming problem (ILP). By utilizing the Lagrangian relaxation heuristics, the proposed ILP formulation can be decomposed into small separable sub-problems with efficient greedy-based linear-time solutions. Moreover, the proposed lossy compression algorithm does not leak any information about the key material.
The benefits of the technique are significant. Consider deriving a 128-bit key with a failure rate of 10−6 from the SRAM cells with an average BER of 10.22%. A direct implementation of fuzzy extractor requires 1060 raw source bits and 932 OTP bits for helper data. A bit-selection scheme with lossless compression reduces the helper data to 288 bits. After the proposed lossy compression, only 206 bits of HDS are needed, which is a 25% reduction, though at the cost of doubling the number of raw bits.
However, the approach above requires a possibly expensive BER characterization effort in which the reliability information under all possible conditions for each bit of each production PUF chip is extracted. Worst-case BER characterization across all working conditions may be unacceptably costly in a production environment.
The second technique practically enables multiple fuzzy extractor optimization strategies, which include lossy compression as described, other lossy compression strategies, lossless compression, or no compression methods (e.g., dark bit masking) that operate by identifying a subset of more reliable bits out of a population of all PUF bits. The second technique allows economically feasible across-temperature BER characterization operation via a construction of a tight confidence interval of the worst-case BER using multidimensional statistics. This is enabled by the observation that across-temperature (worst-case) BERs are correlated with their nominal-temperature one-probabilities for stable cells. The present invention performs a one-time large sample characterization experiment, predicts the average worst-case BERs based on nominal one-probabilities, and allows fuzzy extractor optimization strategies using the obtained confidence interval of the average worst-case BER for selected cells. By utilizing a stochastic concentration inequality, it is shown that for SRAM cells with sufficient size, the true average worst-case BER can be accurately estimated. The accuracy of estimation enables the guarantee of key reconstruction with overwhelmingly high probability.
The result is dramatic: compared to the maskless alternative, the method of the present invention still results in an overall 2.3× helper data reduction for extracting a 128-bit key and a 3× reduction for a 256-bit key, while allowing key reconstruction to fail in only 100.5 cases.
Referring now to the Figures in detail,
PUF system 100 further includes a reading circuit 102 for reading the contents from SRAM PUF 101.
Furthermore, PUF system 100 includes a PUF control logic 103 connected to reading circuit 102. PUF control logic 103 may be implemented in hardware on an integrated circuit. PUF control logic 103 may comprise a data processor (e.g., a central processing unit) for executing a software program to obtain the functionality of PUF control logic 103.
Additionally, PUF system 100 includes a memory 104 connected to PUF control logic 103. In one embodiment, memory 104 is non-volatile, writable memory, such as a flash memory, EPROM memory, EEPROM, e-fuses, etc. In one embodiment, memory 104 is a one-time-programmable (OTP) memory. In one embodiment, memory 104 stores helper data (further discussion of helper data provided below). In one embodiment, memory 104 stores a program for reducing the amount of helper data that needs to be stored as discussed below in connection with
In one embodiment, the program for reducing the amount of helper data that needs to be stored, as discussed below in connection with
In one embodiment, PUF control logic 103 is configured to receive the PUF data read by reading circuit 102 and to receive helper data from memory 104. Using a helper data algorithm (also referred to as a fuzzy extractor), which may be executed on PUF control logic 103, the PUF data obtained is processed using the helper data. As a result of this processing, the variation which may be present in the PUF data, is removed.
An explanation of using SRAM PUF 101 to create a cryptographic key involving the enrollment and reconstruction phases is discussed further below in connection with
A discussion regarding the PUF-based key generation algorithm based on the fuzzy extractor (consists of two phases: enrollment and reconstruction) is now deemed appropriate.
Referring to the BER modeling and characterization, cell i is defined with the one-probability pi(T, Vdd) as the probability of returning a 1 from one random power up under temperature T and supply voltage Vdd. The enrollment response Xi's are derived via majority voting under nominal voltage and temperature: Xi=1 if pi(Tref, Vddref)>0.5 and Xi=0 otherwise. BER pei(T, Vdd) can be derived from one probability pi(T, Vdd) and enrollment response Xi accordingly: pei(T, Vdd)=pi(T, Vdd) if Xi=0 and pei(T, Vdd)=1−pi(T, Vdd) if Xi=1. To guarantee key reconstruction under all possible environmental condition, one needs to ensure that even with the worst-case BERs pwi, defined by
the key is reproduced reliably.
Referring to
Typical cryptographic applications pose security requirements on X in terms of conditional min-entropy H∞(X|W). Introduction of helper data inevitably discloses partial information on the source bits X, and the left-over entropy of X conditioned on W is given by:
H∞(X|W)≥H∞(X)−(n−k).
The practical overhead of implementing fuzzy extractors depends on the choice of an error correction code which is largely determined by PUF noise level. For a given security level and reconstruction failure probability, helper data length of code syndrome scales quickly with the increase of the bit-error-rate (BER). For n bit responses with uniform BER pe, the Hamming distance HD(X,X1) follows a binomial distribution B(n,pe). Therefore, the failure rate PFail of reconstruction is
where F(t;n,pe) denotes the corresponding cumulative distribution function (CDF) of B(n,pe). For PUF responses with heterogeneous BERs (pe1, pe2, . . . , pen), Hamming distance HD(X,X1) follows a Poisson binomial distribution. In one embodiment, the present invention uses a binomial distribution with peas the average
pe=Σi=1npei/n
as an approximation of the corresponding Poisson binomial distribution.
For ECCs with fixed block length n, there is a fundamental trade-off between dimension k and the error correction capacity t. Many SRAM PUF designs utilize concatenated codes with repetition codes as inner code and (shortened) BCH codes as outer code in the implementation of the fuzzy extractor. Concatenated codes are typically more efficient than single codes in terms of code length and HDS.
As discussed above, the program for reducing the amount of helper data that needs to be stored as discussed below in connection with
Referring now to
Referring again to
Computing device 300 may further include a communications adapter 309 coupled to bus 302. Communications adapter 309 interconnects bus 302 with an outside network thereby enabling computing device 300 to communicate with other devices.
Computing device 300 of
The present invention may be a system, a method, and/or a computer program product. The computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
The computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. A non-exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing. A computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network. The network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction-set-architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++ or the like, and conventional procedural programming languages, such as the “C” programming language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider). In some embodiments, electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.
These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts or carry out combinations of special purpose hardware and computer instructions.
The principles of the present invention provide a means for reducing the helper data size as discussed below in connection with
As stated above,
Method 400 is a method corresponding to the present invention's joint HDS reduction and BER minimization algorithm referred above. The essential idea is a lossy compression: extra reliable bits can be traded for reduced HDS on reliability masks.
Referring to
In step 402, a lossy compression problem is formulated to seek an optimal reliability map representation. An example of such a lossy compression problem is an integer linear programming (ILP) problem. In one embodiment, the lossy compression problem is formulated using the determined individual cell bit-error-rates of the PUF to seek an optimal mask representation. While the following discusses a formulation based on ILP and/or the solution based on generating a codebook (e.g., randomized codebook), such as based on a rate of compression and determined cell-specific BERs, the present invention is not to be limited in scope to such embodiments. Instead, the present invention may utilize other lossy compression problem formulations.
In one embodiment, the ILP seeks an optimal mapping from SRAM segments into codewords in the generated codebook. The ILP problem seeks to minimize the average worst-case error rate of selected SRAM cells under the constraint of a sufficient number of “reliable” bits retained by the ILP problem. “Reliable bits,” as used herein, refer to the bits that are retained by the compression algorithm for use in the fuzzy extractor as opposed to the low-reliability bits.
In step 403, the formulated lossy compression problem is solved. For example, a Lagrangian relaxation method is used for solving the integer linear programming problem to further reduce the number of bits storing helper data in a memory of a PUF system.
In step 404, a solution to the formulated lossy compression problem as the compressed map representing reliable cells is stored in a memory (e.g., memory 104) of the PUF system (e.g., PUF system 100).
In step 405, helper data to be utilized by the fuzzy extractor is constructed using the stored map and the error correction code helper data.
A more detailed discussion regarding method 400 is provided below in connection with the discussion of Algorithm 1.
The algorithm of the present invention, shown below in Algorithm 1, proceeds by partitioning a sequence of SRAM cells with size n into k segments, each of length 1=n/k. It consists of two phases: (1) a codebook construction step enabling compact expression of reliability masks, and (2) an error minimization step that maps the reliability mask of each segment of SRAM cells to one codeword from the codebook.
The lossy compression algorithm defines a lossy ratio D (0<D<1) as the target ratio of further discarded reliable bits. For example, C=0.5 and D=0.5 means that 50% raw bits are considered reliable and among all reliable bits 50% of them are discarded, namely, 25% of the original raw bits are finally utilized.
The codebook C is designed to contains an all-zero vector Ol and (2lR(D)−1) random sampled vectors of length l, in which R(D) is defined as:
lR(D) bits are able to represent a codeword via indexing since the codebook C has the cardinality of |C|=2lRD. Therefore, significant reduction of HDS for reliability mask requires that R(D)<<1. Each coordinate C|j|k of each non-zero codeword C|j| follows an i.i.d. binary distribution that
Pr(C[j]k=1−C±CD
Similar to masks constructed via the dark-bit masking, a “1” in a codeword means that the corresponding SRAM cell is masked as reliable and selected for the key generation.
Algorithm 1:
After the codebook construction, the second phase takes individual BERs as input and pursues an optimal mapping of reliability masks for each segment of SRAM cells, in order to achieve the overall BER minimization. The binary decision variables xij's, ∀i∈[k], j∈[|C|] are defined to indicate the encoding of the mask M[i] from the i-th segment of SRAM cells:
xij=1, iff Enc(M[i])=C[j].
As previously mentioned, encoding M[i] with a j-th codeword C[j] provides HW(C[j]) reliable output bits with the corresponding sum of BERs Sij as
in which pw,ik denotes the worst-case BER of the k-th source bit in the i-th segment M[i].
The optimization seeking the optimal effective BER under the constraint of a sufficient number of reliable output bits is formulated as an integer linear programming problem:
The objective function
effectively represents the average worst-case BER across all retained bits. To see that, consider that since the algorithm constrains on the total number of reliable bits
optimizing over the sum of BERs for reliable bits is the same as optimizing over the average BER. The constraint
implies that only one xij is assigned to 1, namely, each segment M[i] decodes to a unique codeword Cj.
A greedy heuristic can be applied to efficiently solve the proposed ILP problem via Lagrangian relaxation. The major challenge of the ILP formulation above lies in the constraint
which couples all decision variables xij's. The standard technique in constrained optimization problems is to introduce Lagrangian regularizers to move complex constraints onto the objective function. After introducing a non-negative λ, the proposed ILP formation becomes
L(λ) is denoted to be the optimal objective value with Lagrangian regularizer λ. By grouping terms with respect to xij's, solving for L(λ) can be decomposed into small sub-problems Li(λ)'s only with decision variables {xi1, xi2, . . . } inside the i-th segment,
Due to the binary constraints on xij, the i-th sub-problem Li(λ) identifies the index j with minimum (Sij−λHW(C|j|)):
The optimal choice of λ can be found via efficient binary search in interval [0,1]. Therefore, the greedy-based heuristic runs in near-linear time.
The approach discussed above leads to an optimal HDS reduction but requires a possibly expensive characterization effort in which the reliability information for each bit of every production PUF chip is extracted across all conditions.
The following is a discussion of a technique for an economically feasible process of bit-specific across-temperature BER characterization needed for HDS reduction and other fuzzy extractor optimization strategies, including lossy compression.
Referring to
In step 502, statistics, such as the mean μρ and standard deviation σρ, of the worst-case bit-error-rates for cells under the same nominal one-probability ρ, are extracted at the technology development phase.
In step 503, only nominal one-probabilities for each cell are measured at the production phase.
In step 504, the extracted mean μp is used as input for a helper data size reduction method for cells with nominal p to select reliable bits at the production phase.
In step 505, the confidence level of the true effective BER (target BER) is computed at the production phase using only statistics extracted in the technology phase and nominal p's. The following discussion is based on the average of μp for selected reliable bits being computed at the production phase but the present invention can utilize any other confidence level estimation tool. For example, the present invention may utilize
In step 506, the fuzzy extractor is optimized by identifying a subset of more reliable bits out of the population of PUF bits using the derived confidence level for the average across-temperature BER of the set of cells.
A more detailed discussion regarding method 500 is provided below.
Method 500 is a technique based on stochastic modeling of worst-case BERs to drive the lossy compression via measurements performed only under room temperature while allowing key reconstruction with overwhelmingly high probability. For every instance with obtained average BER
the reconstruction probability guarantee is met. Specifically, it is shown that for a practical number of cells involved, using the estimate of
Pr(
in which δ<<1 is the fraction of PUF chips for which reliable reconstruction cannot be guaranteed. It is shown that δ can be set to a value that ensures almost-perfect reconstruction rate, for example, δ=10−5.
This technique utilizes the correlation between maximum (worst-case) BERs with their nominal one-probabilities.
Such a technique includes performing a population-based analysis of SRAM cells at the technology development phase, to get for each cell the nominal one-probability pi and worst-case pwi with respect to enrollment under nominal temperature. For cells under each fixed nominal one-probability p, the average μp and standard deviation σp of worst-case pw's are extracted. At the production phase, individual one-probabilities pi's are measured under nominal temperature for each chip. For cells with nominal p, we use μp to estimate pw. Namely, {μp1, μp2, . . . } are sent into the HDS reduction strategies, including the lossy compression described above, instead of {pw1, pw2, . . . } to select SRAM bits as input to the fuzzy extractor. For the set of selected cells, μ
For given confidence level δ, an offset v is computed to satisfy P(
The offset v can be obtained using stochastic concentration theory, and in one rendering of the present invention using the Bennett's inequality:
A computation based on the Bennett's inequality: Let X1, X2, . . . , Xn be independent random variables with zero mean, and Xi≤1 almost surely ∀i∈[n]. Let
σ2=Σi=1n Var(Xi)/n.
Then for any t>0,
in which h(u)=(1+u) log(1+u)−u for u>0.
Xi=pwi−μpi denotes the deviation of pwi from its predicted alternative μpii, and
Var(Xi)=σp
The derivation
Take
t=ϕ(n)(Σi=1nσp
and let the upper bound for all σp of selected SRAM cells to be σ,
Therefore, it is shown that with increase of n,
Second, for given n and δ, it is shown how to derive u analytically and drive the flow iteratively by increasing n when the reliability guarantee is not met for current bit-selection. Under the proposed condition
In order to satisfy the constraint
Pr(
it is sufficient to set u=ϕ(n)σ and get
Optimal values of ϕ(n) and ν can be determined via the equation above.
As a result of the present invention, there is a dramatic reduction in the amount of helper data that needs to be stored in non-volatile memory and/or one-time-programmable memory, such as EPROM or e-Fuse. The cost of such memory is high in both silicon area (cost) and post-manufacture-time configuration. As a result of the present invention, memory consumption is reduced thereby improving the functionality or capability of a PUF system. That is, by reducing memory consumption, the efficiency of the PUF system is improved.
Furthermore, as a result of the present invention, the effective average BER that needs to be handled by error-correction coding within a fuzzy extractor is reduced. This allows a reduction of implementation cost of the fuzzy extractor.
Additionally, the present invention improves the prediction accuracy, i.e., the present invention reliability estimates the bit-error-rate of the physical unclonable function under environmental variations using high-dimensional stochastic modeling. The present invention is able to reliably estimate the worst-case error rate thereby allowing a significant cost (in terms of throughput, power, energy, silicon area, and price) reduction by enabling bit-selection based algorithms.
The following is a discussion of further applying the HDS reduction methods to strong PUFs.
Referring now to
In step 701, pseudo random numbers are generated, for example, by using linear feedback shift registers. In one embodiment, a pre-defined sequence of m-bit binary strings is generated, where m corresponds to the number of challenge bits of the strong PUF. As a result, each state of the pseudo random generator corresponds to a unique challenge response pair for the strong PUF with its unique bit-error-rate.
In step 702, the generated pseudo random numbers are inputted to the strong PUF as challenges.
In step 703, the strong PUF outputs a sequence of responses to the given input challenges above that are stored in a one-dimensional indexed array. In one embodiment, each array element in the array corresponds to the response to a unique input challenge as the state of the pseudo random generator.
In step 704, the techniques of compression and economically-feasible confidence interval estimation are applied to form a most compact representation of the sufficiently reliable challenge response pairs of the strong PUF as entries of the abstract array.
In step 705, such a representation is stored as reduced helper data in memory (e.g., memory 104 of
The descriptions of the various embodiments of the present invention have been presented for purposes of illustration, but are not intended to be exhaustive or limited to the embodiments disclosed. For example, many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein was chosen to best explain the principles of the embodiments, the practical application or technical improvement over technologies found in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/US2018/024952 | 3/28/2018 | WO |
Publishing Document | Publishing Date | Country | Kind |
---|---|---|---|
WO2018/183572 | 10/4/2018 | WO | A |
Number | Name | Date | Kind |
---|---|---|---|
8667265 | Hamlet | Mar 2014 | B1 |
9082514 | Trimberger | Jul 2015 | B1 |
9225512 | Trimberger | Dec 2015 | B1 |
9262256 | Mathew et al. | Feb 2016 | B2 |
9584329 | Trimberger | Feb 2017 | B1 |
9672342 | Walsh | Jun 2017 | B2 |
9767015 | McKelvie | Sep 2017 | B1 |
10089220 | McKelvie | Oct 2018 | B1 |
10103733 | Gurrieri | Oct 2018 | B1 |
10235517 | Lao | Mar 2019 | B2 |
11218306 | Maes | Jan 2022 | B2 |
20080112596 | Rhoads | May 2008 | A1 |
20090106626 | Hou | Apr 2009 | A1 |
20090282259 | Skoric | Nov 2009 | A1 |
20110135013 | Wegener | Jun 2011 | A1 |
20110191837 | Guajardo Merchan | Aug 2011 | A1 |
20110215829 | Guajardo Merchan | Sep 2011 | A1 |
20110286599 | Tuyls | Nov 2011 | A1 |
20120072737 | Schrijen | Mar 2012 | A1 |
20120183135 | Paral | Jul 2012 | A1 |
20130194886 | Schrijen | Aug 2013 | A1 |
20130222115 | Davoodi | Aug 2013 | A1 |
20130234771 | Simons | Sep 2013 | A1 |
20130246881 | Goettfert | Sep 2013 | A1 |
20140091832 | Gotze | Apr 2014 | A1 |
20140108786 | Kreft | Apr 2014 | A1 |
20140189365 | Cox | Jul 2014 | A1 |
20140218067 | Li | Aug 2014 | A1 |
20140325237 | Van Der Leest | Oct 2014 | A1 |
20140327469 | Pfeiffer | Nov 2014 | A1 |
20150086016 | Oshida | Mar 2015 | A1 |
20150178143 | Mathew | Jun 2015 | A1 |
20150188718 | Falk | Jul 2015 | A1 |
20150195088 | Rostami | Jul 2015 | A1 |
20150200775 | Guajardo Merchan | Jul 2015 | A1 |
20150234751 | Van Der Sluis | Aug 2015 | A1 |
20150269378 | Falk | Sep 2015 | A1 |
20160087805 | Li | Mar 2016 | A1 |
20160148679 | Yoshimoto | May 2016 | A1 |
20160148680 | Yoshimoto | May 2016 | A1 |
20160179896 | Finlay | Jun 2016 | A1 |
20160182045 | Mai | Jun 2016 | A1 |
20160269186 | Wallrabenstein | Sep 2016 | A1 |
20160328578 | Plusquellic | Nov 2016 | A1 |
20160373264 | Katoh | Dec 2016 | A1 |
20170063559 | Wallrabenstein | Mar 2017 | A1 |
20170141929 | Afghah | May 2017 | A1 |
20170149572 | Wallrabenstein | May 2017 | A1 |
20170180140 | Mai | Jun 2017 | A1 |
20170242660 | Katoh | Aug 2017 | A1 |
20170310489 | Van Der Sluis | Oct 2017 | A1 |
20170344760 | Jennings | Nov 2017 | A1 |
20170344761 | Jennings | Nov 2017 | A1 |
20170364709 | Plusquellic | Dec 2017 | A1 |
20180004444 | Murray | Jan 2018 | A1 |
20180006813 | Van Der Leest | Jan 2018 | A1 |
20180167391 | Lawson | Jun 2018 | A1 |
20180183589 | Danger | Jun 2018 | A1 |
20180183614 | Danger | Jun 2018 | A1 |
20180205901 | Okura | Jul 2018 | A1 |
20180241557 | Maes | Aug 2018 | A1 |
20180270014 | Muratani | Sep 2018 | A1 |
20180329962 | Schrijen | Nov 2018 | A1 |
20190026457 | Plusquellic | Jan 2019 | A1 |
20190116052 | Kim | Apr 2019 | A1 |
20190147967 | Tuyls | May 2019 | A1 |
20190156066 | Foster | May 2019 | A1 |
20190165958 | Guajardo Merchan | May 2019 | A1 |
20190221139 | Schrijen | Jul 2019 | A1 |
20190349207 | Merchan | Nov 2019 | A1 |
20190349208 | Merchan | Nov 2019 | A1 |
20190385489 | Norrman | Dec 2019 | A1 |
20200052913 | Orshansky | Feb 2020 | A1 |
20200076604 | Argones Rua | Mar 2020 | A1 |
20210200559 | Chamberlain | Jul 2021 | A1 |
Number | Date | Country |
---|---|---|
2773061 | Sep 2014 | EP |
Entry |
---|
International Search Report for International Application No. PCT/US2018/024952 dated Jul. 31, 2018, pp. 1-5. |
Written Opinion of the International Searching Authority for International Application No. PCT/US2018/024952 dated Jul. 31, 2018, pp. 1-5. |
Matthias Hiller, “Key Derivation with Physical Unclonable Functions,” Dissertation, Technical University of Munich, 2016, pp. 1-153. |
Salamatian et al., “Maximum Entropy Functions: Approximate Gacs-Korner for Distributed Compression,” Apr. 14, 2016, pp. 1-6. |
Delvaux et al., “Helper Data Algorithms for PUF-Based Key Generation: Overview and Analysis, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,” vol. 34, No. 6, Jun. 2015, pp. 1-14. |
Dodis et al., Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data, Eurocrypt, 2004, Springer LNCS 3027, pp. 523-540. |
Hiller et al., “Increasing the Efficiency of Syndrome Coding for PUFs with Helper Data Compression,” Design, Automation & Test in Europe Conference & Exhibition (DATE), Mar. 24-28, 2014, pp. 1-6. |
Roel Maes, “An Accurate Probabilistic Reliability Model for Silicon PUFs,” International Conference on Cryptographic Hardware and Embedded Systems, 2013, pp. 73-89. |
Van Den Berg et al., “Bias-Based Modeling and Entropy Analysis of PUFs,” Proceedings of the 2013 ACM Workshop on Trustworthy Embedded Devices, Berlin, Germany, Nov. 4, 2013, pp. 1-8. |
Wang et al., “Efficient Helper Data Reduction in SRAM PUFs via Lossy Compression,” Design, Automation and Test in Europe (DATE), Dresden, Germany, Mar. 19-23, 2018, pp. 1453-1458. |
Number | Date | Country | |
---|---|---|---|
20200052913 A1 | Feb 2020 | US |
Number | Date | Country | |
---|---|---|---|
62478130 | Mar 2017 | US | |
62478117 | Mar 2017 | US |