Physical unclonable function
A physical unclonable function (sometimes also called physically unclonable function, which refers to a weaker security metric), or PUF, is a physical object that for a given input and conditions (challenge), provides a physically-defined "digital fingerprint" output (response) that serves as a unique identifier, most often for a semiconductor device such as a microprocessor. PUFs are most often based on unique physical variations which occur naturally during semiconductor manufacturing. A PUF is a physical entity embodied in a physical structure. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high security requirements, more specifically cryptography.
History
Early references about systems that exploit the physical properties of disordered systems for authentication purposes date back to Bauder in 1983[1] and Simmons in 1984.[2][3] Naccache and Frémanteau provided an authentication scheme in 1992 for memory cards.[4] The terms POWF (physical one-way function) and PUF (physical unclonable function) were coined in 2001[5] and 2002,[6] the latter publication describing the first integrated PUF where, unlike PUFs based on optics, the measurement circuitry and the PUF are integrated onto the same electrical circuit (and fabricated on silicon).
From 2010 to 2013, PUF gained attention in the smartcard market as a promising way to provide “silicon fingerprints”, creating cryptographic keys that are unique to individual smartcards.[7][8]
PUFs are now established as a secure alternative to battery-backed storage of secret keys in commercial FPGAs, such as the Xilinx Zynq Ultrascale+[9], and Altera Stratix 10.[10]
Concept
PUFs depend on the uniqueness of their physical microstructure. This microstructure depends on random physical factors introduced during manufacturing. These factors are unpredictable and uncontrollable, which makes it virtually impossible to duplicate or clone the structure.
Rather than embodying a single cryptographic key, PUFs implement challenge–response authentication to evaluate this microstructure. When a physical stimulus is applied to the structure, it reacts in an unpredictable (but repeatable) way due to the complex interaction of the stimulus with the physical microstructure of the device. This exact microstructure depends on physical factors introduced during manufacture which are unpredictable (like a fair coin). The applied stimulus is called the challenge, and the reaction of the PUF is called the response. A specific challenge and its corresponding response together form a challenge–response pair or CRP. The device's identity is established by the properties of the microstructure itself. As this structure is not directly revealed by the challenge-response mechanism, such a device is resistant to spoofing attacks.
Using a fuzzy extractor, nested polar codes [11], or key extractor PUFs can also be used to extract a unique strong cryptographic key from the physical microstructure.[12] The same unique key is reconstructed every time the PUF is evaluated.[13][14] The challenge-response mechanism is then implemented using cryptography.
PUFs can be implemented with a very small hardware investment. Unlike a ROM containing a table of responses to all possible challenges, which would require hardware exponential in the number of challenge bits, a PUF can be constructed in hardware proportional to the number of challenge and response bits. In some cases PUFs can even be built from existing hardware with the right properties.
Unclonability means that each PUF device has a unique and unpredictable way of mapping challenges to responses, even if it was manufactured with the same process as a similar device, and it is infeasible to construct a PUF with the same challenge–response behavior as another given PUF because exact control over the manufacturing process is infeasible. Mathematical unclonability means that it should be very hard to compute an unknown response given the other CRPs or some of the properties of the random components from a PUF. This is because a response is created by a complex interaction of the challenge with many or all of the random components. In other words, given the design of the PUF system, without knowing all of the physical properties of the random components, the CRPs are highly unpredictable. The combination of physical and mathematical unclonability renders a PUF truly unclonable.[13][15]
Note that a PUF is "Unclonable" using the same physical implementation, but once a PUF key is extracted, there's generally no problem to clone the key - the output of the PUF - using other means.
Because of these properties PUFs can be used as a unique and untamperable device identifier. PUFs can also be used for secure key generation and storage as well as for a source of randomness.
Types
Over 40 types of PUF have been suggested.[16] These range from PUFs that evaluate an intrinsic element of a pre-existing integrated electronic system[17] to concepts that involve explicitly introducing random particle distributions to the surface of physical objects for authentication.[18] All PUFs are subject to environmental variations such as temperature, supply voltage and electromagnetic interference, which can affect their performance. Therefore, rather than just being random, the real power of a PUF is its ability to be different between devices, but simultaneously to be the same under different environmental conditions on the same device.
Error correction
In many applications it is important that the output is stable. If the PUF is used for a key in cryptographic algorithms it is necessary that error correction be done to correct any errors caused by the underlying physical processes and reconstruct exactly the same key each time under all operating conditions. In principle there are two basic concepts: Pre-Processing and Post-Processing Error Correction.[19] [20]
Strategies have been developed which lead SRAM PUF to become more reliable over time without degrading the other PUF quality measures such as security and efficiency.[21]
Research at Carnegie Mellon University into various PUF implementations found that some error reduction techniques reduced errors in PUF response in a range of ~70 percent to ~100 percent.[22]
Research at the University of Massachusetts Amherst to improve the reliability of SRAM PUF-generated keys posited an error correction technique to reduce the error rate.[23]
Joint reliability-secrecy coding methods based on transform coding are used to obtain significantly higher reliabilities for each bit generated from a PUF such that low-complexity error-correcting codes such as BCH codes suffice to satisfy a block error probability constraint of 1 bit errors out of 1 billion bits.[24]
Nested polar codes are used for vector quantisation and error correction jointly. Their performance is asymptotically optimal in terms of, for a given blocklength, the maximum number of secret bits generated, minimum amount of private information leaked about the PUF outputs, and minimum storage required. The fuzzy commitment scheme and fuzzy extractors are shown to be sub-optimal in terms of the minimum storage. [11]
Availability
- PUF technology can be licensed from several companies including eMemory,[25], or its subsidiary, PUFsecurity[26], Enthentica[27], ICTK, Intrinsic ID,[28] Invia, QuantumTrace and Verayo.
- PUF technology has been implemented in several hardware platforms including Microsemi SmartFusion2,[29] NXP SmartMX2,[30] Coherent Logix HyperX, InsideSecure MicroXsafe, Altera Stratix 10,[31] Redpine Signals WyzBee and Xilinx Zynq Ultrascale+.[32]
Vulnerabilities
In 2011, university research showed that delay-based PUF implementations are vulnerable to side-channel attacks[33][34] and recommends that countermeasures be employed in the design to prevent this type of attack. Also, improper implementation of PUF could introduce "backdoors" to an otherwise secure system.[35][36] In June 2012, Dominik Merli, a scientist at Fraunhofer Research Institution for Applied and Integrated Security (AISEC) further claimed that PUF introduces more entry points for hacking into a cryptographic system and that further investigation into the vulnerabilities of PUFs is required before PUFs can be used in practical security-related applications.[37] The presented attacks are all on PUFs implemented in insecure systems, such as FPGA or Static RAM (SRAM). It is also important to ensure that the environment is suitable for the needed security level.[19]
In 2015, some studies claimed it is possible to attack certain kinds of PUFs with low-cost equipment in a matter of milliseconds. A team at Ruhr Universität of Bochum, Germany demonstrated a method to create a model of XOR Arbiter PUFs and thus be able to predict their response to any kind of challenge. Their method requires only 4 CRPs which even on resource constrained devices should not take more than about 200ms to produce. Using this method and a $25 device or an NFC-enabled smartphone, the team was able to successfully clone PUF-based RFID cards stored in the wallet of users while it was in their back pocket.[38]
Provable machine learning attacks
The attacks mentioned above range from invasive, e.g.,[39] to non-invasive attacks.[38] One of the most celebrated types of non-invasive attacks is machine learning (ML) attacks.[38] From the beginning of the era of PUFs, it has been doubted if these primitives are subject to this type of attacks.[40] In the lack of thorough analysis and mathematical proofs of the security of PUFs, ad hoc attacks against PUFs have been introduced in the literature. Consequently, countermeasures presented to cope with these attacks are less effective. In line with these efforts, it has been conjectured if PUFs can be considered as circuits, being provably hard to break.[41] In response, a mathematical framework has been suggested, where provable ML algorithms against several known families of PUFs have been introduced.[42]
Along with this provable ML framework, to assess the security of PUFs against ML attacks, property testing algorithms have been reintroduced in the hardware security community and made publicly accessible.[43][44] These algorithms trace their roots back to well-established fields of research, namely property testing, machine learning theory, and Boolean analysis.
ML attacks are possible to apply to PUFs also because majority of the pre- and post-processing methods applied until now ignore the effect of correlations between PUF-circuit outputs. For instance, obtaining one bit by comparing two ring oscillator outputs is a method to decrease the correlation. However, this method does not remove all correlations. Therefore, the classic transforms from the signal-processing literature are applied to raw PUF-circuit outputs to decorrelate them before quantizing the outputs in the transform domain to generate bit sequences. Such decorrelation methods can help to overcome the correlation based information leakages about the PUF outputs even if the ambient temperature and supply voltage change. [45]
See also
- Hardware Trojan
- Quantum Readout of PUFs
- Random number generation
- Defense strategy (computing)
References
- D.W. Bauder, "An anti-counterfeiting concept for currency systems", Research report PTK-11990. Sandia National Labs. Albuquerque, NM, 1983.
- G. Simmons, "A system for verifying user identity and authorization at the point-of sale or access," Cryptologia, vol. 8, no. 1, pp. 1–21, 1984.
- G. Simmons, "Identification of data, devices, documents and individuals," in IEEE International Carnahan Conference on Security Technology, 1991, pp. 197–218.
- David Naccache and Patrice Frémanteau, Unforgeable identification device, identification device reader and method of identification, August 1992.
- Pappu, R.; Recht, B.; Taylor, J.; Gershenfeld, N. (2002). "Physical one-way functions". Science. 297 (5589): 2026–2030. Bibcode:2002Sci...297.2026P. doi:10.1126/science.1074376. hdl:1721.1/45499. PMID 12242435.
- Blaise Gassend, Dwaine Clarke, Marten van Dijk and Srinivas Devadas. Silicon Physical Random Functions. Proceedings of the Computer and Communications Security Conference, November 2002
- Clarke, Peter (22 February 2013). "London Calling: Security technology takes time". EE Times. UBM Tech Electronics. Retrieved 1 July 2013.
- "NXP and Intrinsic-ID to raise smart chip security". EE Times. UBM Tech Electronics. 21 January 2010. Retrieved 1 July 2013.
- Xilinx Addresses Rigorous Security Demands at Fifth Annual Working Group for Broad Range of Applications
- {url = https://www.intrinsic-id.com/altera-reveals-stratix-10-with-intrinsic-ids-puf-technology/}
- Gunlu, O.; Iscan, O.; Sidorenko, V.; and Kramer, G. "Code Constructions for Physical Unclonable Functions and Biometric Secrecy Systems", IEEE Transactions on Information Forensics and Security, 15 April 2019
- Tuyls, Pim; Šcorić, Boris; Kevenaar, Tom (2007). Security with Noisy Data: Private Biometics, Secure Key Storage and Anti-counterfeiting. Springer. doi:10.1007/978-1-84628-984-2. ISBN 978-184628-983-5.
- Maes, R. (2013). Physically unclonable functions: Constructions, Properties and Applications. Springer. ISBN 978-3-642-41395-7.
- "PUF Technology Overview".
- C. Herder, L. Ren, M. van Dijk, M-D. Yu, and S. Devadas, "Trapdoor Computational Fuzzy Extractors and Cryptographically-Secure Physical Unclonable Functions", IEEE Transactions on Dependable and Secure Computing, January 2017.
- McGrath, Thomas; Bagci, Ibrahim E.; Wang, Zhiming M.; Roedig, Utz; Young, Robert J. (2019). "A PUF taxonomy". Applied Physics Reviews. 6 (11303): 011303. doi:10.1063/1.5079407.
- Helinski, R.; Acharyya, D.; Plusquellic, J. (2009). "A physical unclonable function defined using power distribution system equivalent resistance variations". Proceedings of the 46th ACM/IEEE Design Automation Conference (DAC): 676–681.
- Chong, C. N.; Jiang, J.; Guo, L. (2008). "Anti-counterfeiting with a random pattern". Proceedings of Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE): 146–153.
- Christoph, Boehm (2012). Physical Unclonable Functions in Theory and Practice. Springer.
- C. Bohm, M. Hofer, and W. Pribyl, "A microcontroller sram-puf," in Network and System Security (NSS), 2011 5th International Conference September 2011, pp. 269–273.
- Maes, R, and Van der Leest, V. "Countering the effects of silicon aging on SRAM PUFs", Proceedings of the 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)
- Bhargava, M. "Reliable, Secure, Efficient Physical Unclonable Functions", Carnegie Mellon University Research Showcase @ CMU, Pittsburgh, Pennsylvania, 2013
- Vijayakumar, A.; Patil, V.C.; and Kundu, S. "On Improving Reliability of SRAM-Based Physically Unclonable Functions", Journal of Low Power Electronics and Applications, 12 January 2017
- Gunlu, O.; Kernetzky, T.; Iscan, O.; Sidorenko, V.; Kramer, G.; and Schaefer, R. "Secure and Reliable Key Agreement with Physical Unclonable Functions", Entropy Journal, 3 May 2018
- http://www.ememory.com.tw
- "PUFsecurity | Secure the Connected World | Taiwan". Pufsecurity. Retrieved 2019-12-17.
- "Enthentica Company Website". www.enthentica.com.
- Intrinsic ID company website
- Microsemi to offer Intrinsic-ID security in FPGAs and systems-on-chip for sensitive military applications, Military & Aerospace Electronics, August 2011
- NXP and Intrinsic-ID to raise smart chip security, EETimes, 2010
- Altera Partners with Intrinsic-ID to Develop World’s Most Secure High-End FPGA, October 12, 2015
- "Verayo PUF IP on Xilinx Zynq UltraScale+ MPSoC Devices Addresses Security Demands".
- Merli, Dominik; Schuster, Dieter; Stumpf, Frederic; Sigl, Georg (2011), "Side Channel Analysis of PUFs and Fuzzy Extractors", Trust and Trustworthy Computing. 4th International Conference, TRUST 2011, Pittsburgh, PA, USA, June 22-24, 2011. Proceedings, Lecture Notes in Computer Science, 6740, Springer Berlin Heidelberg, pp. 33–47, doi:10.1007/978-3-642-21599-5_3, ISBN 978-3-642-21598-8
- Schuster, Dieter (2010). Side-Channel Analysis of Physical Unclonable Functions (PUFs) (PDF) (Diploma). Technische Universität München.
- Rührmair, Ulrich; van Dijk, Marten (2013). PUFs in Security Protocols: Attack Models and Security Evaluations (PDF). 2013 IEEE Symposium on Security and Privacy . May 19–22, 2013 San Francisco, CA, USA.
- Katzenbeisser, Stefan; Kocabas, Ünal; Rožic, Vladimir; Sadeghi, Ahmad-Reza; Verbauwhede, Ingrid; Wachsmann, Christian (2012), "PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon", Cryptographic Hardware and Embedded Systems – CHES 2012. 14th International Workshop, Leuven, Belgium, September 9-12, 2012. Proceedings (PDF), Lecture Notes in Computer Science, 7428, Springer Berlin Heidelberg, pp. 283–301, doi:10.1007/978-3-642-33027-8_17, ISBN 978-3-642-33026-1
- Merli, Dominik (2012). Hardware Attacks on PUFs (PDF). Proceedings AHS2012, NASA/ESA Conference on Adaptive Hardware and Systems. June 25 – 28, 2012 Erlangen, Germany.
- Becker, Georg (2015). The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs. Lecture Notes in Computer Science. doi:10.1007/978-3-662-48324-4_27.
- Helfmeier, Clemens; Nedospasov, Dmitry; Boit, Christian; Seifert, Jean-Pierre (2013). Cloning Physically Unclonable Functions (PDF). IEEE Hardware Oriented Security and Trust (IEEE HOST 2013). June 2–3, 2013 Austin, TX, USA.
- Gassend, Blaise; Clarke, Dwaine; van Dijk, Marten; Devadas, Srinivas (2002). Silicon physical random functions. Proceedings of the 9th ACM Conference on Computer and Communications Security - CCS '02. New York, New York, USA: ACM Press. CiteSeerX 10.1.1.297.5196. doi:10.1145/586110.586132. ISBN 978-1581136128.
- Herder, Charles; Ren, Ling; van Dijk, Marten; Yu, Meng-Day; Devadas, Srinivas (2017-01-01). "Trapdoor computational fuzzy extractors and stateless cryptographically-secure physical unclonable functions". IEEE Transactions on Dependable and Secure Computing. 14 (1): 65–82. doi:10.1109/tdsc.2016.2536609. ISSN 1545-5971.
- Ganji, Fatemeh (2018). On the learnability of physically unclonable functions. Springer. ISBN 978-3-319-76716-1.
- Ganji, Fatemeh (2018). "PUFmeter: A Property Testing Tool for Physically Unclonable Functions" (PDF).
- "Software Developed for the Trust-Hub Project (Available for Download)". 2018.
- Gunlu, O.; Iscan, O.; and Kramer, G. "Reliable secret key generation from physical unclonable functions under varying environmental conditions", IEEE Workshop on Information Forensics and Security, 4 January 2016
External links
- "Physical Unclonable Functions and Applications", by Srini Devadas and others, MIT
- Ultra-low-cost true randomness AND physical fingerprinting