Design of Physically Unclonable Functions Using FPGAs CPRE 583 Michael Patterson, Aaron Mills What is a PUF? Hardware hash function Uniquely identify a device “Impossible” to reverse engineer Modeling attacks, power spectrum analysis... Applications: RFID, Chip Authentication, Etc. Delay-Based PUF Types Butterfly PUF Requires feedback loops to be identical Delay-Based PUF Types Arbiter PUF Again, issue: each “race track” must be identical Tunable delay, constrain the synthesis placement, etc... Our Design 16 bit challenge, 8 bit response Our Design Rationale – Challenge partitioning – Number of ROs – Counter value – Other comments RO in vhdl signal ros : std_logic_vector(4 downto 0); attribute keep: boolean; attribute keep of ros: signal is true; Properties of a good PUF 1) Consistency 1) Uniqueness 1) One-to-One “Consistency” Testing One PUF, One Challenge: • PUF is given the same 16-bit challenge 32 times • repeated for 128 randomly generated challenges. • the percentage of responses that differ will be calculated • the ideal value is a 0 percent change. “Consistency” Results The 8-bit response was correct 94.68 percent of the time. “Uniqueness” Testing One PUF, different challenges • A single PUF is given 1024 different challenges consisting of a Gray Code pattern (a series of numbers that tours unique data values bychanging only one bit at a time). • The average hamming distance between adjacent responses will be calculated. • ideal average hamming distance is 50 percent. “Uniqueness” Results On average, 2.88 bits change in the response for a one bit change in input. “One-to-One” Testing Different PUFs, one challenge • Different PUFs given the same series of 1024 challenges. • The average hamming distance between responses is calculated. • ideal average hamming distance is 50 percent. “One-to-One” Results On average, 46.16 percent of the bits are different between responses of two different PUFs to the same challenge. Temperature Stability Why is considering temperature important? Linear approximation: ρ(T) = ρ0[1 + α(T − T0)] Temperature Stability Testing • Same format as Consistency test • Every 5C from 10C to 65C Temperature Stability Results Response Bit 0 1 2 3 4 5 6 7 Ham. Distance (%) 0.3 2 0.1 0.6 0 0 0.2 2 But...most errors caused by a few inputs Hard Macros Why are hard macros useful? Issues... Future Work • Hard Macro Usage • Post processing to improve results – Repeat same challenge several times • Large input size for testing to increase statistical significance of results • Research properties of different input patterns • Optimize design to consume less space on the fpga – Multi-phase calculation References 1. An Analysis of Delay Based PUF Implementations on FPGA, Sergey Morozov, Abhranil Maiti, and Patrick Schaumont 2. Physical Unclonable Functions for Device Authentication and Secret Key Generation, G. E. Suh and S. Devadas. 3. B. Gassend, D. Clarke, M. van Dijk, and S. Devadas. Delay-based circuit authentication and applications. References 4. J. Guajardo, S. Kumar, G.-J. Schrijen, and P. Tuyls. Physical unclonable functions and public-key crypto for fpga ip protection. 5. S. Kumar, J. Guajardo, R. Maes, G.-J. Schrijen, and P. Tuyls. Extended abstract: The butterﬂy puf protecting ip on every fpga. 6. M. Majzoobi and F. Koushanfar. Timebounded authentication of fpgas. 7. G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation.