Design of Physically Unclonable Functions
Using FPGAs
CPRE 583
Michael Patterson, Aaron Mills

What is a PUF?

Hardware hash function

Uniquely identify a device

“Impossible” to reverse engineer
 Modeling attacks, power spectrum analysis...

Applications: RFID, Chip Authentication,
Etc.

Delay-Based PUF Types

Butterfly PUF
 Requires feedback loops to be identical

Delay-Based PUF Types

Arbiter PUF


Again, issue: each
“race track” must be identical
Tunable delay, constrain the synthesis placement, etc...

Our Design

16 bit challenge, 8 bit response

Our Design

Rationale
– Challenge partitioning
– Number of ROs
– Counter value
– Other comments

RO in vhdl signal ros : std_logic_vector(4 downto 0); attribute keep: boolean; attribute keep of ros: signal is true;

Properties of a good PUF
1) Consistency
1) Uniqueness
1) One-to-One

“Consistency” Testing
One PUF, One Challenge:
• PUF is given the same 16-bit challenge 32 times
• repeated for 128 randomly generated challenges.
• the percentage of responses that differ will be calculated
• the ideal value is a 0 percent change.

“Consistency” Results
The 8-bit response was correct 94.68 percent of the time.

“Uniqueness” Testing
One PUF, different challenges
• A single PUF is given 1024 different challenges consisting of a Gray Code pattern (a series of numbers that tours unique data values bychanging only one bit at a time).
• The average hamming distance between adjacent responses will be calculated.
• ideal average hamming distance is 50 percent.

“Uniqueness” Results
On average, 2.88 bits change in the response for a one bit change in input.

“One-to-One” Testing
Different PUFs, one challenge
• Different PUFs given the same series of
1024 challenges.
• The average hamming distance between responses is calculated.
• ideal average hamming distance is 50 percent.

“One-to-One” Results
On average, 46.16 percent of the bits are different between responses of two different PUFs to the same challenge.

Temperature Stability
Why is considering temperature important?
Linear approximation:
ρ(T) = ρ0[1 + α(T − T0)]

Temperature Stability
Testing
• Same format as Consistency test
• Every 5C from 10C to 65C

Temperature Stability
Results
Response Bit 0 1 2 3 4 5
Ham. Distance (%) 0.3
2 0.1
0.6
0 0
6 7
0.2
2
But...most errors caused by a few inputs

Hard Macros
Why are hard macros useful?
Issues...

Future Work
• Hard Macro Usage
• Post processing to improve results
– Repeat same challenge several times
• Large input size for testing to increase statistical significance of results
• Research properties of different input patterns
• Optimize design to consume less space on the fpga
– Multi-phase calculation

References
1. An Analysis of Delay Based PUF
Implementations on FPGA, Sergey Morozov,
Abhranil Maiti, and Patrick Schaumont
2. Physical Unclonable Functions for Device
Authentication and Secret Key Generation,
G. E. Suh and S. Devadas.
3. B. Gassend, D. Clarke, M. van Dijk, and S.
Devadas. Delay-based circuit authentication and applications.

References
4. J. Guajardo, S. Kumar, G.-J. Schrijen, and P.
Tuyls. Physical unclonable functions and public-key crypto for fpga ip protection.
5. S. Kumar, J. Guajardo, R. Maes, G.-J.
Schrijen, and P. Tuyls. Extended abstract:
The butterfly puf protecting ip on every fpga.
6. M. Majzoobi and F. Koushanfar. Timebounded authentication of fpgas.
7. G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation.