Physical Security Primitives

A Survey on Physically Unclonable Functions and PUF-Based Security Solutions
  • Ahmad-Reza Sadeghi
  • Steffen Schulz
  • Christian Wachsmann
Chapter

Abstract

Physically unclonable functions (PUFs) are an emerging technology and have been proposed as central building blocks in a variety of cryptographic protocols and security architectures. Among others, PUFs enable unique device identification and authentication, binding software to hardware platforms and secure storage of cryptographic secrets. Furthermore, they can be directly integrated into cryptographic algorithms and remote attestation protocols. In this chapter, we give an overview of the concept, properties, and types of intrinsic electronic PUFs, discuss potential attack surfaces and advanced PUF concepts as well as the most common applications of electronic PUFs. Further, we show new directions on logically reconfigurable PUFs (LR-PUFs) and PUF-based remote attestation and discuss open challenges.

Keywords

Entropy Assure Extractor 

Notes

Acknowledgments

This work has been supported in part by the European Commission under grant agreement ICT-2007-238811 UNIQUE.

References

  1. 1.
    Armknecht, F., Maes, R., Sadeghi, A.R., Standaert, F.X., Wachsmann, C.: A formal foundation for the security features of physical functions. In: IEEE Symposium on Security and Privacy (SSP), pp. 397–412. IEEE Computer Society (2011)Google Scholar
  2. 2.
    Armknecht, F., Maes, R., Sadeghi, A.R., Sunar, B., Tuyls, P.: Memory leakage-resilient encryption based on physically unclonable functions. In: M. Matsui (ed.) Advances in Cryptology (ASIACRYPT), Lecture Notes in Computer Science (LNCS), vol. 5912, pp. 685–702. Springer Berlin/Heidelberg, Berlin, Heidelberg (2009)Google Scholar
  3. 3.
    Beckmann, N., Potkonjak, M.: Hardware-based public-key cryptography with public physically unclonable functions. In: S. Katzenbeisser, A.R. Sadeghi (eds.) Information Hiding (IH), Lecture Notes in Computer Science (LNCS), vol. 5806, pp. 206–220. Springer Berlin/Heidelberg, Berlin, Heidelberg (2009)Google Scholar
  4. 4.
    Bolotnyy, L., Robins, G.: Physically unclonable function-based security and privacy in RFID systems. In: Conference on Pervasive Computing and Communications (PerCom), pp. 211–220. IEEE (2007)Google Scholar
  5. 5.
    Boyen, X.: Reusable cryptographic fuzzy extractors. In: ACM Conference on Computer and Communications Security (ACM CCS), pp. 82–91. ACM, New York, NY, USA (2004)Google Scholar
  6. 6.
    Bringer, J., Chabanne, H., Icart, T.: Improved privacy of the tree-based hash protocols using physically unclonable functions. In: R. Ostrovsky, R. De Prisco, I. Visconti (eds.) Security and Cryptography for Networks (SCN), Lecture Notes in Computer Science (LNCS), vol. 5229, pp. 77–91. Springer Berlin/Heidelberg, Berlin, Heidelberg (2008)Google Scholar
  7. 7.
    Bringer, J., Chabanne, H., Icart, T.: On physical obfuscation of cryptographic algorithms. In: B. Roy, N. Sendrier (eds.) International Conference on Cryptology in India (INDOCRYPT), Lecture Notes in Computer Science (LNCS), vol. 5922, pp. 88–103. Springer Berlin/Heidelberg, Berlin, Heidelberg (2009)Google Scholar
  8. 8.
    Brzuska, C., Fischlin, M., Schröder, H., Katzenbeisser, S.: Physically uncloneable functions in the universal composition framework. In: P. Rogaway (ed.) Advances in Cryptology (CRYPTO), Lecture Notes in Computer Science (LNCS), vol. 6841, pp. 51–70. Springer Berlin/Heidelberg, Berlin, Heidelberg (2011)Google Scholar
  9. 9.
    Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and implementation of PUF-based unclonable RFID ICs for anti-counterfeiting and security applications. RFID, 2008 IEEE International Conference on pp. 58–64 (2008)Google Scholar
  10. 10.
    Dodis, Y., Katz, J., Reyzin, L., Smith, A.: Robust fuzzy extractors and authenticated key agreement from close secrets. In: C. Dwork (ed.) Advances in Cryptology (CRYPTO), Lecture Notes in Computer Science (LNCS), vol. 4117, pp. 232–250. Springer Berlin/Heidelberg, Berlin, Heidelberg (2006)Google Scholar
  11. 11.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: C. Cachin, J. Camenisch (eds.) Advances in Cryptology (EUROCRYPT), Lecture Notes in Computer Science (LNCS), vol. 3027, pp. 523–540. Springer Berlin/Heidelberg, Berlin, Heidelberg (2004)Google Scholar
  12. 12.
    Eichhorn, I., Koeberl, P., van der Leest, V.: Logically reconfigurable PUFs: Memory-based secure key storage. In: ACM Workshop on Scalable Trusted Computing (ACM STC), pp. 59–64. ACM, New York, NY, USA (2011)Google Scholar
  13. 13.
    Gassend, B.: Physical random functions. Master’s thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (MIT), The Stata Center, 32 Vassar Street, Cambridge, Massachusetts 02139 (2003)Google Scholar
  14. 14.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled physical random functions. In: Annual Computer Security Applications Conference (ACSAC), pp. 149–160. IEEE (2002)Google Scholar
  15. 15.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: ACM Conference on Computer and Communications Security (ACM CCS), pp. 148–160. ACM, New York, NY, USA (2002)Google Scholar
  16. 16.
    Guajardo, J., Kumar, S., Schrijen, G.J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: P. Paillier, I. Verbauwhede (eds.) Cryptographic Hardware and Embedded Systems (CHES), Lecture Notes in Computer Science (LNCS), vol. 4727, pp. 63–80. Springer Berlin/Heidelberg, Berlin, Heidelberg (2007)Google Scholar
  17. 17.
    Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: Physical unclonable functions and public-key crypto for FPGA IP protection. In: Field Programmable Logic and Applications (FPL), pp. 189–195. IEEE (2007)Google Scholar
  18. 18.
    Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: Brand and IP protection with physical unclonable functions. In: IEEE International Symposium on Circuits and Systems (ISCAS), pp. 3186–3189. IEEE (2008)Google Scholar
  19. 19.
    Hammouri, G., Dana, A., Sunar, B.: CDs have fingerprints too. In: C. Clavier, K. Gaj (eds.) Cryptographic Hardware and Embedded Systems (CHES), Lecture Notes in Computer Science (LNCS), vol. 5747, pp. 348–362. Springer Berlin/Heidelberg, Berlin, Heidelberg (2009)Google Scholar
  20. 20.
    Hammouri, G., Öztürk, E., Birand, B., Sunar, B.: Unclonable lightweight authentication scheme. In: L. Chen, M.D. Ryan, G. Wang (eds.) International Conference on Information and Communications Security (ICICS), Lecture Notes in Computer Science (LNCS), vol. 5308, pp. 33–48. Springer Berlin/Heidelberg, Berlin, Heidelberg (2008)Google Scholar
  21. 21.
    Holcomb, D., Burleson, W., Fu, K.: Initial SRAM state as a fingerprint and source of true random numbers for RFID tags. In: Workshop on RFID Security (RFIDSec) (2007)Google Scholar
  22. 22.
    Holcomb, D., Burleson, W.P., Fu, K.: Power-up SRAM state as an identifying fingerprint and source of true random numbers. IEEE Transactions on Computers 58(9), 1198–1210 (2009)Google Scholar
  23. 23.
    Ignatenko, T., Schrijen, G.J., Škorić, B., Tuyls, P., Willems, F.: Estimating the secrecy-rate of physical unclonable functions with the context-tree weighting method. In: IEEE International Symposium on Information Theory (ISIT), pp. 499–503. IEEE (2006)Google Scholar
  24. 24.
    Intrinsic ID: Website. http://www.intrinsic-id.com/products.htm (2012)
  25. 25.
    Karakoyunlu, D., Sunar, B.: Differential template attacks on PUF enabled cryptographic devices. In: Workshop on Information Forensics and Security (WIFS), pp. 1–6. IEEE (2010)Google Scholar
  26. 26.
    Kardas, S., Kiraz, M.S., Bingol, M.A., Demirci, H.: A novel RFID distance bounding protocol based on physically unclonable functions. In: Radio Frequency Identification: Security and Privacy Issues (RFIDSec), Lecture Notes in Computer Science (LNCS). Springer Berlin/Heidelberg, Berlin, Heidelberg (2011)Google Scholar
  27. 27.
    Katzenbeisser, S., Kocabaş, U., van der Leest, V., Sadeghi, A.R., Schrijen, G.J., Schröder, H., Wachsmann, C.: Recyclable PUFs: Logically reconfigurable PUFs. In: Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 6917, pp. 374–389. Springer Berlin/Heidelberg, Berlin, Heidelberg (2011)Google Scholar
  28. 28.
    Kocabas, Ü., Sadeghi, A.R., Schulz, S., Wachsmann, C.: Poster: Practical embedded remote attestation using physically unclonable functions (2011)Google Scholar
  29. 29.
    Kumar, S.S., Guajardo, J., Maes, R., Schrijen, G.J., Tuyls, P.: Extended abstract: The butterfly PUF protecting IP on every FPGA. In: Workshop on Hardware-Oriented Security (HOST), pp. 67–70. IEEE (2008)Google Scholar
  30. 30.
    Kursawe, K., Sadeghi, A.R., Schellekens, D., Skoric, B., Tuyls, P.: Reconfigurable physical unclonable functions – Enabling technology for tamper-resistant storage. In: Workshop on Hardware-Oriented Security and Trust (HOST), pp. 22–29. IEEE (2009)Google Scholar
  31. 31.
    Lee, J.W., Lim, D., Gassend, B., Suh, E.G., van Dijk, M., Devadas, S.: A technique to build a secret key in integrated circuits for identification and authentication applications. In: Symposium on VLSI Circuits, pp. 176–179. IEEE (2004)Google Scholar
  32. 32.
    van der Leest, V., Schrijen, G.J., Handschuh, H., Tuyls, P.: Hardware intrinsic security from D flip-flops. In: ACM Workshop on Scalable Trusted Computing (ACM STC), pp. 53–62. ACM, New York, NY, USA (2010)Google Scholar
  33. 33.
    Lim, D.: Extracting secret keys from integrated circuits. Master’s thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (MIT), The Stata Center, 32 Vassar Street, Cambridge, Massachusetts 02139 (2004)Google Scholar
  34. 34.
    Lim, D., Lee, J.W., Gassend, B., Suh, E.G., van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Transactions on Very Large Scale Integration (VLSI) Systems 13(10), 1200–1205 (2005)Google Scholar
  35. 35.
    Lin, L., Holcomb, D., Krishnappa, D.K., Shabadi, P., Burleson, W.: Low-power sub-threshold design of secure physical unclonable functions. In: International Symposium on Low-Power Electronics and Design (ISLPED), pp. 43–48. IEEE (2010)Google Scholar
  36. 36.
    Maes, R., Tuyls, P., Verbauwhede, I.: Intrinsic PUFs from flip-flops on reconfigurable devices. In: Benelux Workshop on Information and System Security (2008)Google Scholar
  37. 37.
    Maes, R., Verbauwhede, I.: Physically unclonable functions: A study on the state of the art and future research directions. In: A.R. Sadeghi, D. Naccache (eds.) Towards Hardware-Intrinsic Security, Information Security and Cryptography, pp. 3–37. Springer Berlin/Heidelberg, Berlin, Heidelberg (2010)Google Scholar
  38. 38.
    Maiti, A., Casarona, J., McHale, L., Schaumont, P.: A large scale characterization of RO-PUF. In: Symposium on Hardware-Oriented Security and Trust (HOST), pp. 94–99. IEEE (2010)Google Scholar
  39. 39.
    Majzoobi, M., Koushanfar, F., Potkonjak, M.: Lightweight secure PUFs. In: International Conference on Computer-Aided Design (ICCAD), pp. 670–673. IEEE (2008)Google Scholar
  40. 40.
    Majzoobi, M., Koushanfar, F., Potkonjak, M.: Testing techniques for hardware security. In: International Test Conference (ITC), pp. 1–10. IEEE (2008)Google Scholar
  41. 41.
    Majzoobi, M., Koushanfar, F., Potkonjak, M.: Techniques for design and implementation of secure reconfigurable PUFs. ACM Transactions on Reconfigurable Technology and Systems (TRETS) 2(1), 1–33 (2009)Google Scholar
  42. 42.
    Marsaglia, G.: The marsaglia random number CDROM including the Diehard battery of tests of randomness. http://www.stat.fsu.edu/pub/diehard/
  43. 43.
    Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Side-channel analysis of PUFs and fuzzy extractors. In: J.M. McCune, B. Balacheff, A. Perrig, A.R. Sadeghi, A. Sasse, Y. Beres (eds.) Trust and Trustworthy Computing (TRUST), Lecture Notes in Computer Science (LNCS), vol. 6740, pp. 33–47. Springer Berlin/Heidelberg, Berlin, Heidelberg (2011)Google Scholar
  44. 44.
    Öztürk, E., Hammouri, G., Sunar, B.: Towards robust low cost authentication for pervasive devices. In: Conference on Pervasive Computing and Communications (PerCom), pp. 170–178. IEEE, Washington, DC, USA (2008)Google Scholar
  45. 45.
    Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002)Google Scholar
  46. 46.
    Posch, R.: Protecting devices by active coating. Journal of Universal Computer Science 4(7), 652–668 (1998)Google Scholar
  47. 47.
    Ranasinghe, D.C., Engels, D.W., Cole, P.H.: Security and privacy: Modest proposals for low-cost RFID systems. In: Auto-ID Labs Research Workshop (2004)Google Scholar
  48. 48.
    Rührmair, U.: SIMPL systems: On a public key variant of physical unclonable functions. Cryptology ePrint Archive, Report 2009/255 (2009)Google Scholar
  49. 49.
    Rührmair, U.: SIMPL systems, or: Can we design cryptographic hardware without secret key information? In: I. Černá, T. Gyimóthy, J. Hromkovič, K. Jefferey, R. Králović, M. Vukolić, S. Wolf (eds.) Current Trends in Theory and Practice of Computer Science (SOFSEM), Lecture Notes in Computer Science (LNCS), vol. 6543, pp. 26–45. Springer Berlin/Heidelberg, Berlin, Heidelberg (2011)Google Scholar
  50. 50.
    Rührmair, U., Chen, Q., Stutzmann, M., Lugli, P., Schlichtmann, U., Csaba, G.: Towards electrical, integrated implementations of SIMPL systems. In: P. Samarati, M. Tunstall, J. Posegga, K. Markantonakis, D. Sauveron (eds.) Workshop on Information Security Theory and Practices (WISTP), Lecture Notes in Computer Science (LNCS), vol. 6033, pp. 277–292. Springer Berlin/Heidelberg, Berlin, Heidelberg (2010)Google Scholar
  51. 51.
    Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: ACM Conference on Computer and Communications Security (ACM CCS), pp. 237–249. ACM, New York, NY, USA (2010)Google Scholar
  52. 52.
    Rührmair, U., Sölter, J., Sehnke, F.: On the foundations of physical unclonable functions. Cryptology ePrint Archive, Report 2009/277 (2009)Google Scholar
  53. 53.
    Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., Vo, S.: A statistical test suite for random and pseudorandom number generators for cryptographic applications. Special Publication 800–22 Revision 1a, NIST (2010)Google Scholar
  54. 54.
    Sadeghi, A.R., Visconti, I., Wachsmann, C.: Enhancing RFID security and privacy by physically unclonable functions. In: A.R. Sadeghi, D. Naccache (eds.) Towards Hardware-Intrinsic Security, Information Security and Cryptography, pp. 281–305. Springer Berlin/Heidelberg, Berlin, Heidelberg (2010)Google Scholar
  55. 55.
    Schulz, S., Sadeghi, A.R., Wachsmann, C.: Short paper: Lightweight remote attestation using physical functions. In: ACM Conference on Wireless Network Security (WiSec), pp. 109–114. ACM, New York, NY, USA (2011)Google Scholar
  56. 56.
    Schulz, S., Wachsmann, C., Sadeghi, A.R.: Lightweight remote attestation using physical functions. Tech. rep., Center for Advanced Security Research Darmstadt (CASED), Germany, Mornewegstraße 32, 64293 Darmstadt, Germany (2011)Google Scholar
  57. 57.
    Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. In: ACM Symposium on Operating Systems Principles (SOSP), vol. 39, pp. 1–16. ACM, New York, NY, USA (2005)Google Scholar
  58. 58.
    Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: SoftWare-based ATTestation for embedded devices. In: IEEE Symposium on Security and Privacy (SSP), pp. 272–282. IEEE, Los Alamitos, CA, USA (2004)Google Scholar
  59. 59.
    Su, Y., Holleman, J., Otis, B.P.: A 1.6pJ/bit 96% stable chip-ID generating circuit using process variations. In: International Solid-State Circuits Conference (ISSCC), pp. 406–611. IEEE (2007)Google Scholar
  60. 60.
    Su, Y., Holleman, J., Otis, B.P.: A digital 1.6 pJ/bit chip identification circuit using process variations. IEEE Journal of Solid-State Circuits 43(1), 69–77 (2008)Google Scholar
  61. 61.
    Suh, E.G., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: ACM/IEEE Design Automation Conference (DAC), pp. 9–14. IEEE (2007)Google Scholar
  62. 62.
    Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: D. Pointcheval (ed.) Topics in Cryptology (CT-RSA), Lecture Notes in Computer Science (LNCS), vol. 3860, pp. 115–131. Springer Berlin/Heidelberg, Berlin, Heidelberg (2006)Google Scholar
  63. 63.
    Tuyls, P., Schrijen, G.J., Škorić, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-proof hardware from protective coatings. In: L. Goubin, M. Matsui (eds.) Cryptographic Hardware and Embedded Systems (CHES), Lecture Notes in Computer Science (LNCS), vol. 4249, pp. 369–383. Springer Berlin/Heidelberg, Berlin, Heidelberg (2006)Google Scholar
  64. 64.
    Tuyls, P., Škorić, B.: Secret key generation from classical physics: Physical uncloneable functions. In: S. Mukherjee, R.M. Aarts, R. Roovers, F. Widdershoven, M. Ouwerkerk (eds.) Am Iware Hardware Technology Drivers of Ambient Intelligence, Philips Research Book Series, vol. 5, pp. 421–447. Springer Netherlands, Dordrecht (2006)Google Scholar
  65. 65.
    Tuyls, P., Škorić, B., Ignatenko, T., Willems, F., Schrijen, G.J.: Entropy estimation for optical PUFs based on context-tree weighting methods. In: P. Tuyls, B. Škorić, T. Kevenaar (eds.) Security with Noisy Data, pp. 217–233. Springer London, London (2007)Google Scholar
  66. 66.
    Tuyls, P., Škorić, B., Stallinga, S., Akkermans, A.H.M., Ophey, W.: Information-theoretic security analysis of physical uncloneable functions. In: A. Patrick, M. Yung (eds.) Financial Cryptography and Data Security (FC), Lecture Notes in Computer Science (LNCS), vol. 3570, p. 578. Springer Berlin/Heidelberg, Berlin, Heidelberg (2005)Google Scholar
  67. 67.
    Verayo, Inc.: Website. http://www.verayo.com/product/products.html (2012)
  68. 68.
    Škorić, B., Maubach, S., Kevenaar, T., Tuyls, P.: Information-theoretic analysis of capacitive physical unclonable functions. Journal of Applied Physics 100(2), 024,902–024,902–11 (2006)Google Scholar
  69. 69.
    Škorić, B., Maubach, S., Kevenaar, T., Tuyls, P.: Information-theoretic analysis of coating PUFs. Cryptology ePrint Archive, Report 2006/101 (2006)Google Scholar
  70. 70.
    Škorić, B., Tuyls, P., Ophey, W.: Robust key extraction from physical uncloneable functions. In: J. Ioannidis, A. Keromytis, M. Yung (eds.) Applied Cryptography and Network Security (ACNS), Lecture Notes in Computer Science (LNCS), vol. 3531, pp. 99–135. Springer Berlin/Heidelberg, Berlin, Heidelberg (2005)Google Scholar
  71. 71.
    Willems, F.M.J.: CTW website. http://www.ele.tue.nl/ctw/
  72. 72.
    Willems, F.M.J., Shtarkov, Y.M., Tjalkens, T.J.: The context-tree weighting method: Basic properties. IEEE Transactions on Information Theory 41(3), 653–664 (1995)Google Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Ahmad-Reza Sadeghi
    • 1
  • Steffen Schulz
    • 2
  • Christian Wachsmann
    • 3
  1. 1.TU Darmstadt (CASED) and Fraunhofer SITDarmstadtGermany
  2. 2.TU Darmstadt (CASED) and Macquarie University (INSS)DarmstadtGermany
  3. 3.TU Darmstadt (CASED)DarmstadtGermany

Personalised recommendations