ABSTRACT
Secret key generation with Physical Unclonable Functions (PUFs) is an alternative to conventional secure key storage with non-volatile memory.
In a PUF, secret bits are generated by evaluating the internal state of a physical source. Typically, error correction is applied in two stages to remove the instability in the measurement that is caused by environmental influences.
We present a new syndrome coding scheme, called Differential Sequence Coding (DSC), for the first error correction stage. DSC applies a fixed reliability criterion and searches the PUF output sequence sequentially until a number of suitable PUF outputs is found. This permits to guarantee the reliability of the indexed PUF outputs. Our analysis demonstrates that DSC is information theoretically secure and highly efficient.
To the best of our knowledge, we are the first to propose a convolutional code with Viterbi decoder as second stage error correction for PUFs. We adapt an existing bounding technique for the output bit error probability to our scenario to make reliability statements without the need of laborious simulations.
Aiming for a low implementation overhead in hardware, a serialized low complexity FPGA implementation of DSC and the Viterbi decoder is used in this work.
For a reference SRAM PUF scenario, PUF size is reduced by 20% and the helper data size decreases by over 40% compared to the best referenced FPGA implementations in each class with a minor increase in the number of slices.
- D. E. Holcomb, W. P. Burleson, and K. Fu, "Power-up SRAM state as an identifying fingerprint and source of true random numbers," IEEE Transactions on Computers, vol. 58, no. 9, pp. 1198--1210, 2009. Google ScholarDigital Library
- J. Petit, C. Bosch, M. Feiri, and F. Kargl, "On the potential of PUF for pseudonym generation in vehicular networks," in IEEE Vehicular Networking Conference (VNC), 2012, pp. 94--100.Google Scholar
- K. Kursawe, A.-R. Sadeghi, D. Schellekens, B. Skoric, and P. Tuyls, "Reconfigurable physical unclonable functions - enabling technology for tamper-resistant storage," in IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2009, pp. 22--29. Google ScholarDigital Library
- J. Guajardo, S. S. Kumar, G. J. Schrijen, and P. Tuyls, "FPGA intrinsic PUFs and their use for IP protection," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, P. Paillier and I. Verbauwhede, Eds., vol. 4727. Springer, Heidelberg, 2007, pp. 63--80. Google ScholarDigital Library
- R. Nithyanand and J. Solis, "A theoretical analysis: Physical unclonable functions and the software protection problem," in International Workshop on Trustworthy Embedded Devices (TrustED), 2012, pp. 1--11. Google ScholarDigital Library
- V. van der Leest and P. Tuyls, "Anti-counterfeiting with hardware intrinsic security," in Design, Automation & Test in Europe Conference & Exhibition (DATE), 2013, pp. 1137--1142. Google ScholarDigital Library
- T. Esbach, W. Fumy, O. Kulikovska, D. Merli, D. Schuster, and F. Stumpf, "A new security architecture for smartcards utilizing PUFs," in Information Security Solutions Europe (ISSE), 2012.Google Scholar
- M. Majzoobi, F. Koushanfar, and M. Potkonjak, "Techniques for design and implementation of secure reconfigurable PUFs," ACM Transactions on Reconfigurable Technology Systems (TRETS), vol. 2, no. 1, pp. 1--33, 2009. Google ScholarDigital Library
- R. Maes and I. Verbauwhede, Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions. Springer, Heidelberg, 2010, pp. 3--37.Google ScholarCross Ref
- U. Ruhrmair, S. Devadas, and F. Koushanfar, Security based on physical unclonability and disorder. Springer, New York Inc., 2011.Google Scholar
- R. Maes, "Physically unclonable functions: Constructions, properties and applications," Dissertation, Katholieke Universiteit Leuven, 2012.Google Scholar
- Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," in Advances in Cryptology (EUROCRYPT), ser. LNCS, C. Cachin and J. L. Camenisch, Eds., vol. 3027. Springer, Heidelberg, 2004, pp. 523--540.Google Scholar
- M.-D. Yu and S. Devadas, "Secure and robust error correction for physical unclonable functions," IEEE Design & Test of Computers, vol. 27, no. 1, pp. 48--65, 2010. Google ScholarDigital Library
- M. Bossert, Channel Coding for Telecommunications. New York: John Wiley & Sons, 1999. Google ScholarDigital Library
- C. Bosch, J. Guajardo, A.-R. Sadeghi, J. Shokrollahi, and P. Tuyls, "Efficient helper data key extractor on FPGAs," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, E. Oswald and P. Rohatgi, Eds., vol. 5154. Springer, Heidelberg, 2008, pp. 181--197. Google ScholarDigital Library
- R. Maes, P. Tuyls, and I. Verbauwhede, "A soft decision helper data algorithm for SRAM PUFs," in IEEE International Symposium on Information Theory (ISIT), 2009, pp. 2101--2105. Google ScholarDigital Library
- --, "Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), C. Clavier and K. Gaj, Eds. Springer, Heidelberg, 2009, pp. 332--347. Google ScholarDigital Library
- M. Hiller, D. Merli, F. Stumpf, and G. Sigl, "Complementary IBS: Application specific error correction for PUFs," in IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2012, pp. 1--6.Google Scholar
- R. Maes, A. Van Herrewege, and I. Verbauwhede, "PUFKY: A fully functional PUF-based cryptographic key generator," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, E. Prouff and P. Schaumont, Eds., vol. 7428. Springer, Heidelberg, 2012, pp. 302--319. Google ScholarDigital Library
- V. van der Leest, B. Preneel, and E. van der Sluis, "Soft decision error correction for compact memory-based PUFs using a single enrollment," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, E. Prouff and P. Schaumont, Eds., vol. 7428. Springer, Heidelberg, 2012, pp. 268--282. Google ScholarDigital Library
- M.-D. Yu, R. Sowell, A. Singh, D. M'Raihi, and S. Devadas, "Performance metrics and empirical results of a PUF cryptographic key generation ASIC," in IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2012, pp. 108--115.Google Scholar
- D. J. Costello Jr. and G. D. Forney Jr., "Channel coding: The road to channel capacity," Proceedings of the IEEE, vol. 95, pp. 1150--1177, 2007.Google ScholarCross Ref
- A. J. Viterbi, "Error bounds for convolutional codes and an asymptotically optimum decoding algorithm," IEEE Transactions on Information Theory, vol. 13, no. 2, pp. 260--269, 1967. Google ScholarDigital Library
- A. Juels and M. Wattenberg, "A fuzzy commitment scheme," in ACM Conference on Computer and Communications Security (CCS). ACM, 1999, pp. 28--36. Google ScholarDigital Library
- G. E. Suh, "AEGIS : A single-chip secure processor," Dissertation, Massachusetts Institute of Technology, 2005. Google ScholarDigital Library
- C. Bosch, "Efficient fuzzy extractors for reconfigurable hardware,"Master's Thesis, Ruhr-University Bochum, 2008.Google Scholar
- G. Schnabl and M. Bossert, "Soft-decision decoding of Reed--Muller codes as generalized multiple concatenated codes," IEEE Transactions on Information Theory., vol. 41, no. 1, pp. 304--308, 1995. Google ScholarDigital Library
- A. Van Herrewege and I. Verbauwhede, "Tiny application-specific programmable processor for BCH decoding," in IEEE International Symposium on System on Chip (SoC), 2012, pp. 1--4.Google Scholar
- M.-D. Yu, D. M'Raihi, S. Devadas, and I. Verbauwhede, "Security and reliability properties of syndrome coding techniques used in puf key generation," in GOMACTech Conference, 2013, pp. 1--4.Google Scholar
- M. Majzoobi, M. Rostami, F. Koushanfar, D. S. Wallach, and S. Devadas, "Slender PUF protocol: A lightweight, robust, and secure authentication by substring matching," in International Workshop on Trustworthy Embedded Devices (TrustED), 2012, pp. 33--44. Google ScholarDigital Library
- A. van Herrewege, S. Katzenbeisser, R. Maes, R. Peeters, A.-R. Sadeghi, I. Verbauwhede, and C. Wachsmann, "Reverse fuzzy extractors: Enabling lightweight mutual authentication for PUF-enabled RFIDs," in Financial Cryptography and Data Security (FC), ser. LNCS, A. D. Keromytis, Ed., vol. 7397. Springer, Heidelberg, 2012, pp. 374--389.Google Scholar
- T. M. Cover and J. A. Thomas, Elements of Information Theory, 2nd ed. John Wiley & Sons, 2006. Google ScholarDigital Library
- A. Bogdanov, L. R. Knudsen, G. Leander, C. Paar, A. Poschmann, M. J. B. Robshaw, Y. Seurin, and C. Vikkelsoe, "PRESENT: An ultra-lightweight block cipher," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, P. Paillier and I. Verbauwhede, Eds., vol. 4727. Springer, Heidelberg, 2007, pp. 450--466. Google ScholarDigital Library
- F. Armknecht, R. Maes, A.-R. Sadeghi, B. Sunar, and P. Tuyls, \Memory leakage-resilient encryption based on physically unclonable functions," in Advances in Cryptology (ASIACRYPT), ser. LNCS, M. Matsui, Ed., vol. 5912. Springer Berlin Heidelberg, 2009, pp. 685--702. Google ScholarDigital Library
- M. Hiller, G. Sigl, and M. Pehl, "A new model for estimating bit error probabilities of ring-oscillator PUFs," in International Workshop on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC). IEEE, 2013.Google Scholar
- M. Hofer and C. Boehm, "An alternative to error correction for SRAM-like PUFs," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, S. Mangard and F.-X. Standaert, Eds., vol. 6225. Springer, Heidelberg, 2010, pp. 335--350. Google ScholarDigital Library
- D. Holcomb, A. Rahmati, M. Salajegheh, W. P. Burleson, and K. Fu, "DRV-fingerprinting: Using data retention voltage of SRAM cells for chip identification," in Workshop on RFID Security and Privacy (RFIDSec), 2012. Google ScholarDigital Library
- G. E. Suh and S. Devadas, "Physical unclonable functions for device authentication and secret key generation," in ACM/IEEE Design Automation Conference (DAC), 2007, pp. 9--14. Google ScholarDigital Library
- R. Maes, "An accurate probabilistic reliability model for silicon PUFs," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, G. Bertoni and J.-S. Coron, Eds. Springer, Heidelberg, 2013, pp. 73--89. Google ScholarDigital Library
- M. Hiller, "Optimized fuzzy extractor for PUFs on FPGAs," Diplomarbeit, Ulm University, 2011.Google Scholar
- S. Katzenbeisser, U. Kocabas, V. Rozic, A.-R. Sadeghi, I. Verbauwhede, and C. Wachsmann, "PUFs: Myth, fact or busted? a security evaluation of physically unclonable functions (PUFs) cast in silicon," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, E. Prou and P. Schaumont, Eds., vol. 7428. Springer, Heidelberg, 2012, pp. 283--301. Google ScholarDigital Library
- D. Merli, D. Schuster, F. Stumpf, and G. Sigl,"Side-channel analysis of PUFs and fuzzy extractors,"in International Conference on Trust and Trustworthy Computing (TRUST), ser. LNCS, J. M. McCune, B. Balache, A. Perrig, A.-R. Sadeghi, A. Sasse, and Y. Beres, Eds., vol. 6740. Springer, 2011, pp. 33--47. Google ScholarDigital Library
- X. Boyen, Y. Dodis, J. Katz, R. Ostrovsky, and A. Smith, "Secure remote authentication using biometric data," in Advances in Cryptology (EUROCRYPT), ser. LNCS, R. Cramer, Ed., vol. 3494. Springer, Heidelberg, 2005, pp. 147--163. Google ScholarDigital Library
- R. Cramer, Y. Dodis, S. Fehr, C. Padro, and D. Wichs, "Detection of algebraic manipulation with applications to robust secret sharing and fuzzy extractors," in Advances in Cryptology (EUROCRYPT), ser. LNCS, N. Smart, Ed., vol. 4965. Springer, Heidelberg, 2008, pp. 471--488. Google ScholarDigital Library
- J. Conan, "The weight spectra of some short low-rate convolutional codes," IEEE Transactions on Communications, vol. 32, no. 9, pp. 1050--1053, 1984.Google ScholarCross Ref
- A. Chang, O. Salehi-Abari, and S. S. Woo, "Viterbi decoder," Project Report, Massachusetts Institute of Technology, 2011.Google Scholar
- A. Bogdanov, M. Knezevic, G. Leander, D. Toz, K. Varici, and I. Verbauwhede, "SPONGENT: A lightweight hash function," in Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, B. Preneel and T. Takagi, Eds., vol. 6917. Springer, Heidelberg, 2011, pp. 312--325. Google ScholarDigital Library
Index Terms
- Breaking through fixed PUF block limitations with differential sequence coding and convolutional codes
Recommendations
Convolutional codes in two-way relay networks with physical-layer network codling
We study the application of convolutional codes to two-way relay networks (TWRNs) with physical-layer network coding (PNC). When a relay node decodes coded signals transmitted by two source nodes simultaneously, we show that the Viterbi algorithm (VA) ...
On the application of BP decoding to convolutional and turbo codes
Asilomar'09: Proceedings of the 43rd Asilomar conference on Signals, systems and computersWe investigate a new approach to decode convolutional and turbo codes by means of the belief propagation (BP) decoder used for low-density parity-check (LDPC) codes. In addition, we introduce a general representation scheme for convolutional codes ...
Iterative joint channel decoding of correlated sources employing serially concatenated convolutional codes
This correspondence looks at the problem of joint decoding of serially concatenated convolutional codes (SCCCs) used for channel coding of multiple correlated sources. We assume a simple model whereby two correlated sources transmit SCCC encoded data to ...
Comments