Physically Unclonable Function

In practical cryptography, a PUF or Physical Unclonable Function is a function that is embodied in a physical structure, that is easy to evaluate but hard to characterize.

The physical structure that contains the PUF consists of many random components. These random components are introduced during the manufacturing process and cannot be controlled.

A PUF is useful in challenge-response authentication.When a physical stimulus is applied to the structure, it reacts in an unpredictable way due to the presence of these random components. The applied stimulus is called the challenge, and the reaction of the PUF is called the response. A specific challenge and its corresponding response together form a challenge-response-pair or CRP.

PUFs inherit their unclonability property from the fact that every PUF has a unique and unpredictable way of mapping challenges to responses. Two PUFs that were manufactured with the same process will still possess a unique challenge-response behavior. The unclonability property moreover states that it should be very hard to construct a PUF with the same challenge-response behavior as a given PUF. Physical unclonability is very hard because exact control over the manufacturing process, such that all parameters of the physical structure can be exactly defined, is very hard. Mathematical unclonability means that it should be very hard to compute an unknown response given the exact parameters or other CRPs from the PUF. This is because a response is created as a very complex interaction of the challenge with the random components. Modelling this interaction, even if the random values are known, should take a lot of computational effort. The combination of physical and mathematical unclonability renders a PUF truly unclonable.

Different sources of physical randomness can be used in PUFs. A distinction is made between PUFs wherein physical randomness is explicitly introduced and PUFs that use randomness that is intrinsically present in a physical system. Some examples are given below.

=Types of PUFs=

PUFs using explicitly introduced randomness

Optical PUF

An optical PUF [ [http://alumni.media.mit.edu/~pappu/pdfs/Pappu-PhD-POWF-2001.pdf Physical One-Way Functions ] ] [R. Pappu, B. Recht, J. Taylor, and N. Gershenfeld. Physical One-Way functions. Science, 297(5589):2026-2030, Sep 2002. http://dx.doi.org/10.1126/science.1074376.] consists of a transparent material that is doped with light scattering particles. When a laser beam shines on the material, a random and unique speckle pattern will arise. The placement of the light scattering particles is an uncontrolled process and the interaction between the laser and the particles is very complex. Therefore, it is very hard to duplicate the optical PUF such that the same speckle pattern will arise. We say the optical PUF is practically unclonable.

Coating PUF

A coating PUF [B. Skoric, S. Maubach, T. Kevenaar, and P. Tuyls. Information-theoretic analysis of capacitive physical unclonable functions. J. Appl. Phys., 100(2):024902, Jul 2006. http://dx.doi.org/10.1063/1.2209532] [B. Skoric, G.-J. Schrijen, W. Ophey, R. Wolters, N. Verhaegh, and J. van Geloven. Experimental hardware for coating PUFs and optical PUFs. In P. Tuyls, B. Skoric, and T. Kevenaar, editors, Security with Noisy Data - On Private Biometrics, Secure Key Storage and Anti-Counterfeiting, pages 255-268. Springer London, 2008. http://dx.doi.org/10.1007/978-1-84628-984-2_15] [Pim Tuyls, Geert-Jan Schrijen, Boris Skoric, Jan van Geloven, Nynke Verhaegh and Rob Wolters: "Read-proof hardware from protective coatings", CHES 2006, p 369- 383.] can be built in the top layer of an IC. Above a normal IC, a network of metal wires is laid out in a comb shape. The space between and above the comb structure is filled with an opaque material and randomly doped with dielectric particles. Because of the random placement, size and dielectric strength of the particles, the capacitance between each couple of metal wires will be random up to a certain extent. This unique randomness can be used to obtain a unique identifier for the device carrying the Coating PUF. Moreover, the placement of this opaque PUF in the top layer of an IC protects the underlying circuits from being inspected by an attacker, e.g. for reverse-engineering. When an attacker tries to remove (a part of) the coating, the capacitance between the wires is bound to change and the original unique identifier will be destroyed. In [Pim Tuyls, Lejla BatinaRFID-Tags for Anti-counterfeiting. CT-RSA, 2006, pp:115-131] it was shown how an unclonable RFID Tag is be built with Coating PUFs.

PUFs using intrinsic randomness

ilicon PUF

A silicon PUF exploits the random variations in delays of wires and gates. Given an input challenge, a race conditionis set up in the circuit, and two transitions that propagate along different paths are compared to see which comes first. An arbiter, typically implemented as a latch, produces a 1 or a 0 depending on which transition comes first. Many circuits realizations are possible and at least two have been fabricated. When a circuit with the same layout mask is fabricated on different chips, the logic function implemented by the circuit is different for each chip due to the random variations of delays.

A PUF based on a delay loop, i.e., a ring oscillator with logic, is described in [B. Gassend, D. Clarke, M. van Dijk and S. Devadas. Silicon Physical Random Functions. Proceedings of the Computer and Communications Security Conference, November 2002] . A multiplexor-based PUF is described in [D. Lim, J-W. Lee, B. Gassend, M. van Dijk, E. Suh, and S. Devadas. Extracting Secret Keys from Integrated Circuits, IEEE Transactions on VLSI Systems, volume 13, Number 10, pages 1200-1205, October 2005] . A secure processor design using a PUF is described in [G. E. Suh, C. W. O'Donnell, and S. Devadas. Aegis: A Single-Chip secure processor. IEEE Design and Test of Computers, 24(6):570-580, Nov 2007. http://dx.doi.org/10.1109/MDT.2007.179] . A multiplexor-based PUF with an RF interface for use in RFID anti-counterfeiting applications is described in [S. Devadas, V. Khandelwal, S. Paral, R. Sowell, E. Suh, T. Ziola, Design and Implementation of `Unclonable' RFID ICs for Anti-Counterfeiting and Security Applications, RFID World 2008, March 2008] .

RAM PUF

A Physically Unclonable Function is a function that relies on variations which inadvertently exist for the material used for hardware. They produce - given an input - an output that will be different from other instances of said hardware, thus providing a countermeasure against creation of exact clones for a specific product. They are present in all ICs having SRAM memory on board. Their behavior and application for anti-counterfeiting purposes were investigated in detail in [ Jorge Guajardo, Sandeep S. Kumar, Geert-Jan Schrijen, Pim Tuyls, “FPGA Intrinsic PUFs and Their Use for IP Protection”, Workshop on Cryptographic Hardware and Embedded Systems (CHES), Sep 10-13, 2007, Vienne, Austria] and in [Jorge Guajardo, Sandeep S. Kumar, Geert-Jan Schrijen, Pim Tuyls, “Physical Unclonable Functions and Public-Key Crypto for FPGA IP Protection”, International Conference on Field Programmable Logic and Applications (FPL), Aug 27-29, 2007, Amsterdam, The Netherlands.] On top of this they permit the implementation of secure secret key storage without storing the key in digital form.

An example would be an RFID tag, which can easily be cloned. When equipped with a PUF however, creating a clone in a reasonable timeframe can be next to impossible. [L. Bolotnyy and G. Robins. Physically unclonable Function-Based security and privacy in RFID systems. In 5th IEEE Int. Conf. on Pervasive Computing and Communications (PERCOM), pages 211-220, Washington, DC, USA, 2007. IEEE Computer Society. http://dx.doi.org/10.1109/PERCOM.2007.26]

Butterfly PUF

Recently a new PUF was introduced [S. Kumar, J. Guajardo, R. Maes, G.J. Schrijen qnd P. Tuyls, The Buttefly PUF: Protecting IP on every FPGA, In IEEE International Workshop on Hardware Oriented Security and Trust, Anaheim 2008.] : the Butterfly PUF. The Butterfly PUF is based on cross-coupling of two latches or flip-flops. The mechanism behing this PUF is similar to the one behind the SRAM PUF but has the advantage that it can be implemented on any SRAM FPGA.

References

* http://people.csail.mit.edu/rudolph/Teaching/Lectures/Security/Lecture-Security-PUFs-2.pdf
*
* [http://tshb.livejournal.com/2989.html "Ultra-low-cost true randomness AND physical fingerprinting"]