A Silicon PUF Based Entropy Pump

Abstract

The security level of many cryptographic protocols and secure systems is determined by the strength of the cryptographic keys, which can be measured by entropy. Finding an entropy source that can generate secure keys with high entropy is a very challenging problem and it is normally associated with high cost. Instead of looking for a low-cost entropy source, we study in this article how to improve the entropy generated by a low-entropy source. Unlike the existing approaches based on hash function or cryptographic protocols, our solution leverages the intrinsic randomness in physical properties such as silicon physical unclonable functions (PUFs). Silicon PUF is a piece of circuitry that can capture certain intrinsic on-chip variations that were introduced during the chip fabrication process. It is generally believed that such variations are random and unpredictable. In this article, we demonstrate that the silicon PUF can be used as an effective entropy pump to boost low-entropy keys. Our approach is based on a recently developed highly flexible ring oscillator (RO) PUF. When we use the low-entropy key to configure the RO PUF, we find that the corresponding PUF response exhibits higher entropy, which means that the key's entropy has been improved. We implement our design on Nexys 4 Artix-7 FPGA board and demonstrate that the configurable PUF structure can successfully enhance the entropy of input keys. Compared to the other entropy enhancement methods, our PUF based entropy pump has the lowest hardware cost. Moreover, we apply this in a password enhancement application to provide robust high entropy passwords that can resist attacks such as the pre-compute attack.