On the problems of realizing reliable and efficient ring oscillator PUFs on FPGAs

Abstract

Physical Unclonable Functions (PUFs) are a promising way to securely generate and store keys by using the inherent process variations of each chip as a source of randomness. One of the most promising PUFs for FPGAs is the Ring-Oscillator (RO) PUF. In this paper we take a closer look at RO PUFs and their open challenges. Starting from a reference design for a Spartan-6 FPGA based on PUFKY, we show how the RO design can be optimized by taking full advantage of the available resources, reducing the RO area by nearly 50%. Furthermore, we analyze the observed structural bias of the RO PUFs and show how the entropy of the RO PUF can be improved by taking the FPGA structure into account when extracting the PUF response bits. However, we also point out a very important problem of FPGA based RO PUFs that has not gained the needed attention: counter failures. We show that the frequency counter is a very crucial element in RO PUF design that itself is very susceptible to process variations. While the counters might work properly on most devices, in some they fail to count correctly. For example, in one experiment only one out of 22 FPGAs failed to count correctly. Our results therefore show that the correct functioning of the frequency counter is not only design-dependent, but also depends highly on process variations, i.e., on the individual FPGA. We argue that solving this issue is non-trivial, since the internal details of the FPGA are secret and hence circuit-level simulations of an FPGA design are not possible. However, the large security implications of such failures make it inevitable that this problem is solved before RO PUFs on FPGAs can be used in practice.