SRAM PUF Research Articles

Analyzing Aging Effects on SRAM PUFs: Implications for Security and Reliability

The aging effects on Static Random-Access Memory Physical Unclonable Functions (SRAM PUFs) pose significant security and reliability challenges for current hardware systems. SRAM PUFs utilize process variations in integrated circuits for secure key generation and device authentication. However, aging effects such as bias temperature instability (BTI) and hot carrier injection (HCI) may change SRAM cell characteristics and affect PUF responses. This study addresses various aging-induced variation challenges, identifies security vulnerabilities, and provides innovative approaches to risk reduction. Furthermore, this study focuses on concerns about SRAM PUF reliability. In this regard, mitigation approaches like adaptive reconfiguration, error correction codes, and multi-modal PUFs are introduced to enhance the resilience of SRAM PUFs. This study concludes by outlining future research directions and prospects for improving SRAM PUF-based security solutions by several orders of magnitude. This is carried out with various complexities related to semiconductor device aging.

Data Remanence Based Approach towards Stable Key Generation from Physically Unclonable Function Response of Embedded SRAMs using Binary Search

Today’s device authentications in IoT devices use public and private key cryptography. Nevertheless, they are still vulnerable to threats because keys or device IDs digitally stored in IoT devices can be stolen or cloned. In contrast, SRAM PUFs utilize physical variations in memory cells of embedded SRAM in microcontrollers or standalone SRAM chips. These inherent physical characteristics are unpredictable and practically impossible to duplicate. They are negligible to affect regular SRAM operation but large enough to be used for authentication purposes in SRAM PUFs operation. However, SRAM PUFs have poor stability and a relatively high bit error rate (BER). Temporal Majority Voting (TMV) and other error correction codes (ECCs) have improved SRAM PUFs performance, but they require a lot of processing time and hardware resources. The data remanence nature of SRAM cells can be utilized to select SRAM PUFs bits with much lower BER and more stable bits, but a suitable algorithm is required to find the best possible power-off time for each type of chip. This paper proposes using the data remanence method and binary search algorithm to obtain the strong SRAM PUFs characteristics of the selected SRAMs at the optimal power-off time. These SRAMs include embedded SRAMs of AtMega328P, STM32F108C, ESP8266 microcontrollers, and an off-the-shelf SRAM chip 23LC1024-I/P, which are being used in various IoT applications. The strong SRAM PUF has more stable characteristics that reduce BER to 0% and increase stability to 99.999%. This proposed method can be utilized on any IoT platform which deals with essential data and requires less resource-hungry security and authentication protocols.

BTI aging-based physical cloning attack on SRAM PUF and the countermeasure

BTI aging-based physical cloning attack on SRAM PUF and the countermeasure

Analysis of SRAM PUF integrity under ionizing radiation: Effects of stored data and technology node

Analysis of SRAM PUF integrity under ionizing radiation: Effects of stored data and technology node

Blockchain-based authentication for IIoT devices with PUF

With the continuous development of edge computing and IIoT technology, there are growing types of IIoT devices, and the number of such devices is continuously climbing. It is indispensable to authenticate devices in the IIoT environment. In this paper, we propose two blockchain-based authentication for IIoT devices with PUF. The first one relies on SRAM PUF, which is highly compatible with physical devices and has low cost. For the second one, we utilize the property of Arbiter PUF that it is difficult to physically clone but easy to be cloned mathematically to build the PUF models for authentication. We protect CRPs used for model training from leakage, and prevent PUF from being modeled twice. We formalize the security properties, and we prove that our proposal is secure. Besides, our proposal achieves scalability, which means that the entities involved in the scheme authenticate the devices instead of storing amounts of CRPs. Finally, we take SVM as an example to model PUF, and the implementation results demonstrate that the PUF model could achieve the accuracy of 99.9%. In addition, we implement smart contracts, and the implementation results confirm the availability of the protocol in the IIoT environment.

A DRV-based bit selection method for SRAM PUF key generation and its impact on ECCs

- PUFs based on the power-up values of an array of SRAM cells are a popular solution to provide secure and low-cost key generation suitable for IoT devices. However, SRAM cells do not always power up to the same value due to external factors like noise, temperature, or aging. This results in a decrease of reliability for the SRAM PUF, an issue generally solved by employing complex Error Correction Codes (ECCs). However, ECCs significantly increase the cost of the complete system. A way to alleviate this issue is the use of bit selection methods, which increase the reliability of the SRAM PUF by using only the power-up values of the most reliable cells (i.e., the SRAM cells that consistently power up to the same value). In this work, the reduction in ECC complexity through a bit selection method based on the Data Retention Voltage metric is demonstrated.

A new read–write collision-based SRAM PUF implemented on Xilinx FPGAs

A new read–write collision-based SRAM PUF implemented on Xilinx FPGAs

SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.

Multiple Observations for Secret-Key Binding with SRAM PUFs.

We present a new Multiple-Observations (MO) helper data scheme for secret-key binding to an SRAM-PUF. This MO scheme binds a single key to multiple enrollment observations of the SRAM-PUF. Performance is improved in comparison to classic schemes which generate helper data based on a single enrollment observation. The performance increase can be explained by the fact that the reliabilities of the different SRAM cells are modeled (implicitly) in the helper data. We prove that the scheme achieves secret-key capacity for any number of enrollment observations, and, therefore, it is optimal. We evaluate performance of the scheme using Monte Carlo simulations, where an off-the-shelf LDPC code is used to implement the linear error-correcting code. Another scheme that models the reliabilities of the SRAM cells is the so-called Soft-Decision (SD) helper data scheme. The SD scheme considers the one-probabilities of the SRAM cells as an input, which in practice are not observable. We present a new strategy for the SD scheme that considers the binary SRAM-PUF observations as an input instead and show that the new strategy is optimal and achieves the same reconstruction performance as the MO scheme. Finally, we present a variation on the MO helper data scheme that updates the helper data sequentially after each successful reconstruction of the key. As a result, the error-correcting performance of the scheme is improved over time.

Improving the reliability of SRAM-based PUFs under varying operation conditions and aging degradation

The utilization of power-up values in SRAM cells to generate PUF responses for chip identification is a subject of intense study. The cells used for this purpose must be stable, i.e., the cell should always power-up to the same value (either ‘0’ or ‘1’). Otherwise, they would not be suitable for the identification. Some methods have been presented that aim at increasing the reliability of SRAM PUFs by identifying the strongest cells, i.e., the cells that more consistently power-up to the same value. However, these methods present some drawbacks, in terms of either their practical realization or their actual effectiveness in selecting the strongest cells at different scenarios, such as temperature variations or when the circuits have suffered aging-related degradation. In this work, the experimental results obtained for a new method to classify the cells according to their power-up strength are presented and discussed. The method overcomes some of the drawbacks in previously reported methods. In particular, it is experimentally demonstrated that the technique presented in this work outstands in selecting SRAM cells that are very robust against circuit degradation and temperature variations, which ultimately translates into the construction of reliable SRAM-based PUFs.

Memory-Based PUFs are Vulnerable as Well: A Non-Invasive Attack Against SRAM PUFs

Memory-based physical unclonable functions (mPUFs) are widely accepted as highly secure because of the unclonable and immutable nature of manufacturer process variations. Although numerous successful attacks have been proposed against PUFs, mPUFs are resistant to non-invasive attacks as the mPUF does not support the open-access protocol. Hence, existing attacks against mPUFs mostly rely on invasive/semi-invasive techniques or at least require physical access to the target device, which is not always feasible. In this paper, we experimentally demonstrate that signatures generated from two memory chips may have highly correlated properties if they possess the same set of specifications and a similar manufacturing facility, which is used to mount a non-invasive attack against memory-based PUFs. Our proposed technique shows that if an attacker has access to a device similar to the victim's one, the attacker might be able to guess up to ~45% of the challenge-response pairs of a 64-bit SRAM PUF.

A Novel SRAM PUF Stability Improvement Method Using Ionization Irradiation

As one of the fundamental elements of the fingerprints of integrated circuit chips, static random-access memory based physical unclonable function (SRAM PUF) has been regarded as an attractive option for hardware security circuits. Commercial SRAM chips could be used as PUF chips for low cost systems. However, the mismatches existing in most commercial SRAM chips are quite small, which could result in poor stability of SRAM PUF. To address this issue, this paper proposes a novel SRAM PUF stability improvement method using total ionization dose (TID) effect for commercial SRAM chips. The principles of this new method are presented in detail and verified by simulations. Thereafter, the TID experiments are carried out on one kind of commercial SRAM chips and validate that this novel method could reduce the intra-chip hamming distance (??_?????) by two orders of magnitude within the ionizing dose range of 40–100 Krad (SiO2), which is a significant stability improvement. Furthermore, considering the trade-offs of other performance factors, 40 Krad (SiO2) has been regarded as the recommended ionizing dose, which not only makes the stability and uniformity of SRAM PUF attain almost ideal values but also keeps the radiation-induced damage within a limited level.

Chip-to-Chip Authentication Method Based on SRAM PUF and Public Key Cryptography

In today’s globalized integrated circuit (IC) ecosystem, untrusted foundries are often procured to build critical systems since they offer state-of-the-art silicon with the best performance available. On the other hand, ICs that originate from trusted fabrication cannot match the same performance level since trusted fabrication is often available on legacy nodes. Split-Chip is a dual-IC approach that leverages the performance of an untrusted IC and combines it with the guaranties of a trusted IC. In this paper, we provide a framework for chip-to-chip authentication that can further improve a Split-Chip system by protecting it from attacks that are unique to Split-Chip. A hardware implementation that utilizes an SRAM-based PUF as an identifier and public key cryptography for handshake is discussed. Circuit characteristics are provided, where the trusted IC is designed in a 28-nm CMOS technology and the untrusted IC is designed in an also commercial 16-nm CMOS technology. Most importantly, our solution does not require a processor for performing any of the handshake or cryptography tasks, thus being not susceptible to software vulnerabilities and exploits.

Attacking SRAM PUFs using very-low-temperature data remanence

In this work, we extend our previous manuscript regarding a systematic study of data remanence effects on an intrinsic Static Random Access Memory Physical Unclonable Function (SRAM PUF) implemented on a Commercial Off-The-Shelf (COTS) device in the temperature range between −110∘C and −40∘C. As the experimental results of our previous work show, an attack against intrinsic SRAM PUFs, which takes advantage of data remanence effects exhibited due to low temperatures, is possible, resulting in the attacker being able to know the PUF response, with high probability. As demonstrated in our previous work, this attack is highly resistant to memory erasure techniques and can be used to manipulate the cryptographic keys produced by the SRAM PUF. In this work, we examine and discuss potential countermeasures against this attack in more detail, and investigate whether this attack can be performed using an experimental setup that does not guarantee a high degree of thermal isolation. Additionally, we also examine and discuss whether very low temperatures can be used to perform another relevant type of attack against SRAM PUFs, based on whether very low temperature can prevent the SRAM from being overwritten. Finally, we also discuss related works and the generalisation of our results in more detail.

A novel computational model for SRAM PUF min-entropy estimation

Min-entropy is the standard for quantisation of uncertainty of security key source under the worst case. It indicates the upper bound of length of security key that is able to be extracted from its source. The openly published min-entropy estimation methods are all based on experimental data or statistical tests to obtain the underlying probability distribution of the security key source, where huge number of samples are required and therefore are not feasible from engineering perspective. Aimed at computational complexity optimisation, this paper proposes a novel model for SRAM PUF min-entropy estimation based on the generic coupling relationship between entropy and average energy consumption of the SRAM cell. The model mainly investigates the way of min-entropy evaluation derived from the average energy consumption of memory cell during power-up stage via simulation. We apply the model to estimate the min-entropy of IS62WV51216BLL SRAM chip. The experimental results demonstrated that the accuracy of the proposed min-entropy estimation model is in parallel with that of conventional methods while its computational efficiency surpasses them to a large extent.

A novel computational model for SRAM PUF min-entropy estimation

Min-entropy is the standard for quantisation of uncertainty of security key source under the worst case. It indicates the upper bound of length of security key that is able to be extracted from its source. The openly published min-entropy estimation methods are all based on experimental data or statistical tests to obtain the underlying probability distribution of the security key source, where huge number of samples are required and therefore are not feasible from engineering perspective. Aimed at computational complexity optimisation, this paper proposes a novel model for SRAM PUF min-entropy estimation based on the generic coupling relationship between entropy and average energy consumption of the SRAM cell. The model mainly investigates the way of min-entropy evaluation derived from the average energy consumption of memory cell during power-up stage via simulation. We apply the model to estimate the min-entropy of IS62WV51216BLL SRAM chip. The experimental results demonstrated that the accuracy of the proposed min-entropy estimation model is in parallel with that of conventional methods while its computational efficiency surpasses them to a large extent.

Power-up control techniques for reliable SRAM PUF

Power-up control techniques for reliable SRAM PUF

A Novel Security Key Generation Method for SRAM PUF Based on Fourier Analysis

Most of the current security key generation schemes for static random access memory physical unclonable function (SRAM PUF) are based on a fuzzy extractor. However, it is difficult to deploy the fuzzy extractor in resource-constrained systems since the implementation of error correcting codes is complicated and requires huge processing resources. To this end, we propose a novel security key generation method for SRAM PUF based on a Fourier analysis. The SRAM PUF Boolean function is introduced to describe the power-up behavior of an SRAM device, which is followed by its Fourier spectrums. By exploring spectrums of the SRAM device, it is observed that the sign-bits of Fourier coefficients at certain generalized frequency points are randomly distributed and noise resistant. As such, the generalized frequency points as well as the sign-bits are suggested for security key generation in conjunction with a sign-bit encoding algorithm. The proposed method is well compared with the conventional fuzzy extractor. It is highlighted that error correcting code will not be involved in the whole lifecycle. Consequently, the method is suitable for the resource-constrained system applications. The proposed method is performed through couple of real measurements on two different platforms. The experimental results show that 8-kB SRAM cells have sufficient entropy for 128-bit security key generation.

Hardware-Anchored Security Based on SRAM PUFs, Part 2

Physical unclonable functions based on static RAM can help provide new approaches to such applications as secure key storage, secure boot for flash-memory-based embedded devices without on-chip nonvolatile memory, hardware-software binding, and generating true random numbers. Part 1 is available at http://doi.ieeecomputersociety.org/10.1109/MSP.2012.68.