Reliable and efficient PUF-based key generation using pattern matching
We describe a novel and efficient method to reliably provision and re-generate a finite and exact sequence of bits, for use with cryptographic applications, e.g., as a key, by employing one or more challengeable Physical Unclonable Function (PUF) circuit elements. Our method reverses the conventiona...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Article |
Language: | en_US |
Published: |
Institute of Electrical and Electronics Engineers (IEEE)
2012
|
Online Access: | http://hdl.handle.net/1721.1/72359 https://orcid.org/0000-0001-8253-7714 |
_version_ | 1811085702444613632 |
---|---|
author | Paral, Zdenek (Sid) Devadas, Srinivas |
author2 | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science |
author_facet | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Paral, Zdenek (Sid) Devadas, Srinivas |
author_sort | Paral, Zdenek (Sid) |
collection | MIT |
description | We describe a novel and efficient method to reliably provision and re-generate a finite and exact sequence of bits, for use with cryptographic applications, e.g., as a key, by employing one or more challengeable Physical Unclonable Function (PUF) circuit elements. Our method reverses the conventional paradigm of using public challenges to generate secret PUF responses; it exposes response patterns and keeps secret the particular challenges that generate response patterns. The key is assembled from a series of small (initially chosen or random), secret integers, each being an index into a string of bits produced by the PUF circuit(s); a PUF unique pattern at each respective index is then persistently stored between provisioning and all subsequent key re-generations. To obtain the secret integers again, a newly repeated PUF output string is searched for highest-probability matches with the stored patterns. This means that complex error correction logic such as BCH decoders are not required. The method reveals only relatively short PUF output data in public store, thwarting opportunities for modeling attacks. We provide experimental results using data obtained from PUF ASICs, which show that keys can be efficiently and reliably generated using our scheme under extreme environmental variation. |
first_indexed | 2024-09-23T13:14:13Z |
format | Article |
id | mit-1721.1/72359 |
institution | Massachusetts Institute of Technology |
language | en_US |
last_indexed | 2024-09-23T13:14:13Z |
publishDate | 2012 |
publisher | Institute of Electrical and Electronics Engineers (IEEE) |
record_format | dspace |
spelling | mit-1721.1/723592022-10-01T13:53:27Z Reliable and efficient PUF-based key generation using pattern matching Paral, Zdenek (Sid) Devadas, Srinivas Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Devadas, Srinivas Devadas, Srinivas We describe a novel and efficient method to reliably provision and re-generate a finite and exact sequence of bits, for use with cryptographic applications, e.g., as a key, by employing one or more challengeable Physical Unclonable Function (PUF) circuit elements. Our method reverses the conventional paradigm of using public challenges to generate secret PUF responses; it exposes response patterns and keeps secret the particular challenges that generate response patterns. The key is assembled from a series of small (initially chosen or random), secret integers, each being an index into a string of bits produced by the PUF circuit(s); a PUF unique pattern at each respective index is then persistently stored between provisioning and all subsequent key re-generations. To obtain the secret integers again, a newly repeated PUF output string is searched for highest-probability matches with the stored patterns. This means that complex error correction logic such as BCH decoders are not required. The method reveals only relatively short PUF output data in public store, thwarting opportunities for modeling attacks. We provide experimental results using data obtained from PUF ASICs, which show that keys can be efficiently and reliably generated using our scheme under extreme environmental variation. 2012-08-28T12:46:42Z 2012-08-28T12:46:42Z 2011-07 2011-06 Article http://purl.org/eprint/type/ConferencePaper 978-1-4577-1059-9 http://hdl.handle.net/1721.1/72359 (Sid) Paral, Zdenek, and Srinivas Devadas. “Reliable and Efficient PUF-based Key Generation Using Pattern Matching.” 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST). 128–133. https://orcid.org/0000-0001-8253-7714 en_US http://dx.doi.org/10.1109/HST.2011.5955010 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) Creative Commons Attribution-Noncommercial-Share Alike 3.0 http://creativecommons.org/licenses/by-nc-sa/3.0/ application/pdf Institute of Electrical and Electronics Engineers (IEEE) MIT web domain |
spellingShingle | Paral, Zdenek (Sid) Devadas, Srinivas Reliable and efficient PUF-based key generation using pattern matching |
title | Reliable and efficient PUF-based key generation using pattern matching |
title_full | Reliable and efficient PUF-based key generation using pattern matching |
title_fullStr | Reliable and efficient PUF-based key generation using pattern matching |
title_full_unstemmed | Reliable and efficient PUF-based key generation using pattern matching |
title_short | Reliable and efficient PUF-based key generation using pattern matching |
title_sort | reliable and efficient puf based key generation using pattern matching |
url | http://hdl.handle.net/1721.1/72359 https://orcid.org/0000-0001-8253-7714 |
work_keys_str_mv | AT paralzdeneksid reliableandefficientpufbasedkeygenerationusingpatternmatching AT devadassrinivas reliableandefficientpufbasedkeygenerationusingpatternmatching |