Addressing the security concerns of IoT : physical unclonable functions with improved reconfigurability, reliability and machine learning attack resistance

Internet of Things (IoT) is becoming a massive phenomenon in the industry with expectations of trillions of devices being connected by 2025. With this exponential growth, security requirements for privacy and data protection have burgeoned as well. Furthermore due to energy constraints, there is a need for low-power security constructs like Physical Unclonable Functions (PUF), as opposed to conventional Non-Volatile-Memory (NVM) for key storage. One key disadvantage of using NVM for key storage is that it holds the key even when powered off, making it very susceptible to invasive attacks. In contrast a PUF generates the key on-the-fly only when powered up, and the addition of other defense circuits while powered on mitigate or even prevent attacks such as side-channel-attacks (SCA) on the PUF. As a result a PUF is a cost-effective and light-weight security component that can be seamlessly integrated with the core processing circuits. A PUF derives secret keys from manufacturing variability for example threshold voltage mismatches in a transistor array. Another emerging trend is edge computing where low power processors refine the data before transmission at the sensor node or “edge” of the network, as opposed to the earlier concept of cloud computing which is more energy and bandwidth intensive. One of the most appealing forms of edge computing is machine learning (ML), for example to understand the content of the image and wirelessly transmit just the semantic information. Traditionally, ML has been explored in the context of PUF for creating a model of the PUF based on CRP collected. In this thesis, we look at several other interactions between ML and PUF such as using concepts from ML to fortify PUF and re-configuring ML hardware constructs for PUF. The first part of this work introduces a PUF based on a concept from machine learning – recurrent neural networks. The need for such a design arises because existing strong PUFs such as Arbiter-PUF (APUF) and its compositions are susceptible to machine learning (ML) attacks due to a linear relationship between the challenge and its response. Furthermore, such an architecture can be used as a Recurrent Neural Network (RNN) by adding digital logic with minimal overhead. Thus we present a Recurrence-based PUF (Rec-PUF) which uses feedback and XOR function together to significantly improve ML-attack resistance, without significant reduction in reliability. As proof of the claim, we apply recurrence on an analog PUF using current mirror array validated on ASIC libraries, referred to as Rec-CMAPUF. At the other end, we also design and evaluate a digital PUF fortified with recurrence, called Rec-DAPUF, based on double arbiter logic and prototyped on FPGAs. Our result shows that ML resistance of Rec-CMAPUF is within 62% with 138,000 CRPs, with reliability of 95%. Likewise, ML resistance of Rec-DAPUF is around 64%, with average reliability of 95.9%. The merit of recurrence wrt. ML attacks can be understood by the fact that without recurrence the CMAPUF/DAPUF can be modeled with 99%/80% accuracy, thus showing the efficacy and also applicability of the technique for various PUFs and platforms. In addition recurrence is suitably traded to ensure acceptable power consumption of 12.3uW with energy/bit of ~ 0.16 pJ for Rec-CMAPUF, estimated through SPICE simulations, while an 165.4 pJ/bit consumption for Rec- DAPUF, based on FPGA results. The second PUF is designed by reconfiguring a resistive memory crossbar array that is used for accelerating vector matrix multiplication (VMM) used in deep neural networks (DNN). Different from other reported work, this research explored the properties of Memristive crossbars made with flexible non-CMOS materials. Despite impressive demonstrations with silicon circuits and crossbars of oxide memristors, realizing compact and efficient roots of trust for resource-constrained hardware remains a significant challenge. Organic electronic materials with a rich reservoir of exotic switching physics offer an attractive, inexpensive option to design efficient hardware crypto, but have not been investigated till date. Here, we report a breakthrough security primitive exploiting the switching physics of one dimensional halide perovskite memristors as excellent sources of entropy combined with sophisticated signal-processing for secure key generation and device authentication. Measurements of a prototypical 1 kb PrPyr[PbI3] weak memristor PUF with a differential write back strategy reveals near ideal uniformity, uniqueness and reliability of the primitive without additional area and power overheads. Cycle-to-cycle write variability enables reconfigurability, while in-memory computing empowers a strong recurrent PUF construction to thwart machine learning attacks. The crossbar arrangement lends itself to be used as a neural network as well. For the third part of our research, we present a high reliability and low power weak PUF in CMOS with special goal of achieving high resistance to ML attacks. To improve reliability as well as power efficiency we present two designs, single and differential, of a weak PUF which can be used for chip ID applications. The design is based on off devices which consume only leakage current, and more importantly, provide large output resistance and therefore output voltage dispersion. This large dispersion results in lower instability and Bit Error Rate (BER), making the design ideal for integration with the IoT devices. To this end we achieve instability of 2.81%/5.4% over 2000 evaluations, and native BER of 0.47%/0.91% for single/differential version respectively. Furthermore, in-cell reconfiguration enables low instability of 0.63% while temperature compensation loop reduces average BER by 10.3%. Energy/bit is measured to be 0.96fJ/bit and 5.9fJ/bit for single/differential version respectively, while high measured throughput of 9.6Gbps is achieved for both designs. The final part of this work discusses a temperature compensation protocol to enhance reliability for all the ML reconfigured PUFs. Reliability of hardware security devices is of paramount importance when deployed in a System-On-Chip along-with the IoT sensor nodes. A bit flip due to environmental variation could cause the node to be unrecognizable by the trusted source and increase costs due to replacement and re-deployment. To tackle this issue we propose a PUF-server paradigm in which the server hosts a temperature model of the PUF, and the PUF informs the server of its response, and temperature through an integrated sensor. The model can predict responses for two different strong PUFs across -45C to 90C and thus avoids losing challenge-response pairs(CRPs) owing to low mismatch. Simulations show the model-based reliability improves to 99.5% compared with conventional reliability of 86.3%. Conversely, a loss of approximately 30% of the CRPs is observed in order to improve the conventional reliability to match the model-based reliability. In summary, we have contributed to the family of reliable and secure PUFs by (i) using ideas from the ML domain to improve the security characteristics, and in-turn have created designs which are more resistant to ML attacks (ii) reconfigured machine learning accelerators as strong PUFs with low overhead area and (iii) developed new PUF-server protocols to improve reliability of these PUF designs.