An example weak PUF is the power on state of an SRAM Although a SRAM cell is

An example weak puf is the power on state of an sram

This preview shows page 3 - 4 out of 16 pages.

An example weak PUF is the power-on state of an SRAM. Although a SRAM cell is symmetric, manufactur- ing variability will give each cell a tendency toward a logical ‘‘1’’ or ‘‘0’’ at power-on. This variability is random across the entire SRAM, giving it a unique fingerprint on power-on that can be identified. In this case, if the ‘‘response’’ consists of the entire SRAM state at power-on, the notion of a ‘‘challenge’’ is not useful, as there is only one possible ‘‘challenge’’: powering on the SRAM. The output signature is always the same (ignoring noise). One can allow for more output bits by increasing the size of the SRAM, but the response space is still linearly related to the number of components subject to manufacturing variation (each SRAM cell). The SRAM is an extreme example of a weak PUF in the sense that it only has one ‘‘CRP.’’ Note that since weak PUFs in general have only a small number of CRPs, these pairs must be kept secret. If a weak PUF only has one CRP, and it is revealed, then any device can emulate the PUF. For this reason, weak PUFs are well suited for use in key derivation processes. The PUF pro- vides the randomness and secure storage, and the secret key (derived from the PUF’s response bits) is never re- vealed during operation. Once the key is recovered by the PUF (this typically requires error correction), any cryptographic process may follow. For example, the weak PUF output may be used as the key in a keyed-hash message authentication code (HMAC) challenge–response sequence. In addition, the output may be used as a secret key to encrypt/decrypt data on the device. B. Strong PUF Model Strong PUFs differ from weak PUFs in that a strong PUF can support a large number of CRPs. As a result, a strong PUF can be authenticated directly without using any cryptographic hardware. The requirements for a strong PUF are: large enough challenge–response space such that an adversary cannot enumerate all CRPs within a certain fixed time (ideally, exponential in the number of challenge bits); responses stable to environment, multiple readings; an adversary given a polynomial-sized sample of adaptively chosen CRPs cannot predict the re- sponse to a new, randomly chosen challenge; not feasible to manufacture two PUFs with the same responses; the readout only reveals the response r ¼ f ð c Þ and no other data about the internal functionality of the PUF. It should be noted that a weak PUF can provide au- thentication capabilities if the weak PUF is paired with crypto hardware supporting HMAC or similar authentica- tion processes (note that HMAC and others support exponentially sized challenge–response spaces but their use requires 100% response stability and, therefore, error- correction logic). It should also be noted that the security models for weak and strong PUFs differ. The output of a weak PUF must be kept private, while a strong PUF’s responses do not have the same restriction.
Image of page 3
Image of page 4

You've reached the end of your free preview.

Want to read all 16 pages?

  • Summer '15

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors