Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance
The last 25 years have witnessed an exponential growth of the number of devices connected to the Internet of Things (IoT) from a million in 1992 to 20 billions in 2017. Despite IoT has become widespread, this concept is still not well-established due to several reasons such as lack of standards, sec...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Theses and Dissertations |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/81420 http://hdl.handle.net/10220/46622 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-81420 |
|---|---|
| record_format |
dspace |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Electrical and electronic engineering::Integrated circuits |
| spellingShingle |
DRNTU::Engineering::Electrical and electronic engineering::Integrated circuits Zalivaka, Siarhei S. Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| description |
The last 25 years have witnessed an exponential growth of the number of devices connected to the Internet of Things (IoT) from a million in 1992 to 20 billions in 2017. Despite IoT has become widespread, this concept is still not well-established due to several reasons such as lack of standards, security and data protection issues, maintenance cost, etc. Since much of the sensitive personal data is transmitted via IoT devices, secure access control to this data can be highlighted as one of the most important challenges for this area. Classical hardware cryptographic methods have two major disadvantages, signifi cant hardware overhead required for its implementation and non-volatile memory for secret key storage. One effective way to provide secure chip authentication with low overhead is the Physical Unclonable Functions (PUF). They are widely used as a cryptographic primitive to avoid the need for storing the key or secret that can be used to retrieve the device key in the non-volatile memory. PUF uses the intrinsic integrated circuit's manufacturing process variations to generate unique and random response to a given challenge to identify a chip. For reliable key generation, it is required that the responses of the PUF are highly stable against operating environment variations such as temperature and supply voltage variations. One of the most well-explored PUF design is Arbiter PUF (A-PUF), which has been utilized by Verayo to implement RFID ICs as well as by Xilinx to include PUF IP as a hardware root of trust for its new Zynq UltraScale+ devices. However, porting of existing Arbiter PUF designs that are not implemented as ASIC cores into FPGA platform suffers from poor reliability due to routing constraints. On the other hand, improving temporal stability of A-PUF responses makes the circuit vulnerable to modeling attack using machine learning methods. Thus, this research targets design and implementation of reliable and secure A-PUF on FPGA chips without built-in PUF. It also aims to overcome the limitation of using existing PUF IPs for authentication of FPGA-based IoT devices.
This thesis presents a comprehensive overview of state-of-the-art PUF designs and their ASIC and FPGA implementations. As a means for reliability enhancement, a new hybrid PUF based on A-PUF is proposed. Using the SR latch instead of D Flip-Flop as an arbiter makes it possible
to expand the original response states to a ternary set stable 0, stable 1 and High Frequency Oscillation (HFO). The enhanced reliability and uniqueness were attested by experimental results implemented on FPGA platform. To further improve its reliability to the ideal 1.0 over a wide range (from -45 C to +90 C) of temperature, a challenge classi cation algorithm is introduced. The proposed method has been tested on identical FPGA chips of two different families and has shown no degradation on uniqueness. To prevent modeling attack, two approaches based on non-linear challenge processing are presented in this thesis. It has been shown that the proposed techniques are resilient against modeling attack by different machine learning algorithms, including the most advanced Covariance Matrix Adaptation Evolutionary Strategy (CMA-ES). The abovementioned contributions are utilized to build a low-cost authentication protocol based on a highly accurate model of A-PUF. |
| author2 |
Chang Chip Hong |
| author_facet |
Chang Chip Hong Zalivaka, Siarhei S. |
| format |
Theses and Dissertations |
| author |
Zalivaka, Siarhei S. |
| author_sort |
Zalivaka, Siarhei S. |
| title |
Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| title_short |
Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| title_full |
Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| title_fullStr |
Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| title_full_unstemmed |
Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| title_sort |
arbiter puf based fpga chip identification and authentication methods with enhanced reliability and modeling attack resistance |
| publishDate |
2018 |
| url |
https://hdl.handle.net/10356/81420 http://hdl.handle.net/10220/46622 |
| _version_ |
1772827103866126336 |
| spelling |
sg-ntu-dr.10356-814202023-07-04T16:27:19Z Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance Zalivaka, Siarhei S. Chang Chip Hong School of Electrical and Electronic Engineering Belarusian State University of Informatics and Radioelectronics Centre for Integrated Circuits and Systems DRNTU::Engineering::Electrical and electronic engineering::Integrated circuits The last 25 years have witnessed an exponential growth of the number of devices connected to the Internet of Things (IoT) from a million in 1992 to 20 billions in 2017. Despite IoT has become widespread, this concept is still not well-established due to several reasons such as lack of standards, security and data protection issues, maintenance cost, etc. Since much of the sensitive personal data is transmitted via IoT devices, secure access control to this data can be highlighted as one of the most important challenges for this area. Classical hardware cryptographic methods have two major disadvantages, signifi cant hardware overhead required for its implementation and non-volatile memory for secret key storage. One effective way to provide secure chip authentication with low overhead is the Physical Unclonable Functions (PUF). They are widely used as a cryptographic primitive to avoid the need for storing the key or secret that can be used to retrieve the device key in the non-volatile memory. PUF uses the intrinsic integrated circuit's manufacturing process variations to generate unique and random response to a given challenge to identify a chip. For reliable key generation, it is required that the responses of the PUF are highly stable against operating environment variations such as temperature and supply voltage variations. One of the most well-explored PUF design is Arbiter PUF (A-PUF), which has been utilized by Verayo to implement RFID ICs as well as by Xilinx to include PUF IP as a hardware root of trust for its new Zynq UltraScale+ devices. However, porting of existing Arbiter PUF designs that are not implemented as ASIC cores into FPGA platform suffers from poor reliability due to routing constraints. On the other hand, improving temporal stability of A-PUF responses makes the circuit vulnerable to modeling attack using machine learning methods. Thus, this research targets design and implementation of reliable and secure A-PUF on FPGA chips without built-in PUF. It also aims to overcome the limitation of using existing PUF IPs for authentication of FPGA-based IoT devices. This thesis presents a comprehensive overview of state-of-the-art PUF designs and their ASIC and FPGA implementations. As a means for reliability enhancement, a new hybrid PUF based on A-PUF is proposed. Using the SR latch instead of D Flip-Flop as an arbiter makes it possible to expand the original response states to a ternary set stable 0, stable 1 and High Frequency Oscillation (HFO). The enhanced reliability and uniqueness were attested by experimental results implemented on FPGA platform. To further improve its reliability to the ideal 1.0 over a wide range (from -45 C to +90 C) of temperature, a challenge classi cation algorithm is introduced. The proposed method has been tested on identical FPGA chips of two different families and has shown no degradation on uniqueness. To prevent modeling attack, two approaches based on non-linear challenge processing are presented in this thesis. It has been shown that the proposed techniques are resilient against modeling attack by different machine learning algorithms, including the most advanced Covariance Matrix Adaptation Evolutionary Strategy (CMA-ES). The abovementioned contributions are utilized to build a low-cost authentication protocol based on a highly accurate model of A-PUF. Doctor of Philosophy 2018-11-12T01:56:04Z 2019-12-06T14:30:35Z 2018-11-12T01:56:04Z 2019-12-06T14:30:35Z 2018 Thesis Zalivaka, S. S. (2018). Arbiter PUF based FPGA chip identification and authentication methods with enhanced reliability and modeling attack resistance. Doctoral thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/81420 http://hdl.handle.net/10220/46622 10.32657/10220/46622 en 161 p. application/pdf |