Abdelkarim Cherkaoui

A very high speed true random number generator with entropy assessment

The proposed true random number generator (TRNG) exploits the jitter of events propagating in a self-timed ring (STR) to generate random bit sequences at a very high bit rate. It takes advantage of a special feature of STRs that allows the time elapsed between successive events to be set as short as needed, even in the order of picoseconds. If the time interval between the events is set in concordance with the clock jitter magnitude, a simple entropy extraction scheme can be applied to generate random numbers. The proposed STR-based TRNG (STRNG) follows AIS31 recommendations: by using the proposed stochastic model, designers can compute a lower entropy bound as a function of the STR characteristics (number of stages, oscillation period and jitter magnitude). Using the resulting entropy assessment, they can then set the compression rate in the arithmetic post-processing block to reach the required security level determined by the entropy per output bit. Implementation of the generator in two FPGA families confirmed its feasibility in digital technologies and also confirmed it can provide high quality random bit sequences that pass the statistical tests required by AIS31 at rates as high as 200 Mbit/s.

A Self-Timed Ring Based True Random Number Generator

Self-timed rings are oscillators in which several events can evolve evenly-spaced in time thanks to analog effects inherent to the ring stage structure. One of their interesting features is that they provide precise high-speed multiphase signals. This paper presents a true random number generator that exploits the jitter of events propagating in a self-timed ring with a high entropy. Designs implemented in Alter a Cyclone III and Xilinx Virtex 5 devices provide high quality random bit sequNIST SP 800-22 statistical testsences passing FIPS 140-1 and NIST SP 800-22 statistical tests at a high bit rate.

Comparison of self-timed ring and inverter ring oscillators as entropy sources in FPGAs

Many True Random Numbers Generators (TRNG) use jittery clocks generated in ring oscillators as a source of entropy. This is especially the case in Field Programmable Gate Arrays (FPGA), where sources of randomness are very limited. Inverter Ring Oscillators (IRO) are relatively well characterized as entropy sources. However, it is known that they are very sensitive to working conditions. This fact makes them vulnerable to attacks. On the other hand, Self-Timed Rings (STR) are currently considered as a promising solution to generate robust clock signals. Although many studies deal with their temporal behavior and robustness in Application Specific Integrated Circuits (ASIC), equivalent study does not exist for FPGAs. Furthermore, these oscillators were not analyzed and characterized as entropy sources aimed at TRNG design. In this paper, we analyze STRs as entropy sources for TRNGs implemented in FPGAs. Next, we compare STRs and IROs when serving as sources of randomness. We show that STRs represent very interesting alternative to IROs: they are more robust to environmental fluctuations and they exhibit lower extra-device frequency variations.

Design, Evaluation, and Optimization of Physical Unclonable Functions Based on Transient Effect Ring Oscillators

This paper proposes a theoretical study and a full overview of the design, evaluation, and optimization of a PUF based on transient element ring oscillators (TERO-PUF). We show how, by following some simple design rules and strategies, designers can build and optimize a TERO-PUF with the state-of-the-art PUF characteristics in a standard CMOS technology. To this end, we analyzed the uniqueness, steadiness, and randomness of responses generated from 30 test chips in a CMOS 350-nm process in nominal and corner voltage and temperature conditions. Response generation schemes are proposed and discussed to optimize the PUF performances and reduce its area without noticeable loss in its output quality. In particular, we show that the large area of the basic blocks in the TERO-PUF is balanced by the high level of entropy extracted in each basic block. Guidelines are provided to balance reliability and randomness of the responses and the design area.

New paradigms for access control in constrained environments

The Internet of Things (IoT) is here, more than 10 billion units are already connected and five times more devices are expected to be deployed in the next five years. Technological standarization and the management and fostering of rapid innovation by governments are among the main challenges of the IoT. However, security and privacy are the key to make the IoT reliable and trusted. Security mechanisms for the IoT should provide features such as scalability, interoperability and lightness. This paper addresses authentication and access control in the frame of the IoT. It presents Physical Unclonable Functions (PUF), which can provide cheap, secure, tamper-proof secret keys to authentify constrained M2M devices. To be successfully used in the IoT context, this technology needs to be embedded in a standardized identity and access management framework. On the other hand, Embedded Subscriber Identity Module (eSIM) can provide cellular connectivity with scalability, interoperability and standard compliant security protocols. The paper discusses an authorization scheme for a constrained resource server taking advantage of PUF and eSIM features. Concrete IoT uses cases are discussed (SCADA and building automation).

Implementation and Characterization of a Physical Unclonable Function for IoT: A Case Study With the TERO-PUF

Today, life is becoming increasingly connected. From TVs to smartphones, including vehicles, buildings, and household appliances, everything is interconnected in what we call the “Internet of Things” (IoT). IoT is now part of our life and we have to deal with it. More than ten billion devices are already connected and five times more are expected to be deployed in the next five years. While deployment and integration of IoT is expanding, one of the main challenge is to provide practical solutions to security, privacy, and trust issues in IoT. Protection and security mechanisms need to include features such as interoperability and scalability but also traceability, authentication, and access control while remaining lightweight. Among the most promising approaches to such security mechanisms, physical unclonable functions (PUFs) provide a unique identifier for similar but different integrated circuits using some of their physical characteristics. These types of functions can thus be used to authenticate integrated circuits, provide traceability and access control. This paper presents a comprehensive case study of the transient effect ring oscillator (RO) PUF from its implementation on FPGAs to its complete characterization. The implementation of the PUF is detailed for two different families of FPGAs: 1) Xilinx Spartan 6 and 2) Altera Cyclone V. All the metrics used for the characterization are explained in detail and the results of the characterization include robustness to environmental parameters including variations in temperature and voltage. Finally, we compare our results with those obtained for another PUF: the RO PUF. All the design files are available online to ensure repeatability and enable comparison of our contribution with other studies.

Design and Characterization of the TERO-PUF on SRAM FPGAs

Physical unclonable functions (PUF) are a promising approach in design for trust and security. A PUF derives a unique identifier for different similar dies using some of their physical characteristics, so it can be used to authenticate chips and to fight against counterfeiting and theft of devices. The transient effect ring oscillator (TERO) PUF is based on the extraction of the entropy of the process variations by comparison between TERO cells characteristics. This TERO cell needs to be carefully designed in order to construct a PUF. This task needs to be done with precision, especially in the size of used gates and in the delays of all connections inside the cell. This is particularly challenging in FPGA. This paper presents the design of TERO cells in two FPGA families: Xilinx Spartan 6 and Altera Cyclone V. Additionally, results of the characterization of the TEROPUF are presented and compared for the two technologies. The reproducibility of experimental results are guaranteed by the online access to all design files.

Self-timed rings as low-phase noise programmable oscillators

Self-timed rings are promising for designing high-speed serial links and system clock generators. Indeed, their architecture is well-suited to digitally control their frequency and to easily adapt their phase noise by design. Self-timed ring oscillation frequency does not only depend on the number of stages as the usual inverter ring oscillators but also on their initial state. This feature is extremely important to make them programmable. Moreover, with such ring oscillators, it is easy to control the phase noise by design. Indeed, 3dB phase noise reduction is obtained at the cost of higher power consumption when the number of stages is doubled while keeping the same oscillation frequency, thanks to the oscillator programmability. In this paper, we completely describe the method to design self-timed rings in order to make them programmable and to generate a phase noise in accordance with the specifications. Test chips have been designed and fabricated in AMS 0.35 μm and in STMicroelectonics CMOS 65 nm technology to verify our models and theoretical claims.

On-the-fly and sub-gate-delay resolution TDC based on self-timed ring: A proof of concept

A new fully digital high resolution time-to-digital converter (TDC) based on a self-timed ring oscillator (STR) is presented. The proposed TDC can virtually achieve as fine as desired time resolution by simply increasing its number of stages thanks to the STR unique features. Moreover, the proposed technique allows on-the-fly time measurement on fast non-periodic signals. The TDC has been implemented using 28 nm FDSOI technology to provide a proof of concept of the proposed method. Simulation results point out the advantage of this TDC in terms of measurement accuracy.

New asynchronous protocols for enhancing area and throughput in bundled-data pipelines

This paper presents two new area-reduced controllers for bundled-data asynchronous pipelines in which the stages have long critical paths. The proposed protocols allow to reduce the number of required delay elements by using the falling edge of the asynchronous request to indicate data validity. For critical path lengths of 25 gates, the first presented scheme decreases the controller area by 48% and slightly increases the maximum throughput (2%) in comparison to a standard micropipeline implementation. The other more-concurrent scheme proposition leads to a 25% area reduction and a 40% improvement of the maximum pipeline throughput.