Chongyan Gu

A unique and robust single slice FPGA identification generator

In this paper, a new field-programmable gate array (FPGA) identification generator circuit is introduced based on physically unclonable function (PUF) technology. The new identification generator is able to convert flip-flop delay path variations to unique n-bit digital identifiers (IDs), while requiring only a single slice per ID bit by using 1-bit ID cells formed as hard-macros. An exemplary 128-bit identification generator is implemented on ten Xilinx Spartan-6 FPGA devices. Experimental results show an uniqueness of 48.52%, and reliability of 92.41% over a 25°C to 70°C temperature range and 10% fluctuation in supply voltage.

Novel lightweight FF-APUF design for FPGA

Physical unclonable functions (PUFs), are a new type of physical security primitive which enable digital identifiers to be extracted from devices, such as field programmable gate arrays (FPGAs) or application specific integrated circuits (ASICs). Due to their flexibility and lower time to market, FPGAs are increasingly used for many applications. Arbiter PUFs (APUFs) are among the most widely studied PUF designs. However, they often suffer from poor uniqueness and reliability characteristics, are difficult to implement in FPGAs and consume excessive FPGA resources. To address these problems, a new Flip-flop based APUF (FF-APUF) design is proposed that offers a compact architecture, combined with strong uniqueness and good reliability. It is specifically designed for FPGAs. The proposed work is verified on a low-cost Nexys4 board based on the latest 28 nm technology Xilinx Artix-7 FPGA. The proposed FF-APUF circuit for generating a 1-bit response consumes only 44 slices, which is a saving of more than 66% in hardware resources over previous related research. Moreover, experimental results show improvements in both uniqueness and reliability. In particular, the expected uniqueness of the response bits is 40% on FPGA, which significantly improves upon a uniqueness of 9% achieved in previous work.

FPGA-based strong PUF with increased uniqueness and entropy properties

Physical unclonable functions (PUFs), are a type of physical security primitive which enable identification and authentication of hardware devices, such as field programmable gate arrays (FPGAs) and application specific integrated circuits (ASICs). Arbiter PUFs were the first proposed Strong PUF and are also widely studied. However, these designs often suffer from poor uniqueness and reliability characteristics leaving them vulnerable to modeling attacks, as well as being difficult to implement on FPGAs due to the physical layout restrictions. Some more recent designs based around non-linear voltage transfer characteristics, or non-linear currents improve the resistance against modeling attacks. However they can only be implemented on ASICs due to their voltage/current requirements. To address this problem, we propose a new PUF circuit that offers a significantly higher theoretical entropy than the traditional Arbiter PUF construction, and which is specifically designed for FPGAs. The proposed work is verified on a low-cost Nexys4 board which contains a Xilinx Artix-7 FPGA fabricated at 28nm. The experimental results give a uniqueness of 20 %, considerably higher than the reported 9 % of a traditional Arbiter PUF design, and an expected reliability of ≈ 96% over an environmental temperature range of 0° C to 75° C, with a reliability of ≈ 92 % with ±10 % variation in supply voltage.

Improved Reliability of FPGA-Based PUF Identification Generator Design

Physical unclonable functions (PUFs), a form of physical security primitive, enable digital identifiers to be extracted from devices, such as field programmable gate arrays (FPGAs). Many PUF implementations have been proposed to generate these unique n-bit binary strings. However, they often offer insufficient uniqueness and reliability when implemented on FPGAs and can consume excessive resources. To address these problems, in this article we present an efficient, lightweight, and scalable PUF identification (ID) generator circuit that offers a compact design with good uniqueness and reliability properties and is specifically designed for FPGAs. A novel post-characterisation methodology is also proposed that improves the reliability of a PUF without the need for any additional hardware resources. Moreover, the proposed post-characterisation method can be generally used for any FPGA-based PUF designs. The PUF ID generator consumes 8.95% of the hardware resources of a low-cost Xilinx Spartan-6 LX9 FPGA and 0.81% of a Xilinx Artix-7 FPGA. Experimental results show good uniqueness, reliability, and uniformity with no occurrence of bit-aliasing. In particular, the reliability of the PUF is close to 100% over an environmental temperature range of 25°C to 70°C with ± 10% variation in the supply voltage.

Lightweight cryptographic identity solutions for the Internet of Things

With the increasing emergence of pervasive electronic devices in our lives, the Internet of Things (IoT) has become a reality with its influence on our day to day activities set to further increase with a projected 50 billion connected devices by the year 2020 [8]. These smart devices and sensors will be found in our homes, our cars, our workplaces, etc., and have the potential to revolutionise how we interact with the world today. The slew of data generated by such a volume of devices necessitates the use of smart, autonomous machine-to-machine (M2M) communications; however, this necessarily poses serious security and privacy issues as we will no longer have direct control over with whom and what our devices communicate. This could potentially open up new attack vectors for criminal hackers to exploit through the use of malicious or tampered IoT devices. Compounding the problem is that to enable the ubiquitous nature of the IoT, the embedded devices themselves are often low-cost, low-power, throwaway units which are restricted both in memory and computing power. Generally, low-cost devices targeted at the IoT space, such as the ARM Cortex-M® or the Atmel tinyAVR® families of microcontroller units (MCUs), contain little if any embedded security features. Their lightweight nature is such that even highly optimised cryptographic implementations targeted at specific MCU still require a significant timing, and corresponding energy, overhead [9]. Hence, it is clear we need a new approach to securing the IoT. In this chapter, we outline the proposed use of Physical Unclonable Functions (PUFs) for the provision of IoT device security.