Fatemeh Tehranipoor

DRAM based Intrinsic Physical Unclonable Functions for System Level Security

Physical Unclonable Functions (PUF) are the result of random uncontrollable variables in the manufacturing process. A PUF can be used as a source of random but reliable data for applications such as generating chip identification and encryption keys. Among various types of PUFs, an intrinsic PUF is the result of a preexisting manufacturing process, does not require any additional circuitry, and is cost effective. In this paper, we introduce an intrinsic PUF based on dynamic random access memories (DRAM). DRAM PUFs can be used in low cost identification applications and also have several advantages over other PUFs such as large input patterns. The DRAM PUF relies on the fact that the capacitor in the DRAM initializes to random values at startup. We demonstrate real DRAM PUFs and describe an experimental setup to test different operating conditions on three DRAMs to achieve the highest reliable results. Finally, we select the most stable bits to use as chip ID using our enrollment algorithm.

DRAM-Based Intrinsic Physically Unclonable Functions for System-Level Security and Authentication

A physically unclonable function (PUF) is an irreversible probabilistic function that produces a random bit string. It is simple to implement but hard to predict and emulate. PUFs have been widely proposed as security primitives to provide device identification and authentication. In this paper, we propose a novel dynamic-memory-based PUF [dynamic RAM PUF (DRAM PUF)] for the authentication of electronic hardware systems. The DRAM PUF relies on the fact that the capacitor in the DRAM initializes to random values at startup time. Most PUF designs require custom circuits to convert unique analog characteristics into digital bits, but using our method, no extra circuitry is required to achieve a reliable 128-bit PUF. The results show that the proposed DRAM PUF provides a large number of input patterns (challenges) compared with other memory-based PUF circuits such as static RAM PUFs. Our DRAM PUFs provide highly unique PUFs with a 0.4937 average interdie Hamming distance. We also propose an enrollment algorithm to achieve highly reliable results to generate PUF identifications for system-level security. This algorithm has been validated on real DRAMs with an experimental setup to test different operating conditions.

A Novel Way to Authenticate Untrusted Integrated Circuits

Counterfeit Integrated Circuits (IC) can be very harmful to the security and reliability of critical applications. Physical Unclonable Functions (PUF) have been proposed as a mechanism for uniquely identifying ICs and thus reducing the prevalence of counterfeits. However, maintaining large databases of PUF challenge response pairs and dealing with PUF errors makes it difficult to use PUFs reliably. This paper presents an innovative approach to authenticate PUF challenge response pairs on IC chips. The proposed method can tolerate considerable bit errors from responses of PUFs without the use of error correcting codes. It is successful in authenticating 99.96% authorized chips and filtering out 99.92% cloned chips. The overhead is reduced by 65.62% compared to that of other authenticating solutions.

Genetic Algorithm for hardware Trojan detection with ring oscillator network (RON)

Securing integrated circuits against malicious modifications (i.e., hardware Trojans) is of utmost importance, as hardware Trojans may leak information and reduce reliability of electronic systems in critical applications. In this paper, we use ring oscillators (ROs) to gather measurements of ICs that may contain hardware Trojans. To distinguish between Trojan-inserted ICs and Trojan-free ICs, we investigate several classification approaches. Furthermore, we propose a novel feature selection approach based on the Genetic Algorithm (GA) and evaluate its performance compared to several popular alternatives. The proposed method is an improvement over principal component analysis (PCA) in terms of accuracy and equal error rate by 30% and 97% respectively.

PUF-Based Fuzzy Authentication Without Error Correcting Codes

Counterfeit integrated circuits (IC) can be very harmful to the security and reliability of critical applications. Physical unclonable functions (PUFs) have been proposed as a mechanism for uniquely identifying ICs and thus reducing the prevalence of counterfeits. However, maintaining large databases of PUF challenge response pairs (CRPs) and dealing with PUF errors make it difficult to use PUFs reliably. This paper presents an innovative approach to authenticate CRPs on PUF-based ICs. The proposed method can tolerate considerable bit errors from responses of PUFs without the use of error correcting codes. Different types of optimization methods are applied to improve the overall performance. The simulation shows that it is successful in authenticating 99.96% authorized chips and filtering out 99.92% cloned chips by tolerating 12 errors in 128 bits. The results are verified with ring oscillator PUF and arbiter PUF implementations on Kintex-7 FPGA. The approach saves hardware and software resources significantly, compared to those of other authentication solutions.

A Study of Power Supply Variation as a Source of Random Noise

In this paper, we consider the construction of True Random Numbers Generators (TRNGs) using variations in power supplies. We demonstrate that power supply line outputs do not have a constant voltage and the variations in voltage follow a normal distribution. These variations can be used to create truly random bits that demonstrates a high entropy rate based on the results obtained from the NIST Statistical Test Suite. In order to quantify the impact of variations on the input signal of a circuit, we analyze the impact of such variations using Monte-Carlo simulations as well as an actual implementation. Results were obtained for evaluating the accuracy and randomness of the data gathered from our proposed circuit. A detailed analysis of the effect of variations of different power supplies is also presented with observations on their usefulness as a TRNG. The key advantage of our power supply variation based TRNG is its simplicity of implementation.

Phase calibrated ring oscillator PUF design and implementation on FPGAs

A ring oscillator physical unclonable function (RO PUF) is an application-constrained hardware security primitive that can be used for authentication and key generation. PUFs depend on variability during the fabrication process to produce random outputs that are nevertheless stable across multiple measurements. Unfortunately, RO PUFs are known to be unstable especially when implemented on an Field Programmable Gate Array (FPGA). In this work, we comprehensively evaluate the RO PUFs stability on FPGAs, and we propose a phase calibration process to improve the stability of RO PUFs. The results show that the bit errors in our PUFs are reduced to less than 1%.

An Overview of DRAM-Based Security Primitives

Recent developments have increased the demand for adequate security solutions, based on primitives that cannot be easily manipulated or altered, such as hardware-based primitives. Security primitives based on Dynamic Random Access Memory (DRAM) can provide cost-efficient and practical security solutions, especially for resource-constrained devices, such as hardware used in the Internet of Things (IoT), as DRAMs are an intrinsic part of most contemporary computer systems. In this work, we present a comprehensive overview of the literature regarding DRAM-based security primitives and an extended classification of it, based on a number of different criteria. In particular, first, we demonstrate the way in which DRAMs work and present the characteristics being exploited for the implementation of security primitives. Then, we introduce the primitives that can be implemented using DRAM, namely Physical Unclonable Functions (PUFs) and True Random Number Generators (TRNGs), and present the applications of each of the two types of DRAM-based security primitives. We additionally proceed to assess the security such primitives can provide, by discussing potential attacks and defences, as well as the proposed security metrics. Subsequently, we also compare these primitives to other hardware-based security primitives, noting their advantages and shortcomings, and proceed to demonstrate their potential for commercial adoption. Finally, we analyse our classification methodology, by reviewing the criteria employed in our classification and examining their significance.

Investigation of DRAM PUFs reliability under device accelerated aging effects

Physical Unclonable Functions are promising candidates for lightweight authentication applications as they are hard to predict and clone. PUFs are dependent on process variations that occurs during silicon chip fabrication. As the CMOS technology scales down towards nanoscale dimensions, there are increasing transistor reliability challenges which impact the lifetime of integrated circuits. These issues are known as aging effects, which result in degradation of the performance of circuits. In this paper, we analyze the effects of aging on the reliability of intrinsic DRAM PUFs. We present accelerated aging experimental results over 18 months (from Sep. 2014 to Feb. 2016) on 3 DRAM PUFs. Based on our observations, DRAM PUFs maintain their reliability over time, and thus, validate the use of DRAM PUFs in a number of applications such as system authentications.

Noise assessment framework for optimizing ECG key generation

Bioelectrical signals such as electrocardiogram (ECG) have shown promise as biometrics, but their continuous nature and drastic acquisition variations make it difficult to deploy them for biometric-based key generation. In particular, it is nearly impossible to obtain raw ECG measurements from a large population under all possible test conditions. In this paper, we build upon our recent approach called IOMBA by combining it with a pre-assessment framework that uses synthetic ECGs to characterize the impact of different sources of noise on ECG-based keys. Our framework uses an auto-regressive (AR) model with three modulated sources of noise - baseline wander (BW), electromyography (EMG), and motion artifact (MA). The performance of the proposed framework is validated using normal ECG signals from popular ECG databases. Different feature extraction methods are applied for ECG key generation and the performance of each approach with each noise source is evaluated. The proposed framework can be used to optimize pre-processing approaches for low-cost applications.