Yansong Gao

Memristive crypto primitive for building highly secure physical unclonable functions.

Physical unclonable functions (PUFs) exploit the intrinsic complexity and irreproducibility of physical systems to generate secret information. The advantage is that PUFs have the potential to provide fundamentally higher security than traditional cryptographic methods by preventing the cloning of devices and the extraction of secret keys. Most PUF designs focus on exploiting process variations in Complementary Metal Oxide Semiconductor (CMOS) technology. In recent years, progress in nanoelectronic devices such as memristors has demonstrated the prevalence of process variations in scaling electronics down to the nano region. In this paper, we exploit the extremely large information density available in nanocrossbar architectures and the significant resistance variations of memristors to develop an on-chip memristive device based strong PUF (mrSPUF). Our novel architecture demonstrates desirable characteristics of PUFs, including uniqueness, reliability, and large number of challenge-response pairs (CRPs) and desirable characteristics of strong PUFs. More significantly, in contrast to most existing PUFs, our PUF can act as a reconfigurable PUF (rPUF) without additional hardware and is of benefit to applications needing revocation or update of secure key information.

Emerging Physical Unclonable Functions With Nanotechnology

Physical unclonable functions (PUFs) are increasingly used for authentication and identification applications as well as the cryptographic key generation. An important feature of a PUF is the reliance on minute random variations in the fabricated hardware to derive a trusted random key. Currently, most PUF designs focus on exploiting process variations intrinsic to the CMOS technology. In recent years, progress in emerging nanoelectronic devices has demonstrated an increase in variation as a consequence of scaling down to the nanoregion. To date, emerging PUFs with nanotechnology have not been fully established, but they are expected to emerge. Initial research in this area aims to provide security primitives for emerging integrated circuits with nanotechnology. In this paper, we review emerging nanotechnology-based PUFs.

mrPUF: A Novel Memristive Device Based Physical Unclonable Function

Physical unclonable functions (PUFs) exploit the intrinsic complexity and irreproducibility of physical systems to generate secret information. They have been proposed to provide higher level security as a hardware security primitive. Notably PUFs are an emerging and promising solution for establishing trust in an embedded system with low overhead with respect to energy and area. Most current PUF designs traditionally focus on exploiting process variations in CMOS (Complementary Metal Oxide Semiconductor) technology. In recent years, progress in nanoelectronic devices such as memristors has demonstrated the prevalence of process variations in scaling electronics down to the nano region. In this paper we exploit the extremely large information density available in the nanocrossbar architecture and the large resistance variations of memristors to develop on-chip memristive device based PUF (mrPUF). Our proposed architecture demonstrates good uniqueness, reliability and improved number of challenge-response pairs (CRPs). The proposed mrPUF is validated using nanodevices characteristics obtained from experimental data and extensive simulations. In addition, the performance of our mrPUF is compared with existing memristor based PUF architectures. Furthermore, we analyze and demonstrate the improved security with respect to model building attacks by expounding upon the inherent nature of nanocrossbar arrays where we use the independence between nanocrossbar columns to generate responses to challenges.

Obfuscated challenge-response: A secure lightweight authentication mechanism for PUF-based pervasive devices

Low cost pervasive devices such as RFID (radio-frequency identification) tags and sensor nodes are increasingly becoming part of the fabric of life. Using these pervasive devices to store and collect data securely is becoming a challenge because stringent requirements on power and area constrain the implementation of standard cryptographic mechanisms. In this paper, we propose a secure and lightweight authentication protocol for resource scarce pervasive devices built upon a physical unclonable function (PUF) primitive termed Obfuscated PUF (OB-PUF) and a variant of a parameter-based authentication protocol. This protocol sends obfuscated challenges to an OB-PUF where the subsequent recovery of the obfuscated challenges by a server (verifier) is guaranteed. In particular, our approach exploits server (verifer) aided computations to reduce the hardware complexity on the pervasive device while still maintaining a high level of security and taking advantage of the known vulnerability of PUFs to model building attacks. Most importantly, the unclonability of the OB-PUF is preserved and, consequently, OB-PUF based pervasive devices are resilient to cloning. We also show through statistical analysis and model building attacks the infeasibility of constructing a model of our proposed OB-PUF by an adversary.

Read operation performance of large selectorless cross-point array with self-rectifying memristive device

Memristive device based passive crossbar arrays hold a great promise for high-density and non-volatile memories. A significant challenge of ultra-high density integration of these crossbars is unwanted sneak-path currents. The most common way of addressing this issue today is an integrated or external selecting device to block unwanted current paths. In this paper, we use a memristive device with intrinsic rectifying behavior to suppress sneak-path currents in the crossbar. We systematically evaluate the read operation performance of large-scale crossbar arrays with regard to read margin and power consumption for different crossbar sizes, nanowire interconnect resistances, ON and OFF resistances, rectification ratios under different read-schemes. Outcomes of this study allow improved understanding of the trade-off between read margin, power consumption and read-schemes. Most importantly, this study provides a guideline for circuit designers to improve the performance of oxide-based resistive memory (RRAM) based cross-point arrays. Overall, self-rectifying behavior of the memristive device efficiently improves the read operation performance of large-scale selectorless cross-point arrays. HighlightsProvide a Verilog-A behavioral model of a memristive device with intrinsic rectifying behavior based on published measured characteristics of these devices.Evaluate read operation performance under diverse settings.Demonstrate the effectiveness of this special type of memristive device as an alternative to reduce sneak-path currents in the crossbar.Performs a valuable crossbar read operation comparison among memristive device with intrinsic-rectifying behavior, memristive device with linear I-V characteristic and 1S1M structure.

PUF Sensor: Exploiting PUF Unreliability for Secure Wireless Sensing

Wireless sensors are increasingly penetrating every domain of our lives through integration with Internet of Things, e.g., such devices are widely incorporated into smart buildings and for monitoring critical industrial infrastructure. Sensing, collecting and communication of sensor data, however, are under threat from various attacks due to the difficulty in implementing proper protection mechanisms and limited computational resources available in these cost-sensitive devices. This paper expands on recent research on physical unclonable function (PUF) sensors to secure sensing by taking the advantage of inherent physical randomness. In particular, PUF unreliability originates from its sensitivity to ambient parameter variations that is usually undesirable for elementary PUF applications—such as authentication and key generation—is exploited to guarantee the veracity of the sensed value. In this paper, a PUF naturally acting as a sensor or a PUF explicitly integrated with a sensor is called a PUF sensor. Security of sensing in a PUF sensor is attributed to the natural merging of cryptography and sensing to eschew the need for a standalone crypto module. Thus, the PUF sensor is appealing for low-cost applications. To obtain the sensed value, we develop an authenticated sensing protocol that is robust against eavesdropping, also capable of detecting man-in-the-middle manipulation of the sensed value. Compared to initial investigations of PUF sensors, we avoid the stringent requirements of a strong PUF. We validate the feasibility of the proposed authenticated sensing protocol based on an experimental implementation of a ring oscillator PUF sensor. To improve the sensing capability, we present an efficient approach to select sensitive responses and only employ them for sensing. Significantly improved efficacy is validated through comprehensive experimental results.

A PUF sensor: Securing physical measurements

Sensors are important components in the Internet of Things (IoT) that encompass a wide spectrum of applications from healthcare to monitoring critical infrastructure. Securely gathering sensor measurements by adopting traditional cryptographic mechanisms is fraught with vulnerabilities emanating from the inability to safeguard secrets on edge devices, often in adversarial environments, where appropriate hardware protection logic and power consumption overheads are counterproductive to the desire to keep the devices low cost and long lasting. This paper continues recent efforts into investigating an alternative secure sensing approach with the potential to provide a solution for resource-restricted IoT devices. In particular, we investigate the possibility to exploit unreliability of a physical unclonable function (PUF) resulting from its sensitivity to variations in supply voltage conditions to guarantee the veracity of physical measurements from potentially any transducer capable of converting a physical phenomenon to a voltage signal. Therefore we present an approach that has the potential to realize a universal PUF sensor where the PUF itself acts as a sensor or is integrated with a sensor. Thus, for a PUF sensor, cryptographic processes and sensing are inseparable. Further, we rely on a dominant external condition—voltage—responsible for unreliability to secure sensing. We validate the feasibility of the proposed universal PUF sensor approach based on experimental data extracted from RO-PUFs (Ring Oscillator PUFs).