PUF, The Magic Cybersecurity?
One important aspect of cybersecurity is ensuring that the hardware is authentic. Researchers Rohith Prasad Challa, Sheikh Ariful Islam, and Srinivas Katkoori, Ph.D. at the University of South Florida (USF) in Tampa are studying a hardware authentication method that ironically uses something circuit design engineers usually try to avoid. The USF team describes this method in their paper, An SR Flip-Flop based Physical Unclonable Function for Hardware Security.
The concept of a Physical Unclonable Function (PUF) is relatively straightforward: no two integrated circuits (ICs) are exactly the same, and even subtle manufacturing variations produce distinct behaviors that serve as “fingerprints” for ICs. For example, some PUFs use the metastability present in transient effect ring oscillators (TEROs) to generate responses to input challenges. Other PUFs use cross-coupled logic gates with a latch followed by a quantizer and readout circuity to generate a PUF identification based on a threshold voltage.
The USF team’s PUF is under a provisional patent, and the major contributions claimed by the researchers are its low cost and its reuse of set-reset flip-flops (SR-FFs) already in the original circuit design. The USF design exploits a feature of digital circuits that is usually problematic: race conditions. Consider the Set-Reset Flip-Flop (SR-FF) shown below (image courtesy of USF team).
When the input to R and S transitions from 1 to 0, a race condition between ND1 and ND2 results in Q and Q’ lingering near the voltage halfway between logic 0 and logic 1. The results of the “race” depend on the phase offset between the clock and the input data. If you simultaneously switch several such SR-FF circuits into a PUF mode (shown below), you can produce a sophisticated PUF without requiring much new circuitry (image courtesy of USF team).
The USF researchers used Monte Carlo simulations for three CMOS processes, and preliminary results show the method to be robust for uniqueness, randomness, uniformity, and bit bias. These promising results suggest that the method’s responses are resilient to key-guessing attacks, and it would be interesting to see how the method worked on physical chips. Future work at USF might include inserting noise into the simulation to see how it affects the uniqueness of SR-FF PUF responses and evaluating of the method’s resilience against machine learning attacks.