SlideShare une entreprise Scribd logo
1  sur  42
Télécharger pour lire hors ligne
PUF_lecture3.pdf
Quantum Tunneling PUFs
and PUF-based Applications .
Dr. Kent Chuang
2022 September
Outline .
1. Recap
2. Design and implementation of quantum tunneling PUF
3. Experiment results of quantum tunneling PUF
4. PUF-based security applications
5. Conclusion and Outlook
Outline .
2. Design and implementation of quantum tunneling PUF
3. Experiment results of quantum tunneling PUF
4. PUF-based security applications
5. Conclusion and Outlook
page 5
Recap .
In the previous lectures, we have introduced
▪ The importance of hardware security & root of trust
▪ What is a PUF?
▪ What are the important PUF properties?
▪ The importance of reliability
▪ How to improve reliability?
▪ Intrinsically reliable PUFs based on quantum tunneling
page 6
Key Generation Using PUF .
KDF
Device
Secret
Auxiliary Input
(Optional)
Secret
Key
PUF Array
0 1
0 1
0
1
0
0
0
Readout
Interface
▪ Unique device secret can be derived from the PUF array
▪ Secret key can be further derived by sending the device secret into the
key derivation function (KDF)
page 7
PUFs need to be intrinsically reliable .
Readout
Interface
Post-
processing
n-bit k-bit
Stabilization
m-bit
▪ Error correction is too costly
– Extra cost on computation resources, storage and latency
▪ Stabilization techniques are insufficient
Costly
Insufficient
page 8
Increase mismatches through burn-in .
VT
Percentage
Burn-in
VT
Percentage
For example:
▪ VT of the two transistors originally follow the same distribution
▪ The distribution can be separated by applying burn-in mechanism
page 9
Quantum Tunneling PUFs .
“0” “1”
50% 50%
[Chuang, JSSC 2019]
[Wu, ISSCC 2018]
50% 50%
“0” “1”
▪ Only one tunneling path will be generated in two of the NMOS transistors
▪ Reading out the tunneling current of PUF cells → deriving PUF bits
Outline .
1. Recap
3. Experiment results of quantum tunneling PUF
4. PUF-based security applications
5. Conclusion and Outlook
page 11
Plenary Speech 2
PUF Array
PUF Bit-Cell PUF Enrollment
BL
BL
VAF-0 VAF-1
AF-0(VPP) AF-1(VPP)
AF-0(VPP) AF-1(VPP)
50%
50%
“1” Cell
“0” Cell
0 1
0 1
0 1
0 1
1 1
0 1
0
0
1 0
A Quantum Tunneling PUF .
page 12
The self-limiting mechanism .
▪ Current and voltage are limited by the PMOS selector
▪ Ensuring only one BD (tunneling) spot in a PUF cell
Δ = Vstress - VDS
Vstress
VG VDS
IBD
Reduced stress voltage
→ No breakdown
Limited BD current
→ Only soft-BD
Define saturation current
(current limit)
Vstress
VG
Apply constant voltage stress
Time to
breakdown (tBD)
Chuang, et. al, A Physically Unclonable Function Using Soft Oxide Breakdown Featuring 0% Native BER and 51.8fJ/bit in 40nm CMOS, JSSC 2019
page 13
Tunneling spots are untraceable .
▪ Current is conducted through trap-assisted tunneling
‒ Few traps can result in significant current difference
‒ Traps are extremely difficult to locate
▪ Current/power limitation should be applied for physical security
Formation of oxide defects→ untraceable
Metal Gate
Substrate Substrate
Metal Gate
With power
limit
Without
power limit
Substrate
Metal Gate
→ Structural damages may be
created by heat (easier to trace)
page 14
UN-PROGRAMMED
Blown
Fuse
PROGRAMMED UN-PROGRAMMED PROGRAMMED
SEM Image of eFuse SEM Image of a Quantum Tunneling PUF
PUF Crypto
Key
eFuse
Program
Crypto
Key
Conventional Key Storage (eFuse) Key Generation using PUF
Resilient to reverse engineering .
page 15
PUF array with single-ended readout scheme .
Having two tunneling path is still fine
→Probability < 50ppm
Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
page 16
Sense-amplifier design with balanced current .
Sense
Amplifier
Equal current when
sensing “0”/“1”
“0”/“1”
PUF Array
▪ Minimize power difference required for sensing “0” & “1”
▪ Turn off the cell operation after sensing
▪ Prevent power analysis and photoemission attacks
Read 1 Read 0
Unbalanced
Design
Balanced
Design
Outline .
1. Recap
2. Design and implementation of quantum tunneling PUF
4. PUF-based security applications
5. Conclusion and Outlook
page 18
Nearly ideal uniqueness and reproducibility .
▪ Inter-ID Hamming Distance (HD) follows the ideal distribution
▪ Intra-ID HD is the ideal value: 0 → There is no error
0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0
0.0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1.0
Count
(Normalized)
Hamming Distance (Normalized)
Inter-ID
Ideal
Data
Inter/Intra=∞
μ = 0.499999
σ = 0.031252
Intra-ID
-40~175℃
μ = 0
σ = 0
Information
Bit String Length 256 bits
Total ID Count 16128
Total Bit Count 4128768
Total HD Count 130048128
Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
page 19
PUF responses are consistent .
▪ No bit error found across all tested conditions
→ Wide supply voltage range covering the ULP spec
→ Wide temperature range from -40 °C to 175 °C
0.8 1.0 1.2 1.4 2.0 2.4 2.8 3.2
0
1
2
3
Bit
Error
Rate
(ppm)
Supply Voltage (V)
VDD
VDD2
-40 0 40 80 120 160 200
0
1
2
3
Bit
Error
Rate
(ppm)
Temperature (C)
Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
page 20
No bit-error caused by aging .
▪ Consistent response during and after the HTOL test
→ Reliability qualification passed
1 10 100
0
1
2
3
Bit
Error
Rate
(ppm)
Challenge-Response-Pair (#)
0 100 1000
0
1
2
3
Bit
Error
Rate
(ppm)
Aging Time (hrs)
HTOL Burn-In:
VDD = 1.7V
VDD2 = 3.5V
Temp. = 125℃
Post Burn-in
VDD = 1.7V
VDD2 = 3.5V
Temp. = 125℃
Samples: TT*77
Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
page 21
Testing randomness within a chip .
▪ Resulting hamming weight is within statistical boundaries
▪ Smaller sample size results in wider deviations
“1” bit counts
bit-string lengths
HW =
512-bit 128-bit
σ 0.02137 0.04293
50% − 2𝜎 45.7% 41.4%
50% + 2𝜎 54.3% 58.6%
Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
page 22
Ref: 95% Hamming weight boundary .
▪ 95% (2σ) pass rate for a true random bit-stream
10
1
10
2
10
3
10
4
10
5
10
6
20
30
40
50
60
70
80
Upper limit
Lower limit
Hamming
Weight
(%)
Data size
Pass
page 23
Good randomness across platform .
▪ NeoPUF shows generic compatibility of device corners, cross-fabs,
and technology nodes
Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
page 24
Randomness checked by statistical tests .
▪ Proposed PUF has passed all the tests in NIST800-22 test suite
– Data is accumulated from all samples (TT/FF/SS/SF/FS/OX+/OX-)
# Test Name
Stream
Length
No.
of Runs
Min.
Pass (%)
Average
P-value
Pass?
1 Frequency 40000 75 97.33 0.4999 Pass
2 BlockFrequency 40000 75 100 0.5067 Pass
3 CumulativeSum Forward 40000 75 98.67 0.5084 Pass
4 CumulativeSums Reverse 40000 75 98.67 0.4946 Pass
5 Runs 40000 75 100 0.5384 Pass
6 LongestRun 40000 75 100 0.4783 Pass
7 Rank 40000 75 97.33 0.4568 Pass
8 FFT 40000 75 97.33 0.5142 Pass
9 NonOverlapping Template
40000
(m=9)
75 94.67 0.5060 Pass
10 Overlapping Template
40000
(m=9)
75 100 0.4498 Pass
11 Universal 1000000 3 100 0.6428 Pass
12 ApproximateEntropy
40000
(m=10)
75 100 0.4245 Pass
13 RandomExcursions 1000000 3 100 0.5701 Pass
14 RandomExcursions Variant 1000000 3 100 0.4801 Pass
15 Serial
40000
(m=16)
75 100 0.5387 Pass
16 LinearComplexity 1000000 3 100 0.7000 Pass
page 25
Min-Entropy Analysis .
▪ NeoPUF bits are independent and identically distributed (IID)
random variables
– Passed the IID test in NIST SP800-90B
– Entropy can be estimated as an IID random variable
▪ NeoPUF data are collected across platform
– S55LL/T22ULP/T55ULP/T7FF/T55EF/U55EF
SP800-90b IID test SP800-22
Pass Pass
Min-entropy (IID) ~0.9869
Bitmap from all data
Outline .
1. Recap
2. Design and implementation of quantum tunneling PUF
3. Experiment results of quantum tunneling PUF
5. Conclusion and Outlook
page 27
Device A
▪ How to ensure this key is unique?
→ Keys need to be securely provisioned
▪ How to ensure this key cannot be stolen?
→ Keys should be kept in a Root-of-Trust
A unique key must be
securely stored in the
hardware
Resilient
to attacks
Device B
Different
The Needs of Root of Trust in Silicon .
page 28
Root of Trust
Core Processor
Crypto
Coprocessor
DRAM
Controller
SRAM ROM
Main Bus
SoC
A Root of Trust (RoT) stores and manages the most sensitive digital assets
What is a Root of Trust ?
page 29
▪ Support comprehensive crypto
algorithms with high-speed extension
PUF-based Crypto Coprocessor (PUFcc)
CPU Core
APB AXI / AHB
PUFcc TRNG / UID / HUK
Anti-Tamper
Anti-fuse OTP + PUF
Crypto
DMA
SQC
▪ Unique key generated by PUF
▪ Secure key storage protected by PUF
PUF-based Root of Trust (PUFrt)
APB1
APB2
CPU Core
Secure
Sub-system
(Cryptos)
PUFrt HUK
TRNG
OTP
PUF-based Security IPs .
page 30
▪ Inborn ID provides better security and cost-efficiency
▪ An ID is strictly kept inside the chip and leaves no trace elsewhere
Key Injection Secure Element PUF-based RoT
Costly
Stolen/Leaked
Enroll Inborn
IDs (keys)
Key-Gen.
commands
Costly
SE
SE
Benefits of a PUF-based Root of Trust .
page 31
Key Gen.
PUF
Auxiliary Info.
(optional)
Public Key
Private Key
PUF-based
Key-Pair
Registered as (part of)
the public device ID
Kept secret
for signing
PUF-based Key-pair for Device Identification .
page 32
PUF-based Key Wrapping .
• Storing keys in memory is vulnerable to physical attacks
• Keys can be wrapped before storing at insecure memory blocks
Key Gen. Key Wrapper
NVM/
RAM
Insecure Zone
Secure Zone
KEK
page 33
NOR
Real-time execution
enabled by high-speed
AES-XTS extension
Extended Secure Enclave
▪ Supports direct execution of
encrypted code and data
stored in external NOR Flash
▪ Keys are securely generated or
protected using PUF and
secure OTP in PUFrt
PUFxip XiP-XTS
TRNG
Anti-Tamper
Anti-fuse OTP + PUF
Hash
AES
ECC
DMA (AHB/AXI)
APB Interface
SQC KWP KDF
Execute In Place for External NOR Flash .
page 34
AI SoC
NAND
AI Assets
Global Encryption to Local Encryption
▪ Assets like AI model or firmware
are encrypted and signed before
programming
▪ Assets will be re-encrypted using
local key to prevent NAND Flash
tampering
▪ Authenticated Encryption
supported by GCM
Factory/OTA
PUFenc GCM
TRNG
Anti-Tamper
Anti-fuse OTP + PUF
Hash
AES
ECC
DMA (AHB/AXI)
APB Interface
SQC KWP KDF
Extended Secure Enclave
Protecting Assets in NAND Flash .
page 35
Secure IoT Network
Zero-Touch Device Onboard
Supply Chain End-of-Life
Kpri
Kpub
Registration
Kpri
Kpub
Onboard
Credentials
Assign
Kpri
Kpub
Owner
Credentials
Cloud
Service
Network
Management
DeID zeroization
Kpub
ODM
CA
Kpub
Assembly
Inborn
Cert.
Distribution Channel
Onboard
Service Disassembly
Decommission
Credential Update
Onboard Protocols
Establishing a Secure IoT Ecosystem .
page 36
Device
PUF-based
Root of Trust
Owner
Onboarding
Service
Management
Service
Sign
Sign
Ownership voucher
(from supply chain)
Rendezvous
Server
TO2 Protocol
z
PUF-based Device Attestation Key
Public-key
Registered
Included in OV
Example: FIDO Device Onboard
Support Zero Touch Device Onboard .
page 37
FW
Counterfeit
device works
FW
Stolen
FW FW
Can
decrypt
Cannot
decrypt
Counterfeit
device does
not work
PUF
Reverse and
Reproduce
Genuine Chip Counterfeit Chip
Impossible to
Reverse
No
PUF
▪ Anti-reverse property of PUF
prevents counterfeit chips
▪ Firmware encryption using PUF-key
prevents counterfeit devices
Stolen
Defense Against Counterfeiting .
page 38
▪ The activation code (AC) is uniquely paired to the DeID key
→ Cloning the AC to another chip renders it unusable
FP Activation
@CP/FT
Chip Activation
@Module
Activation
Skipped
IP
CPU
RAM
PUF RoT
IP
CPU
RAM
IP
CPU
RAM
AC
Unique Pair
IP
CPU
RAM
Chip with FP
and
A.C → Activate
Chip without FP
or
A.C → Inactivate
Limiting Overproduction .
Outline .
1. Recap
2. Design and implementation of quantum tunneling PUF
3. Experiment results of quantum tunneling PUF
4. PUF-based security applications
PUFsecurity
page 40
page 40
Conclusion .
Quantum tunneling PUF has been introduced:
▪ It provides good randomness, reliability and physical security
▪ Root of trust and security IPs can be built upon it
▪ It enables a wide range of security applications
… helps building a more secure connected world
PUFsecurity
page 41
page 41
Outlook .
Coming up:
▪ PUF implementations in literature
▪ Performance comparison of different PUFs
▪ Analysis on yield, reliability, and physical attack vulnerability
Thank you!
More educational materials? Feel free to follow us!

Contenu connexe

Similaire à PUF_lecture3.pdf

BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...
BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...
BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...CBO GmbH
 
BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...
BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...
BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...CBO GmbH
 
Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...
Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...
Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...Shawn Lee
 
BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...
BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...
BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...CBO GmbH
 
BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...
BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...
BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...CBO GmbH
 
BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...
BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...
BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...CBO GmbH
 
Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...
Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...
Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...CBO GmbH
 
BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...
BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...
BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...CBO GmbH
 
BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...
BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...
BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...CBO GmbH
 
BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...
BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...
BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...CBO GmbH
 
C08 – Updated planning and commissioning guidelines for Profinet - Xaver Sch...
C08 – Updated planning and commissioning guidelines for Profinet -  Xaver Sch...C08 – Updated planning and commissioning guidelines for Profinet -  Xaver Sch...
C08 – Updated planning and commissioning guidelines for Profinet - Xaver Sch...PROFIBUS and PROFINET InternationaI - PI UK
 
BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...
BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...
BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...CBO GmbH
 
BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...
BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...
BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...CBO GmbH
 
Design for testability and automatic test pattern generation
Design for testability and automatic test pattern generationDesign for testability and automatic test pattern generation
Design for testability and automatic test pattern generationDilip Mathuria
 
1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device
1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device
1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable DeviceShawn Lee
 
PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...
PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...
PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...PROIDEA
 
BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...
BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...
BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...CBO GmbH
 
BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...
BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...
BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...CBO GmbH
 
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware OffloadsQuality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware OffloadsNetronome
 

Similaire à PUF_lecture3.pdf (20)

BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...
BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...
BlueOptics Bo31j856s3d 10gbase-sr xfp transceiver 850nm 300m multimode lc dup...
 
BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...
BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...
BlueOptics Bo65j27660d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 60 km s...
 
Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...
Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...
Wearable 1.78 inch Square AMOLED Display 368*448 For Smart Watch Bracelet Scr...
 
BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...
BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...
BlueOptics Bo65j27610d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 10 km s...
 
BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...
BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...
BlueOptics Bo65j27640d 10gbase-bx-u xfp transceiver tx1270nm-rx1330nm 40 km s...
 
BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...
BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...
BlueOptics Bo31j136s4d 10gbase-lrm xfp transceiver 1310nm 220m multimode lc d...
 
Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...
Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...
Blue optics bo54jchxx640d 10gbase-dwdm cdr sfp+ transceiver c-band 40km singl...
 
BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...
BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...
BlueOptics Bo31h13610d 2-4-8gbase-lw xfp transceiver 1310nm 10km singlemode l...
 
BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...
BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...
BlueOptics Bo65j33660d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 60 km s...
 
BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...
BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...
BlueOptics Bo65 j33640d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 40 km ...
 
C08 – Updated planning and commissioning guidelines for Profinet - Xaver Sch...
C08 – Updated planning and commissioning guidelines for Profinet -  Xaver Sch...C08 – Updated planning and commissioning guidelines for Profinet -  Xaver Sch...
C08 – Updated planning and commissioning guidelines for Profinet - Xaver Sch...
 
BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...
BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...
BlueOptics Bo67hxx640d 2 4 8gbase dwdm xfp transceiver c band 40km singlemode...
 
BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...
BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...
BlueOptics Bo65j33610d 10gbase-bx-d xfp transceiver tx1330nm-rx1270nm 10 km s...
 
Design for testability and automatic test pattern generation
Design for testability and automatic test pattern generationDesign for testability and automatic test pattern generation
Design for testability and automatic test pattern generation
 
1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device
1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device
1.28 Inch Screen 240x240 Round LCD Display For Smart Watch Wearable Device
 
PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...
PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...
PLNOG15: VidMon - monitoring video signal quality in Service Provider IP netw...
 
BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...
BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...
BlueOptics Bo66jxx660d 10gbase cwdm xfp transceiver 1271nm 1451nm 60 km singl...
 
PUF_lecture1.pdf
PUF_lecture1.pdfPUF_lecture1.pdf
PUF_lecture1.pdf
 
BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...
BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...
BlueOptics Bo66jxx680d 10gbase cwdm xfp transceiver 1471nm 1611nm 80 km singl...
 
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware OffloadsQuality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
 

Plus de shannlevia123

ch00-1-introduction.pdf
ch00-1-introduction.pdfch00-1-introduction.pdf
ch00-1-introduction.pdfshannlevia123
 
Chapter 5(Appendix).pdf
Chapter 5(Appendix).pdfChapter 5(Appendix).pdf
Chapter 5(Appendix).pdfshannlevia123
 
Anti-Tampering_Part1.pdf
Anti-Tampering_Part1.pdfAnti-Tampering_Part1.pdf
Anti-Tampering_Part1.pdfshannlevia123
 
lec08_computation_of_DFT.pdf
lec08_computation_of_DFT.pdflec08_computation_of_DFT.pdf
lec08_computation_of_DFT.pdfshannlevia123
 
Ch2_Discrete time signal and systems.pdf
Ch2_Discrete time signal and systems.pdfCh2_Discrete time signal and systems.pdf
Ch2_Discrete time signal and systems.pdfshannlevia123
 

Plus de shannlevia123 (9)

ch00-1-introduction.pdf
ch00-1-introduction.pdfch00-1-introduction.pdf
ch00-1-introduction.pdf
 
Chapter 5(Appendix).pdf
Chapter 5(Appendix).pdfChapter 5(Appendix).pdf
Chapter 5(Appendix).pdf
 
Prob - Syllabus.pdf
Prob - Syllabus.pdfProb - Syllabus.pdf
Prob - Syllabus.pdf
 
Anti-Tampering_Part1.pdf
Anti-Tampering_Part1.pdfAnti-Tampering_Part1.pdf
Anti-Tampering_Part1.pdf
 
lec08_computation_of_DFT.pdf
lec08_computation_of_DFT.pdflec08_computation_of_DFT.pdf
lec08_computation_of_DFT.pdf
 
lec07_DFT.pdf
lec07_DFT.pdflec07_DFT.pdf
lec07_DFT.pdf
 
control00.pdf
control00.pdfcontrol00.pdf
control00.pdf
 
Ch2_Discrete time signal and systems.pdf
Ch2_Discrete time signal and systems.pdfCh2_Discrete time signal and systems.pdf
Ch2_Discrete time signal and systems.pdf
 
Ch3_Z-transform.pdf
Ch3_Z-transform.pdfCh3_Z-transform.pdf
Ch3_Z-transform.pdf
 

Dernier

cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabusViolet Violet
 
Modelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsModelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsYusuf Yıldız
 
Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)Bahzad5
 
GENERAL CONDITIONS FOR CONTRACTS OF CIVIL ENGINEERING WORKS
GENERAL CONDITIONS  FOR  CONTRACTS OF CIVIL ENGINEERING WORKS GENERAL CONDITIONS  FOR  CONTRACTS OF CIVIL ENGINEERING WORKS
GENERAL CONDITIONS FOR CONTRACTS OF CIVIL ENGINEERING WORKS Bahzad5
 
Multicomponent Spiral Wound Membrane Separation Model.pdf
Multicomponent Spiral Wound Membrane Separation Model.pdfMulticomponent Spiral Wound Membrane Separation Model.pdf
Multicomponent Spiral Wound Membrane Separation Model.pdfGiovanaGhasary1
 
me3493 manufacturing technology unit 1 Part A
me3493 manufacturing technology unit 1 Part Ame3493 manufacturing technology unit 1 Part A
me3493 manufacturing technology unit 1 Part Akarthi keyan
 
Graphics Primitives and CG Display Devices
Graphics Primitives and CG Display DevicesGraphics Primitives and CG Display Devices
Graphics Primitives and CG Display DevicesDIPIKA83
 
ChatGPT-and-Generative-AI-Landscape Working of generative ai search
ChatGPT-and-Generative-AI-Landscape Working of generative ai searchChatGPT-and-Generative-AI-Landscape Working of generative ai search
ChatGPT-and-Generative-AI-Landscape Working of generative ai searchrohitcse52
 
Transforming Process Safety Management: Challenges, Benefits, and Transition ...
Transforming Process Safety Management: Challenges, Benefits, and Transition ...Transforming Process Safety Management: Challenges, Benefits, and Transition ...
Transforming Process Safety Management: Challenges, Benefits, and Transition ...soginsider
 
Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...
Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...
Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...Amil baba
 
Nodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptxNodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptxwendy cai
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfodunowoeminence2019
 
UNIT4_ESD_wfffffggggggggggggith_ARM.pptx
UNIT4_ESD_wfffffggggggggggggith_ARM.pptxUNIT4_ESD_wfffffggggggggggggith_ARM.pptx
UNIT4_ESD_wfffffggggggggggggith_ARM.pptxrealme6igamerr
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...sahb78428
 
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
Engineering Mechanics  Chapter 5  Equilibrium of a Rigid BodyEngineering Mechanics  Chapter 5  Equilibrium of a Rigid Body
Engineering Mechanics Chapter 5 Equilibrium of a Rigid BodyAhmadHajasad2
 
Design of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxDesign of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxYogeshKumarKJMIT
 
Mohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptxMohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptxKISHAN KUMAR
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...amrabdallah9
 

Dernier (20)

cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabus
 
Modelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsModelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovations
 
Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)Lecture 1: Basics of trigonometry (surveying)
Lecture 1: Basics of trigonometry (surveying)
 
GENERAL CONDITIONS FOR CONTRACTS OF CIVIL ENGINEERING WORKS
GENERAL CONDITIONS  FOR  CONTRACTS OF CIVIL ENGINEERING WORKS GENERAL CONDITIONS  FOR  CONTRACTS OF CIVIL ENGINEERING WORKS
GENERAL CONDITIONS FOR CONTRACTS OF CIVIL ENGINEERING WORKS
 
Multicomponent Spiral Wound Membrane Separation Model.pdf
Multicomponent Spiral Wound Membrane Separation Model.pdfMulticomponent Spiral Wound Membrane Separation Model.pdf
Multicomponent Spiral Wound Membrane Separation Model.pdf
 
me3493 manufacturing technology unit 1 Part A
me3493 manufacturing technology unit 1 Part Ame3493 manufacturing technology unit 1 Part A
me3493 manufacturing technology unit 1 Part A
 
Graphics Primitives and CG Display Devices
Graphics Primitives and CG Display DevicesGraphics Primitives and CG Display Devices
Graphics Primitives and CG Display Devices
 
ChatGPT-and-Generative-AI-Landscape Working of generative ai search
ChatGPT-and-Generative-AI-Landscape Working of generative ai searchChatGPT-and-Generative-AI-Landscape Working of generative ai search
ChatGPT-and-Generative-AI-Landscape Working of generative ai search
 
Lecture 4 .pdf
Lecture 4                              .pdfLecture 4                              .pdf
Lecture 4 .pdf
 
Lecture 2 .pdf
Lecture 2                           .pdfLecture 2                           .pdf
Lecture 2 .pdf
 
Transforming Process Safety Management: Challenges, Benefits, and Transition ...
Transforming Process Safety Management: Challenges, Benefits, and Transition ...Transforming Process Safety Management: Challenges, Benefits, and Transition ...
Transforming Process Safety Management: Challenges, Benefits, and Transition ...
 
Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...
Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...
Best-NO1 Best Rohani Amil In Lahore Kala Ilam In Lahore Kala Jadu Amil In Lah...
 
Nodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptxNodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptx
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
 
UNIT4_ESD_wfffffggggggggggggith_ARM.pptx
UNIT4_ESD_wfffffggggggggggggith_ARM.pptxUNIT4_ESD_wfffffggggggggggggith_ARM.pptx
UNIT4_ESD_wfffffggggggggggggith_ARM.pptx
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...
 
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
Engineering Mechanics  Chapter 5  Equilibrium of a Rigid BodyEngineering Mechanics  Chapter 5  Equilibrium of a Rigid Body
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
 
Design of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxDesign of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptx
 
Mohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptxMohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptx
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
 

PUF_lecture3.pdf

  • 2. Quantum Tunneling PUFs and PUF-based Applications . Dr. Kent Chuang 2022 September
  • 3. Outline . 1. Recap 2. Design and implementation of quantum tunneling PUF 3. Experiment results of quantum tunneling PUF 4. PUF-based security applications 5. Conclusion and Outlook
  • 4. Outline . 2. Design and implementation of quantum tunneling PUF 3. Experiment results of quantum tunneling PUF 4. PUF-based security applications 5. Conclusion and Outlook
  • 5. page 5 Recap . In the previous lectures, we have introduced ▪ The importance of hardware security & root of trust ▪ What is a PUF? ▪ What are the important PUF properties? ▪ The importance of reliability ▪ How to improve reliability? ▪ Intrinsically reliable PUFs based on quantum tunneling
  • 6. page 6 Key Generation Using PUF . KDF Device Secret Auxiliary Input (Optional) Secret Key PUF Array 0 1 0 1 0 1 0 0 0 Readout Interface ▪ Unique device secret can be derived from the PUF array ▪ Secret key can be further derived by sending the device secret into the key derivation function (KDF)
  • 7. page 7 PUFs need to be intrinsically reliable . Readout Interface Post- processing n-bit k-bit Stabilization m-bit ▪ Error correction is too costly – Extra cost on computation resources, storage and latency ▪ Stabilization techniques are insufficient Costly Insufficient
  • 8. page 8 Increase mismatches through burn-in . VT Percentage Burn-in VT Percentage For example: ▪ VT of the two transistors originally follow the same distribution ▪ The distribution can be separated by applying burn-in mechanism
  • 9. page 9 Quantum Tunneling PUFs . “0” “1” 50% 50% [Chuang, JSSC 2019] [Wu, ISSCC 2018] 50% 50% “0” “1” ▪ Only one tunneling path will be generated in two of the NMOS transistors ▪ Reading out the tunneling current of PUF cells → deriving PUF bits
  • 10. Outline . 1. Recap 3. Experiment results of quantum tunneling PUF 4. PUF-based security applications 5. Conclusion and Outlook
  • 11. page 11 Plenary Speech 2 PUF Array PUF Bit-Cell PUF Enrollment BL BL VAF-0 VAF-1 AF-0(VPP) AF-1(VPP) AF-0(VPP) AF-1(VPP) 50% 50% “1” Cell “0” Cell 0 1 0 1 0 1 0 1 1 1 0 1 0 0 1 0 A Quantum Tunneling PUF .
  • 12. page 12 The self-limiting mechanism . ▪ Current and voltage are limited by the PMOS selector ▪ Ensuring only one BD (tunneling) spot in a PUF cell Δ = Vstress - VDS Vstress VG VDS IBD Reduced stress voltage → No breakdown Limited BD current → Only soft-BD Define saturation current (current limit) Vstress VG Apply constant voltage stress Time to breakdown (tBD) Chuang, et. al, A Physically Unclonable Function Using Soft Oxide Breakdown Featuring 0% Native BER and 51.8fJ/bit in 40nm CMOS, JSSC 2019
  • 13. page 13 Tunneling spots are untraceable . ▪ Current is conducted through trap-assisted tunneling ‒ Few traps can result in significant current difference ‒ Traps are extremely difficult to locate ▪ Current/power limitation should be applied for physical security Formation of oxide defects→ untraceable Metal Gate Substrate Substrate Metal Gate With power limit Without power limit Substrate Metal Gate → Structural damages may be created by heat (easier to trace)
  • 14. page 14 UN-PROGRAMMED Blown Fuse PROGRAMMED UN-PROGRAMMED PROGRAMMED SEM Image of eFuse SEM Image of a Quantum Tunneling PUF PUF Crypto Key eFuse Program Crypto Key Conventional Key Storage (eFuse) Key Generation using PUF Resilient to reverse engineering .
  • 15. page 15 PUF array with single-ended readout scheme . Having two tunneling path is still fine →Probability < 50ppm Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
  • 16. page 16 Sense-amplifier design with balanced current . Sense Amplifier Equal current when sensing “0”/“1” “0”/“1” PUF Array ▪ Minimize power difference required for sensing “0” & “1” ▪ Turn off the cell operation after sensing ▪ Prevent power analysis and photoemission attacks Read 1 Read 0 Unbalanced Design Balanced Design
  • 17. Outline . 1. Recap 2. Design and implementation of quantum tunneling PUF 4. PUF-based security applications 5. Conclusion and Outlook
  • 18. page 18 Nearly ideal uniqueness and reproducibility . ▪ Inter-ID Hamming Distance (HD) follows the ideal distribution ▪ Intra-ID HD is the ideal value: 0 → There is no error 0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 Count (Normalized) Hamming Distance (Normalized) Inter-ID Ideal Data Inter/Intra=∞ μ = 0.499999 σ = 0.031252 Intra-ID -40~175℃ μ = 0 σ = 0 Information Bit String Length 256 bits Total ID Count 16128 Total Bit Count 4128768 Total HD Count 130048128 Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
  • 19. page 19 PUF responses are consistent . ▪ No bit error found across all tested conditions → Wide supply voltage range covering the ULP spec → Wide temperature range from -40 °C to 175 °C 0.8 1.0 1.2 1.4 2.0 2.4 2.8 3.2 0 1 2 3 Bit Error Rate (ppm) Supply Voltage (V) VDD VDD2 -40 0 40 80 120 160 200 0 1 2 3 Bit Error Rate (ppm) Temperature (C) Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
  • 20. page 20 No bit-error caused by aging . ▪ Consistent response during and after the HTOL test → Reliability qualification passed 1 10 100 0 1 2 3 Bit Error Rate (ppm) Challenge-Response-Pair (#) 0 100 1000 0 1 2 3 Bit Error Rate (ppm) Aging Time (hrs) HTOL Burn-In: VDD = 1.7V VDD2 = 3.5V Temp. = 125℃ Post Burn-in VDD = 1.7V VDD2 = 3.5V Temp. = 125℃ Samples: TT*77 Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
  • 21. page 21 Testing randomness within a chip . ▪ Resulting hamming weight is within statistical boundaries ▪ Smaller sample size results in wider deviations “1” bit counts bit-string lengths HW = 512-bit 128-bit σ 0.02137 0.04293 50% − 2𝜎 45.7% 41.4% 50% + 2𝜎 54.3% 58.6% Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
  • 22. page 22 Ref: 95% Hamming weight boundary . ▪ 95% (2σ) pass rate for a true random bit-stream 10 1 10 2 10 3 10 4 10 5 10 6 20 30 40 50 60 70 80 Upper limit Lower limit Hamming Weight (%) Data size Pass
  • 23. page 23 Good randomness across platform . ▪ NeoPUF shows generic compatibility of device corners, cross-fabs, and technology nodes Wu, et. al, A PUF Scheme using Competing Oxide Rupture with Bit Error Rate Approaching Zero, ISSCC, 2018
  • 24. page 24 Randomness checked by statistical tests . ▪ Proposed PUF has passed all the tests in NIST800-22 test suite – Data is accumulated from all samples (TT/FF/SS/SF/FS/OX+/OX-) # Test Name Stream Length No. of Runs Min. Pass (%) Average P-value Pass? 1 Frequency 40000 75 97.33 0.4999 Pass 2 BlockFrequency 40000 75 100 0.5067 Pass 3 CumulativeSum Forward 40000 75 98.67 0.5084 Pass 4 CumulativeSums Reverse 40000 75 98.67 0.4946 Pass 5 Runs 40000 75 100 0.5384 Pass 6 LongestRun 40000 75 100 0.4783 Pass 7 Rank 40000 75 97.33 0.4568 Pass 8 FFT 40000 75 97.33 0.5142 Pass 9 NonOverlapping Template 40000 (m=9) 75 94.67 0.5060 Pass 10 Overlapping Template 40000 (m=9) 75 100 0.4498 Pass 11 Universal 1000000 3 100 0.6428 Pass 12 ApproximateEntropy 40000 (m=10) 75 100 0.4245 Pass 13 RandomExcursions 1000000 3 100 0.5701 Pass 14 RandomExcursions Variant 1000000 3 100 0.4801 Pass 15 Serial 40000 (m=16) 75 100 0.5387 Pass 16 LinearComplexity 1000000 3 100 0.7000 Pass
  • 25. page 25 Min-Entropy Analysis . ▪ NeoPUF bits are independent and identically distributed (IID) random variables – Passed the IID test in NIST SP800-90B – Entropy can be estimated as an IID random variable ▪ NeoPUF data are collected across platform – S55LL/T22ULP/T55ULP/T7FF/T55EF/U55EF SP800-90b IID test SP800-22 Pass Pass Min-entropy (IID) ~0.9869 Bitmap from all data
  • 26. Outline . 1. Recap 2. Design and implementation of quantum tunneling PUF 3. Experiment results of quantum tunneling PUF 5. Conclusion and Outlook
  • 27. page 27 Device A ▪ How to ensure this key is unique? → Keys need to be securely provisioned ▪ How to ensure this key cannot be stolen? → Keys should be kept in a Root-of-Trust A unique key must be securely stored in the hardware Resilient to attacks Device B Different The Needs of Root of Trust in Silicon .
  • 28. page 28 Root of Trust Core Processor Crypto Coprocessor DRAM Controller SRAM ROM Main Bus SoC A Root of Trust (RoT) stores and manages the most sensitive digital assets What is a Root of Trust ?
  • 29. page 29 ▪ Support comprehensive crypto algorithms with high-speed extension PUF-based Crypto Coprocessor (PUFcc) CPU Core APB AXI / AHB PUFcc TRNG / UID / HUK Anti-Tamper Anti-fuse OTP + PUF Crypto DMA SQC ▪ Unique key generated by PUF ▪ Secure key storage protected by PUF PUF-based Root of Trust (PUFrt) APB1 APB2 CPU Core Secure Sub-system (Cryptos) PUFrt HUK TRNG OTP PUF-based Security IPs .
  • 30. page 30 ▪ Inborn ID provides better security and cost-efficiency ▪ An ID is strictly kept inside the chip and leaves no trace elsewhere Key Injection Secure Element PUF-based RoT Costly Stolen/Leaked Enroll Inborn IDs (keys) Key-Gen. commands Costly SE SE Benefits of a PUF-based Root of Trust .
  • 31. page 31 Key Gen. PUF Auxiliary Info. (optional) Public Key Private Key PUF-based Key-Pair Registered as (part of) the public device ID Kept secret for signing PUF-based Key-pair for Device Identification .
  • 32. page 32 PUF-based Key Wrapping . • Storing keys in memory is vulnerable to physical attacks • Keys can be wrapped before storing at insecure memory blocks Key Gen. Key Wrapper NVM/ RAM Insecure Zone Secure Zone KEK
  • 33. page 33 NOR Real-time execution enabled by high-speed AES-XTS extension Extended Secure Enclave ▪ Supports direct execution of encrypted code and data stored in external NOR Flash ▪ Keys are securely generated or protected using PUF and secure OTP in PUFrt PUFxip XiP-XTS TRNG Anti-Tamper Anti-fuse OTP + PUF Hash AES ECC DMA (AHB/AXI) APB Interface SQC KWP KDF Execute In Place for External NOR Flash .
  • 34. page 34 AI SoC NAND AI Assets Global Encryption to Local Encryption ▪ Assets like AI model or firmware are encrypted and signed before programming ▪ Assets will be re-encrypted using local key to prevent NAND Flash tampering ▪ Authenticated Encryption supported by GCM Factory/OTA PUFenc GCM TRNG Anti-Tamper Anti-fuse OTP + PUF Hash AES ECC DMA (AHB/AXI) APB Interface SQC KWP KDF Extended Secure Enclave Protecting Assets in NAND Flash .
  • 35. page 35 Secure IoT Network Zero-Touch Device Onboard Supply Chain End-of-Life Kpri Kpub Registration Kpri Kpub Onboard Credentials Assign Kpri Kpub Owner Credentials Cloud Service Network Management DeID zeroization Kpub ODM CA Kpub Assembly Inborn Cert. Distribution Channel Onboard Service Disassembly Decommission Credential Update Onboard Protocols Establishing a Secure IoT Ecosystem .
  • 36. page 36 Device PUF-based Root of Trust Owner Onboarding Service Management Service Sign Sign Ownership voucher (from supply chain) Rendezvous Server TO2 Protocol z PUF-based Device Attestation Key Public-key Registered Included in OV Example: FIDO Device Onboard Support Zero Touch Device Onboard .
  • 37. page 37 FW Counterfeit device works FW Stolen FW FW Can decrypt Cannot decrypt Counterfeit device does not work PUF Reverse and Reproduce Genuine Chip Counterfeit Chip Impossible to Reverse No PUF ▪ Anti-reverse property of PUF prevents counterfeit chips ▪ Firmware encryption using PUF-key prevents counterfeit devices Stolen Defense Against Counterfeiting .
  • 38. page 38 ▪ The activation code (AC) is uniquely paired to the DeID key → Cloning the AC to another chip renders it unusable FP Activation @CP/FT Chip Activation @Module Activation Skipped IP CPU RAM PUF RoT IP CPU RAM IP CPU RAM AC Unique Pair IP CPU RAM Chip with FP and A.C → Activate Chip without FP or A.C → Inactivate Limiting Overproduction .
  • 39. Outline . 1. Recap 2. Design and implementation of quantum tunneling PUF 3. Experiment results of quantum tunneling PUF 4. PUF-based security applications
  • 40. PUFsecurity page 40 page 40 Conclusion . Quantum tunneling PUF has been introduced: ▪ It provides good randomness, reliability and physical security ▪ Root of trust and security IPs can be built upon it ▪ It enables a wide range of security applications … helps building a more secure connected world
  • 41. PUFsecurity page 41 page 41 Outlook . Coming up: ▪ PUF implementations in literature ▪ Performance comparison of different PUFs ▪ Analysis on yield, reliability, and physical attack vulnerability
  • 42. Thank you! More educational materials? Feel free to follow us!