Implementation and characterization of flash-based hardware security primitives for cryptographic key generation

Hardware security primitives, also known as physical unclonable functions (PUFs), perform innovative roles to extract the randomness unique to specific hardware. This paper proposes a novel hardware security primitive using a commercial off-the-shelf flash memory chip that is an intrinsic part of most commercial Internet of Things (IoT) devices. First, we define a hardware security source model to describe a hardware-based fixed random bit generator for use in security applications, such as cryptographic key generation. Then, we propose a hardware security primitive with flash memory by exploiting the variability of tunneling electrons in the floating gate. In accordance with the requirements for robustness against the environment, timing variations, and random errors, we developed an adaptive extraction algorithm for the flash PUF. Experimental results show that the proposed flash PUF successfully generates a fixed random response, where the uniqueness is 49.1%, steadiness is 3.8%, uniformity is 50.2%, and min-entropy per bit is 0.87. Thus, our approach can be applied to security applications with reliability and satisfy high-entropy requirements, such as cryptographic key generation for IoT devices.     

基于仲裁器PUF的SRAM FPGA防克隆技术设计与实现

为保护电子设备中使用的静态随机存储器(SRAM)型现场可编程门阵列(FPGA)内部电路设计不被窃取,设计了用于SRAM FPGA的防克隆电路.该电路利用FPGA制造过程中的随机误差,提取每块芯片独一无二的ID.在此ID的控制下,被保护电路只能在指定的FPGA中正常运行,而在未指定的FPGA中运行时,无法产生正确的输出,从而达到防克隆目的.防克隆电路由使用仲裁器的物理不可克隆函数(PUF)、多数表决器、运算门阵列等三部分构成,其中仲裁器PUF电路用于提取ID,多数表决器起到提高输出稳定性的作用.最后在FPGA开发平台上证明了该电路的可行性.     

一步法制备聚脲甲醛包覆反应性乙烯基硅油微胶囊

以聚脲甲醛(PUF)为囊壁,乙烯基硅油为囊芯,采用原位聚合"一步法"成功制备出具有自修复功能且粒径均匀的新型PUF包覆乙烯基硅油微胶囊。研究了分散剂/表面活性剂种类及用量、m(囊芯)∶m(囊壁)比例对微胶囊物理性能的影响,并通过扫描电镜(SEM)、金相显微镜、激光粒度分析仪和红外光谱(FT-IR)法等对微胶囊的形貌、粒径大小等进行了研究。结果表明:选用较高浓度的聚乙烯醇(PVA1799)作为分散剂时,有利于微胶囊的形成;当w(PVA1799)=3.00%(相对于体系总质量而言)、m(囊芯)∶m(囊壁)=2.8∶1.0时,在1500r/min条件下,可制备出平均粒径小于20μm且粒径分布较均匀的理想微胶囊。     

基于对抗学习的强PUF安全结构研究

针对强物理不可复制函数(PUF,physical unclonable function)面临的机器学习建模威胁,基于对抗学习理论建立了强PUF的对抗机器学习模型,在模型框架下,通过对梯度下降算法训练过程的分析,明确了延迟向量权重与模型预测准确率之间的潜在联系,设计了一种基于延迟向量权重的对抗样本生成策略.该策略与传统...     

PUFPass: A password management mechanism based on software/hardware codesign

Secure passwords need high entropy, but are difficult for users to remember. Password managers minimize the memory burden by storing site passwords locally or generating secure site passwords from a master password through hashing or key stretching. Unfortunately, they are threatened by the single point of failure introduced by the master password which is vulnerable to various attacks such as offline attack and shoulder surfing attack. To handle these issues, this paper proposes the PUFPass, a secure password management mechanism based on software/hardware codesign. By introducing the hardware primitive, Physical Unclonable Function (PUF), into PUFPass, the random physical disorder is exploited to strengthen site passwords. An illustration of PUFPass in the Android operating system is given. PUFPass is evaluated from aspects of both security and preliminary usability. The security of the passwords is evaluated using a compound heuristic algorithm based PUF attack software and an open source password cracking software, respectively. Finally, PUFPass is compared with other password management mechanisms using the Usability-Deployability-Security (UDS) framework. The results show that PUFPass has great advantages in security while maintaining most benefits in usability.     

13C-NMR analysis of phenol-urea-formaldehyde prepolymers and phenol-urea-formaldehyde-tannin adhesives

Phenol-urea-formaldehyde-tannin (PUFT) adhesives were prepared by co-polymerization of Pinus pinaster bark tannins with phenol-urea-formaldehyde (PUF) prepolymers at room temperature. A detailed analysis by ¹³C-NMR spectroscopy of the resins together with an evaluation of their properties was performed in order to find suitable preparation conditions for prepolymers prior to their co-polymerization with tannins. ¹³C-NMR spectroscopy allowed identification of the different linkages formed and quantification of the main functional groups in the PUF prepolymers, which were greatly influenced by the preparation conditions. The decrease in the free formaldehyde content in the PUFT adhesives with respect to the original prepolymers was attributed to tannin methylolation at room temperature. The fast increase in the apparent viscosity of the PUFT adhesives after the blending suggested the possibility of a co-polymerization reaction between tannins and the PUF prepolymers; however, the occurrence of this reaction could not be confirmed by ¹³C-NMR.     

基于人工神经网络特征向量提取的FF-APUF攻击方法

为评估物理不可克隆函数(PUF)的安全性,需针对不同的PUF结构设计相应的攻击方法.该文通过对强PUF电路结构和工作机理的研究,利用人工神经网络(ANN)提出一种针对触发器-仲裁器物理不可克隆函数(FF-APUF)的有效攻击方法.首先,根据FF-APUF电路结构,利用多维数组构建电路延时模型;然后,对FF-APUF的二...     

PUF‐based solutions for secure communications in Advanced Metering Infrastructure (AMI)

Advanced metering infrastructure (AMI) provides 2‐way communications between the utility and the smart meters. Developing authenticated key exchange (AKE) and broadcast authentication (BA) protocols is essential to provide secure communications in AMI. The security of all existing cryptographic protocols is based on the assumption that secret information is stored in the nonvolatile memories. In the AMI, the attackers can obtain some or all of the stored secret information from memories by a great variety of inexpensive and fast side‐channel attacks. Thus, all existing AKE and BA protocols are no longer secure. In this paper, we investigate how to develop secure AKE and BA protocols in the presence of memory attacks. As a solution, we propose to embed a physical unclonable function (PUF) in each party, which generates the secret values as required without the need to store them. By combining PUFs and 2 well‐known and secure protocols, we propose PUF‐based AKE and BA protocols. We show that our proposed protocols are memory leakage resilient. In addition, we prove their security in the standard model. Performance analysis of both protocols shows their efficiency for AMI applications. The proposed protocols can be easily implemented.     

基于PUFS的不经意传输协议

不经意传输(OT, oblivious transfer）协议是密码学中的一个基本协议。基于物理不可克隆函数（PUF, physical unclonable function）给出物理不可克隆函数系统（PUFS, physical unclonable function system）的概念,并在此基础上提出一个新的不经意传输协议（POT, PUFS based OT）,最后在通用可组合（UC, universal composition）框架内给出POT协议抵抗静态敌手的安全性证明。相比于传统基于公钥加密的OT方案,POT协议不使用任何可计算的假设,而是基于PUFS的安全属性实现,因此在很大程度上减小了计算和通信开销。     

基于信号传输理论的Glitch物理不可克隆函数电路设计

通过对信号传输理论、竞争-冒险现象和物理不可克隆函数(Physical Unclonable Functions, PUF)电路的研究,论文提出一种基于信号传输理论的毛刺型物理不可克隆函数电路(Glitch Physical Unclonable Functions, Glitch-PUF)方案。该方案首先根据偏差延迟的信号传输理论,推导出获得稳定毛刺输出的电路级数;然后利用组合逻辑电路的传播延迟差异,结合1冒险和0冒险获得具有毛刺的输出波形,采用多级延迟采样电路实现Glitch-PUF的输出响应。由于毛刺信号具有显著的非线性特性,将其应用于PUF电路可有效解决模型攻击等问题。最后在TSMC 65 nm CMOS工艺下,设计128位数据输出的电路结构,Monte Carlo仿真结果表明Glitch-PUF电路具有良好的随机性。