Secure and ligthweight hardware authentication systems based on physical unclonable functions

Résumé

This Dissertation focuses on the authentication of hardware by using Physical Unclonable Functions (PUFs), which avoid device cloning and are able to generate secrets on the fly instead of storing them. Structures based on ring oscillators (ROs) and standard static random access memories (SRAMs) reported in the literature have been analyzed in detail to evaluate their advantages and drawbacks mainly concerning uniqueness and reliability. RO PUFs have been characterized experimentally in FPGAs from Xilinx while SRAM PUFs have been characterized in ASICs fabricated with TSMC 90 nm technology. A novel real-valued RO PUF is proposed to overcome the problems observed, in particular when the number of ring oscillators is small. It is more robust against surrounding logic and it is less affected by temperature and power supply variations. According to the metrics employed in these real-valued RO PUFs, a new real-valued shielding function is proposed to generate secrets. In addition, real-valued RO PUFs are also exploited to work as true random number generators (TRNGs). A novel SRAM-based solution is proposed which is under confidentiality. A lightweight authentication system based on a symmetric-key challengeresponse protocol that uses the mixed PUF-TRNG structures analyzed is developed. Although the secret key is not stored but processed on the fly, the hardware blocks leak information about the data that are computed in each instant. Hence, the security of the system is studied not only from a mathematical point of view but also from its resistance to hardware (physical) attacks. In particular, a Differential Power Analysis (DPA) attack is developed and carried out against the system in a real scenario. Experimental results show how many interchanged messages are needed to extract the secret successfully.