WO2016051370A1 - Dispositif intégré pour implémenter une fonction non clonable physique et une constante non clonable physique - Google Patents
Dispositif intégré pour implémenter une fonction non clonable physique et une constante non clonable physique Download PDFInfo
- Publication number
- WO2016051370A1 WO2016051370A1 PCT/IB2015/057516 IB2015057516W WO2016051370A1 WO 2016051370 A1 WO2016051370 A1 WO 2016051370A1 IB 2015057516 W IB2015057516 W IB 2015057516W WO 2016051370 A1 WO2016051370 A1 WO 2016051370A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- transistor
- terminal
- cell
- puc
- electrically connected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H03—ELECTRONIC CIRCUITRY
- H03K—PULSE TECHNIQUE
- H03K19/00—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
- H03K19/003—Modifications for increasing the reliability for protection
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Definitions
- the technical reference field of the invention relates to hardware device authentication, and in particular, integrated circuit authentication via Physical Unclonable Constant (PUC) and Physical Unclonable Functions (PUF).
- PUC Physical Unclonable Constant
- PAF Physical Unclonable Functions
- a first example relates to the field of electronic systems adapted to ensure the unique identification and authentication of a user.
- a second example relates to the protection of on-board chip firmware.
- An effective solution to protect the firmware on-board of chips includes encrypting the firmware code before writing it to the memory and decrypting it a moment before execution. The encryption/decryption is done by the hardware of the chip itself and uses a symmetric algorithm provided with a decoding key.
- the secret decryption key is stored to non-volatile memory (such as in an EEPROM) making it available to be used as a digital signature or used on encrypted protocols to authenticate devices or protect private information.
- Non-volatile memory in fact, is vulnerable to invasive brute-force attacks as it keeps the information on the chip in a visible and clonable manner. Therefore, in order to ensure a high level of security for these memories, auxiliary circuitry must be used adapted to check the status of the integrated circuit in real time and prevent possible attacks. This solution is understandably very costly, both in terms of implementation cost and in terms of energy consumption.
- PAFs Physical Unclonable Functions
- PUFs are divided into two categories: strong PUFs and weak PUFs, according to their size. Strong PUFs have a large domain and their typical use is chip authentication based on the so-called Challenge Response Pairs (CRP) technique. Weak PUFs, on the other hand, have a very small domain which may be such as to reduce the PUF to a mere constant function, sometimes referred to as Physical Unclonable Constant (PUC).
- An ideal PUC may be described as a random constant: the random value is set during manufacture and is then output whenever the PUC is "queried". Reference is made hereinafter to PUFs to indicate devices of any complexity and thus including PUCs.
- the above random value generated in a PUF can be generated, for example, by the propagation delay of a signal through the interconnections and the transistors implemented on the chip, or by the exact length of the channel of a MOSFET.
- a potential attacker who wanted to take a key generated by a PUF should be able to get the key while the circuit is working to generate it, which is much more difficult than reading a key permanently stored unencrypted to non-volatile memory. Moreover, if the hypothetical attacker made an attack on the chip, he should be able to carry out his attack without modifying the physical structure of the circuit, because changing the physical structure of the circuit would change the same response of the circuit and thus the generated key.
- a PUF is generally obtained through a circuit which uses the inherent variability in the manufacturing process to generate a binary output which is the result of the combination of the variables inside the circuit made and represents a sort of "fingerprint" thereof.
- PUFs Since said statistic variations cannot be controlled from the outside but only statistically predicted, they imply that the single PUF circuit cannot be replicated or cloned because it is substantially dependent on the randomness of the production, process.
- NVM non-volatile memories
- PUF circuits The main drawback of PUF circuits is that the same circuit may have different outputs in response to the same inputs.
- the randomness of the error is related to the own noise generated by the circuit, while the deterministic part of the error is related to the combination of the various mismatches present and related to the nominal values of the characteristic parameters of the circuit.
- SRAM static RAM
- the problem related to the use of SRAM is related to the fact that the "preference” shown by each cell varies almost continuously from one cell to another, with some particularly “uncertain” cells which can take values “0" and “1 " with probability close to 50%.
- Those "uncertain” cells lower the overall reliability of the system, in the sense that at each switch on of the chip, the ID generated by the chip itself is likely to fluctuate between two or more substantially equiprobable IDs, thus making the use of such an ID as a cryptographic key very difficult.
- These uncertain cells are usually managed by obtaining a surplus of cells in the chip, then measuring the uncertainty degree of the cells to finally discard the cells considered not reliable enough.
- the risk to cope with by means of this solution is that after discarding unreliable cells, there may not be enough to create the encryption key, thus making the chip unusable.
- the best way to reduce the likelihood of such a possibility, reducing the risk of not achieving the minimum number of useful cells, is to increase said surplus of cells, but doing so makes the chip more complex and larger, thus reducing the yield and increasing the manufacturing costs.
- error control methods and devices are further available - sometimes referred to as stabilizers - adapted to ensure that the PUF generates the correct output.
- the European patent application EP2615571 describes a method for generating an identifier starting from the outputs of two PUFs which generate the desired output when combined by a certain function.
- two preferred embodiments of the inventions include combining the outputs of the two PUFs in a function adapted to return the correct output, or using the so-called challenge-response technique, i.e. using the output of the first PUF as an input to the second PUF, and afterwards a function which processes the second output to generate the desired output, respectively.
- the international patent application WO03090259 describes a method of authenticating an integrated circuit based on designing said circuit so as to implement a wide range of measurable physical characteristics which are difficult to be duplicated with accuracy.
- the integrated circuit can be authenticated by selectively measuring a subset of said physical characteristics and comparing the results measured with previously stored measurements. If they match, the chip is authenticated.
- the chip is thus designed so that the number of measurable physical characteristics is large enough so that it is virtually impossible for any attacker to measure all the physical characteristics completely and store the result measured.
- the international patent application WO2009/024913 describes a technique in which the output of a PUF provides authentication to devices having programmable memories.
- the data in memory are encrypted with a secret key.
- An access code is generated by combining the output of the PUF (due to a particular input) with said secret key. Therefore, in order to decrypt the data, the correct input is required to have the correct output which, combined with the secret key, will provide the necessary access code to decrypt the data.
- the circuit according to the present invention is characterized by a complexity comparable to the complexity of an SRAM cell and allows to obtain, in production, a fraction of uncertain cells which can be much smaller than the fraction of SRAM- based uncertain cells and such as not to require the use of stabilizer devices or methods.
- figure 1 shows the diagram of the general model of an SRAM cell which forms a PUC (a) and relevant vector diagram of the equilibrium states (b);
- figure 2 shows the circuit diagram of a preferred embodiment of the present invention
- figure 3 shows the transfer function Vout/Vin of the comparator/inverter block of the device according to the present invention.
- FIG 1 accompanying the present patent application shows a diagram of the general model of an SRAM cell which forms a prior art PUC and the vector diagram of the equilibrium states of said SRAM cell, related to the case where Ci
- Each SRAM cell of the type used for manufacturing PUCs has three equilibrium points: two stable equilibrium points, corresponding to the storage of values "0" and "1 " - indicated with “0” and “1 " in figure 1 (b) - and one unstable equilibrium point, indicated with "X” in figure 1 (b).
- the SRAM cell shown in accompanying figure 1 has a preference for the equilibrium point 1 meaning that any evolution of the state of the cell, in the absence of noise, which starts from a situation corresponding to the origin of the graph in figure 1 (b), point (0,0), will end in point 1 along the continuous line.
- the present invention thus introduces a new circuit for manufacturing a PCU circuit, a circuit which is characterized by a single stable equilibrium point the position of which is strongly influenced by the physical construction parameters of the circuit itself.
- the PUC cell according to the present invention comprises:
- a first pair of transistors comprising a first field effect transistor - FET - or Metal Oxide Semiconductor Field Effect Transistor - MOSFET Q1 , of the P-channel type, and a second field-effect transistor, Q2, of the N-channel type;
- first terminal electrically connected to the gate contact of said first transistor Q1 and to the gate contact of said second transistor Q2, said first terminal being adapted to receive a first DC voltage V0 equal to half the supply voltage of the circuit; a second terminal electrically connected to the drain contact of said first transistor Q1 and to the drain contact of said second transistor Q2;
- a third terminal electrically connected to the source contact of said first transistor Q1 , said third terminal being adapted to receive a second DC voltage 2V0 equal to the supply voltage of the circuit;
- a comparator/inverter block connected with the input to said second terminal and with the output to the output terminal of said PCU cell, and adapted to map the voltage value on said second terminal in the output values 0V and 2V0.
- said comparator/inverter block preferably comprises
- a second pair of transistors comprising a third transistor Q3, preferably made by a field-effect transistor of the P-channel type, and a fourth transistor Q4, preferably made by a field-effect transistor of the N-channel type, in which:
- drain contact of said third transistor Q3 and the drain contact of said fourth transistor Q4 are both connected to the output terminal of said PUC cell;
- the source contact of said third transistor Q3 is electrically connected to said third terminal
- the source contact of said fourth transistor Q4 is electrically connected to the ground reference of the circuit.
- Said transistors Q1 - Q4 and said capacitance C are preferably made within a semiconductor chip according to the methods available in the prior art.
- FIG. 3 shows the transfer function Vout/Vin of the above preferred embodiment of said comparator/inverter block in which the voltage values VI L and VI H represent the points where the curve of said transfer function Vout/Vin has a slope equal to -1 , said points delimiting the region of indeterminacy of said comparator/inverter block.
- the current flowing in transistor FET Qi is equal to:
- VGS the voltage applied between gate and source of the FET
- VDS the voltage present between drain and source of the FET
- transistors Q1 and Q2 are FET of the enhancement type VTI ⁇ 0 ⁇ VT2, moreover, transistors Q1 and Q2 are made so that the cell is symmetrical in the sense that, nominally, we have:
- the output voltage and logical value of the PUC cell according to the present invention depends only on the initial value of current lc, lc(0) taken upon the switching on of the cell and the output logical value of said cell will be equal to 1 in the cases where lc(0) ⁇ 0. This implies that the PUC cell according to the present invention is practically independent of any changes in the operating temperature since any changes in temperature are obviously the same for both Q1 and Q2, without affecting the overall operation of the cell itself.
- the PUC cell according to the present invention has a single equilibrium point also causes that any noise superimposed to the voltages involved does not lead to achieving a "wrong" state by that cell, making the PUC cell according to the present invention substantially immune to noise.
- the PUC cell according to the present invention has a very low complexity comparable to that of an SRAM cell and has a much greater reliability than an SRAM cell as it is characterized by only one stable equilibrium point the position of which depends on random differences introduced during the step of manufacturing the chip.
- the PUC cell according to the present invention is stable over a wide range of operating temperatures and offers considerable noise immunity, thus making the use of stabilizers adapted to ensure the correct output and which are normally used along with conventional SRAM type cells unnecessary.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Semiconductor Integrated Circuits (AREA)
Abstract
L'invention concerne une cellule PUC (constante non clonable physique) caractérisée par une très faible complexité comparable à celle d'une cellule SRAM et par une fiabilité bien supérieure à celle d'une cellule SRAM car elle est caractérisée par un seul point d'équilibre stable dont la position dépend de différences aléatoires introduites pendant l'étape de fabrication de la puce. La cellule PUC selon la présente invention est également stable sur une large plage de températures de fonctionnement et offre une considérable immunité au bruit, ce qui rend superflue l'utilisation de stabilisateurs conçus pour assurer la sortie correcte et qui sont normalement utilisés avec des cellules de type SRAM classiques.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP15791746.9A EP3202041A1 (fr) | 2014-10-01 | 2015-10-01 | Dispositif intégré pour implémenter une fonction non clonable physique et une constante non clonable physique |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| ITPD20140253 | 2014-10-01 | ||
| ITPD2014A000253 | 2014-10-01 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2016051370A1 true WO2016051370A1 (fr) | 2016-04-07 |
Family
ID=52014266
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/IB2015/057516 Ceased WO2016051370A1 (fr) | 2014-10-01 | 2015-10-01 | Dispositif intégré pour implémenter une fonction non clonable physique et une constante non clonable physique |
Country Status (2)
| Country | Link |
|---|---|
| EP (1) | EP3202041A1 (fr) |
| WO (1) | WO2016051370A1 (fr) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9966954B1 (en) * | 2017-02-03 | 2018-05-08 | The Regents Of The University Of Michigan | Physically unclonable function design |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1993000590A1 (fr) * | 1991-06-24 | 1993-01-07 | Harris Corporation | Comparateur differentiel a haute vitesse |
| WO2003090259A2 (fr) | 2002-04-16 | 2003-10-30 | Massachusetts Institute Of Technology | Authentification de circuits integres |
| WO2009024913A2 (fr) | 2007-08-22 | 2009-02-26 | Intrinsic Id Bv | Identification de dispositifs utilisant des fonctions non clonables physiquement |
| CN102710251A (zh) * | 2012-05-28 | 2012-10-03 | 宁波大学 | 一种puf电路单元 |
| EP2615571A1 (fr) | 2012-01-16 | 2013-07-17 | Gemalto SA | Procédé de génération d'un identifiant pour un appareil électronique |
-
2015
- 2015-10-01 WO PCT/IB2015/057516 patent/WO2016051370A1/fr not_active Ceased
- 2015-10-01 EP EP15791746.9A patent/EP3202041A1/fr not_active Withdrawn
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1993000590A1 (fr) * | 1991-06-24 | 1993-01-07 | Harris Corporation | Comparateur differentiel a haute vitesse |
| WO2003090259A2 (fr) | 2002-04-16 | 2003-10-30 | Massachusetts Institute Of Technology | Authentification de circuits integres |
| WO2009024913A2 (fr) | 2007-08-22 | 2009-02-26 | Intrinsic Id Bv | Identification de dispositifs utilisant des fonctions non clonables physiquement |
| EP2615571A1 (fr) | 2012-01-16 | 2013-07-17 | Gemalto SA | Procédé de génération d'un identifiant pour un appareil électronique |
| CN102710251A (zh) * | 2012-05-28 | 2012-10-03 | 宁波大学 | 一种puf电路单元 |
Non-Patent Citations (2)
| Title |
|---|
| "Physically Unclonable Functions in Theory and Practice", 31 December 2013, SPRINGER, ISBN: 978-1-46-145039-9, article CHRISTOPH BÖHM ET AL: "Physically Unclonable Functions in Theory and Practice", pages: 13 - 15, XP055178520, DOI: 10.1007/978-1-4614-5040-5 * |
| PUNTIN D ET AL: "CMOS unclonable system for secure authentication based on device variability", ESSCIRC 2008 - 34TH EUROPEAN SOLID-STATE CIRCUITS CONFERENCE IOP PUBLISHING BRISTOL, UK,, 15 September 2008 (2008-09-15), pages 130 - 133, XP007918255, ISBN: 978-1-4244-2362-0 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9966954B1 (en) * | 2017-02-03 | 2018-05-08 | The Regents Of The University Of Michigan | Physically unclonable function design |
Also Published As
| Publication number | Publication date |
|---|---|
| EP3202041A1 (fr) | 2017-08-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11729005B2 (en) | Apparatus and method for processing authentication information | |
| Rührmair et al. | PUFs at a glance | |
| US11856116B2 (en) | Method and apparatus for protecting embedded software | |
| Joshi et al. | Everything you wanted to know about PUFs | |
| Garg et al. | Design of SRAM PUF with improved uniformity and reliability utilizing device aging effect | |
| US8749265B2 (en) | Semiconductor chip and method for generating digital value using process variation | |
| CN106257590B (zh) | 具有防篡改性的非易失性存储装置以及集成电路卡 | |
| US9536581B2 (en) | Tamper-resistant non-volatile memory device | |
| US9548113B2 (en) | Tamper-resistant non-volatile memory device | |
| CN106257860B (zh) | 随机数处理装置以及集成电路卡 | |
| Oren et al. | On the effectiveness of the remanence decay side-channel to clone memory-based PUFs | |
| US9729324B2 (en) | Semiconductor integrated circuit, authentication system, and authentication method | |
| US20160148680A1 (en) | Tamper-resistant non-volatile memory device | |
| KR101359783B1 (ko) | 부정합 부하 저항 소자 기반 물리적 복제 불가 함수 시스템 | |
| US10797891B2 (en) | Physically unclonable function resistant to side-channel attack and method therefor | |
| Gao et al. | Efficient erasable PUFs from programmable logic and memristors | |
| US20110128030A1 (en) | Monitoring of the activity of an electronic circuit | |
| Felicetti et al. | Exploiting silicon fingerprint for device authentication using CMOS-PUF and ECC | |
| Park et al. | A reconfigurable LDO-assisted physically unclonable function achieving a zero-BER with 14% masking | |
| US9860062B2 (en) | Communication arrangement and method for generating a cryptographic key | |
| WO2016051370A1 (fr) | Dispositif intégré pour implémenter une fonction non clonable physique et une constante non clonable physique | |
| Noor et al. | Defense mechanisms against machine learning modeling attacks on strong physical unclonable functions for iot authentication: a review | |
| KR101373576B1 (ko) | Des 암호화 시스템 | |
| Cambou | Enhancing secure elements—technology and architecture | |
| JP4530229B2 (ja) | カード認証システム |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15791746 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| REEP | Request for entry into the european phase |
Ref document number: 2015791746 Country of ref document: EP |