Modeling and Design of SRAM-Based Physical Unclonable Function

With the proliferation of IoT and other distributed systems, securing embedded devices against physical attacks has become increasingly important. Conventional techniques such as storing secret keys in non-volatile memory have been shown to be vulnerable to invasive attacks, highlighting the need for new methods of protecting such systems and reliably authenticating devices. This thesis explores Physical Unclonable Functions (PUFs) as a security primitive to ensure that secret keys and identifiers are not available to potential attackers. Specifically, the focus is on SRAM PUFs, which use memory start-up values to generate unique IDs for manufactured devices. SRAM is present on virtually all modern embedded systems, and its volatile nature means that keys are not stored in the device while it is powered down but can be recreated each time it is powered on. To qualify for use in security-critical applications, the produced keys must be truly random and unique to each device. Therefore, a set of metrics to quantify the strength of the keys is presented and used to evaluate a data set extracted from a custom test chip. The experiments compare a reference standard SRAM against a memory that has been modified to allow fast erasure and fast initialization by destabilizing the cells. This modification enables rapidly performing multiple evaluations of the memory to reduce the noise present in the PUF response. Results show that the modifications have some negative impact on the security metrics of the resulting keys, meaning it is advisable to implement privacy amplification techniques before using the PUF in security applications.