Design and Development of a Strong Physical Unclonable Function for FPGA devices

As multifactor authentication has massively spread over almost every security-critical application, electronic devices gained a key role providing a "something only the user has" evidence. Rather than storing a secret key inside a device, as it is usually done, a promising alternative is the employment of so-called Physical Unclonable Functions (PUFs). PUFs exploit physical randomness of a device in order to create a secure challenge-response authentication mechanism. A PUF is therefore a function which associates each challenge to a response, according to some physical and immutable properties of a device. PUFs can be divided into weak and strong ones. The former are characterized by a large set of challenge-response pairs (CRP) and can be used for both authentication and identification. On the contrary, the latter, given their small CRPs set, are only suitable for identification. Many sources of randomness exist in digital circuits, including, for example, threshold voltages, delays and capacitances. This work is focused on the development of a strong PUF for FPGA devices. The typical threat model assumes the attacker has the same access level to the device as the developer, which means full physical access and programming capability. Literature shows that some attacks are able to break most of the PUFs that have been known to be strong. Previous work demonstrated that a linear dependency between physical parameters and responses is the main reason for that defeat. However, PUFs having non-linear responses exhibit a better resiliency to that kind of attacks. It has been shown that the settling time of Bistable Ring, a loop composed of an even number of inverting elements, has an exponential dependency on the threshold voltage of each inverter. Taking that into account, the Bistable Ring is the chosen architecture for this work. Some modifications to the basic design has been made, in order to introduce a challenge-response mechanism and to adapt it to the target FPGA. Bistable Ring has two stable states only, and, if forced to an unstable state, oscillates for a certain number of times before reaching one of them. With a sufficiently large amount of PUF executions with the same challenge, the corresponding distribution of the number of oscillations can be extrapolated. It has been observed that, even if the number of oscillations can vary a lot among different runs, the distribution itself is sufficiently consistent. On the other hand, changing only one challenge bit leads to a completely different distribution. Such response can be either used directly by an ad-hoc authentication protocol, or converted into a reliable string of bits, through a so-called fuzzy extractor. In order to evaluate the quality of the PUF, rather than using a cryptographic fuzzy extractor, which would mask weaknesses, the Spectral Hashing algorithm by Yair Weiss has been used. Spectral Hashing generates a string of bits which minimizes Hamming distance between codes of similar items. That allows a fair evaluation of the PUF with widely used metrics. The test system is composed of 12 devices, each provided with eight 64-bits Bistable Rings. All the devices are connected to a host machine running a python testbench, which stores responses into a database. Data have then been analysed offline, computing quality metrics that describe the reliability and the trustworthiness of the designed PUF.