Electrical and Computer Engineering ETDs

Publication Date

2-8-2011

Abstract

Hardware support for security mechanisms such as authentication, cryptographic protocols, digital rights management and hardware metering depend heavily on the security of embedded secret keys. The current practice of embedding these keys as digital data in the Integrated Circuit (IC) weakens security because the keys can be learned through attacks. Physical Unclonable Functions (PUFs) are a recently- proposed alternative to storing digital keys on the IC. A PUF leverages the inherent manufacturing variations of an IC to define a random function. However, poor performance under PUF quality criteria such as the level of randomness and reproducibility in the responses have detracted from their adoption and widespread use. In this dissertation, I propose several ways to define a novel PUF using the Power Distribution System (PDS) of an IC. First, I describe the hardware primitive and test setup that is required to obtain the PUF responses. Then, I evaluate the analog PUF responses from silicon against standard PUF quality metrics in order to qualify the strengths and weaknesses of the proposed PUF. I show that the analog PUFs ex- hibit very high levels of randomness and reproducibility, but are sensitive to changes in temperature. Next, I propose extensions to our PUF that enable an exponential number of Challenge/Response Pairs (CRPs) with respect to the number of hardware resources, as well as yielding a marginal increase in the level of randomness. I also use these same analog measurements from silicon to simulate an integrated implementation of the PUF that takes a digital challenge and returns a digital response. I show that the integrated architecture also exhibits high levels of randomness and reproducibility, and is also resistant to changes in temperature. Future work includes designing and building a new IC that implements a more powerful hardware primitive that will improve both the number and accuracy of the measurements, as well as additional hardware that will allow the challenge and response generation to be performed on-chip.

Keywords

Computers--Circuits--Design and construction., Integrated circuits--Verification., Computer security., Integrated passive components., Public key cryptography.

Sponsors

International Business Machines (IBM), The National Science Foundation (NSF), The University of New Mexico (UNM), The Metal Oxide Semiconductor Implementation Service (MOSIS)

Document Type

Dissertation

Language

English

Degree Name

Computer Engineering

Level of Degree

Doctoral

Department Name

Electrical and Computer Engineering

First Committee Member (Chair)

Zarkesh-Ha, Payman

Second Committee Member

Crandall, Jed

Third Committee Member

Acharyya, Dhruva

Download

Share

COinS