SPUF design based on Camellia encryption algorithm

doi:10.1016/j.mejo.2021.105051

Microelectronics Journal

Volume 112, June 2021, 105051

https://doi.org/10.1016/j.mejo.2021.105051 Get rights and content

Abstract

To meet the security requirements of resource-constrained systems, a software PUF (SPUF) scheme based on the encryption algorithm is proposed using the timing violation to generate the chip’s fingerprint. In this work, the Camellia encryption algorithm is selected and implemented via a semi-custom design flow to get the deviation of circuit delay. And then, the delay time of critical path of the proposed circuit is generated through static timing analysis. Using the overclocking frequency, the Camellia encryption algorithm circuit operates at timing violation status. We can collect the wrong response data of the simulation result at different input signals. The wrong data caused by timing violation can be defined as output of SPUF, which is the chip’s fingerprint. To improve the randomness, the multi-round operation of the Camellia is used to process the SPUF data. The experimental results show that the uniqueness of SPUF is 50.01%, the SPUF data passes the NIST test, and no additional hardware overhead is required.

Introduction

With the advent of the Internet of Things (IoT), ensuring secure communication among these devices is extremely important. Traditional measures use digital keys stored in non-volatile memory (NVM) [1], which is however vulnerable to attacks such as layout reverse engineering [2], micro-detection and other methods, to cause key exposure. Physical unclonable function (PUF) uses random variations introduced during the integrated circuit (IC) manufacturing process to generate high security keys that can resist various physical attacks. It can be used in a wide range of applications such as chip anti-counterfeiting, user authentication, protection of intellectual property (IP) [3], etc. Since the proposition of silicon PUFs [4], many well-performing PUFs have been proposed one after another, but their application in the IoT field is limited due to non-negligible power or area overhead.

PUFs are usually designed as standalone chips added to the target circuit or implemented on field programmable gate arrays (FPGAs), such as arbiter PUFs (APUFs) [5] and ring oscillator PUFs (RO PUFs) [6]. The APUF exploits random delays in the circuit caused by manufacturing deviation to generate the PUF response, while the RO PUF response depends on the frequency difference between two identical oscillators. Although researchers continue to improve this type of PUF [[7], [8], [9], [10]] to make its performance more superior, the additional area overhead is still unavoidable. The static random-access memory PUF (SRAM PUF) [11,12] is one way to solve the above problems. The SRAM PUF generates responses by extracting random power-up values of the SRAM cells. Since memory is widely present in commercial electronic products, SRAM PUF is more convenient in designing and does not need to consume additional hardware resources. However, its random feature relies on the power cycling, and not suitable for frequently switching power supply. MScanPUF [13] uses the uncertainty of data sampled from registers to generate PUF data in the case of timing violations, which solves the problem of memory-based PUF acquisition responses, but requires the addition of two 2-to-1 multiplexers to the original scan chain structure, resulting in additional costs. The microprocessor PUF [14] designs encoding rules to generate PUF responses base on differences in failure behaviors across different chips that execute one instruction multiple times under overclocking. The PUF does not require dedicated hardware overhead, but requires precise frequency variations and repeated execution of instructions with a small number of output response bits. On this basis, [15] exploits the difference of registers sampling data, which caused by the delay deviation of the inverter chain at a fixed frequency, to obtain PUF data, but additional inverter chains and registers are required.

To solve the above problems, a design of SPUF based on Camellia encryption algorithm is proposed in this paper. Unlike the PUF circuit that relies on additional circuit logic, the SPUF uses the path delay deviation in the hardware circuit of the encryption algorithm to obtain the response data without the need for dedicated hardware. First, the timing violation principle and circuit delay deviation are analyzed, and the relationship between timing violation and process parameter deviation is obtained. Then the semi-custom design flow based on standard cell is used to implement the algorithm hardware circuit and generate timing violations, followed by a combination of digital and analog simulation methods to extract PUF data. Finally, the performance of SPUF is evaluated under different frequencies of clock and different data signals.

Section snippets

Timing violation

Timing analysis is one of the key steps in ensuring that the circuit logic is correct. In the static timing analysis (STA) of synchronous circuits, the following four types of timing paths need to be focused on: input to register, register to register, register to output, and input to output. The most typical structure of the delay path is shown in Fig. 1. To ensure proper data transmission between two registers, T_clk representing the clock period must meet the constraint: $T_{clk} \geq t_{co} + t_{comb} + t_{su}$ t_co

Design of SPUF

Based on the above analysis, the random deviation of the timing path delay is used for the SPUF design. In order to achieve no dedicated hardware overhead, this design takes general-purpose circuits on a chip as the design object. Considering that encryption algorithms are widely used in the information security field and have high security performance, this paper selects this type of algorithm for circuit design. The Camellia algorithm, which is a standard algorithm for European block ciphers,

Experimental results and analysis

The IC Compiler is used for placement and routing of the algorithmic circuit under the TSMC 65 nm process, while Calibre is used for physical verification and parasitic parameter extraction. During the response data collection process, NClaunch is used to perform the gate-level simulation on the circuit to determine the correctness of the timing. Due to the large scale of the algorithm circuit, the CustomSim is chosen to reduce the simulation time. The experiment combines the STA results of

Conclusion

This paper exploits the delay deviation of the timing path inside the Camellia algorithm circuit to propose a PUF design with no hardware overhead. In this scheme, the timing violation under overclocking conditions is affected by the delay difference, so no additional design is required to achieve output variation. Besides, a high security output response can be generated by multi-cycle iterations of the encryption algorithm. Under co-simulation of digital and analog, the erroneous outputs of

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This work is supported by the National Natural Science Foundation of China (No. 61874078, 61871244); the National Key Research and Development Program of China (No. 2018YFB2202100); the K. C. Wong Magna Fund in Ningbo University, China.

References (20)

L. Li et al.
Design of anti-key leakage camouflage gate circuit for reverse engineering based on dummy vias
Microelectron. J.
(2019)
G. Li et al.
A multi-port low-power current mode PUF using MOSFET current-division deviation in 65 nm Technology
Microelectron. J.
(2017)
A. Aysu et al.
Hardware/software co-design of physical unclonable function based authentications on FPGAs
Microprocess. Microsyst.
(2015)
Y. Gao et al.
Physical unclonable functions
Nat. Electron.
(2020)
B. Gassend et al.
Silicon Physical Random Functions[C]//Proceedings of the 9th ACM Conference on Computer and Communications Security
(2002)
D. Lim et al.
Extracting secret keys from integrated circuits
IEEE Trans. Very Large Scale Integr. Syst.
(2005)
A. Maiti et al.
Improving the Quality of a Physical Unclonable Function Using Configurable Ring Oscillators[C]//2009 International Conference on Field Programmable Logic and Applications
(2009)
S. Khan et al.
An ultra-low power, reconfigurable, aging resilient RO PUF for IoT applications
Microelectron. J.
(2019)
Z. He et al.
A highly reliable arbiter PUF with improved uniqueness in FPGA implementation using bit-self-test
IEEE Access
(2020)
M.T. Rahman et al.
An aging-resistant RO-PUF for reliable key generation
IEEE Trans. Emerg. Top. Comput.
(2016)

There are more references available in the full text version of this article.

Cited by (4)

Cryptography Algorithms for Enhancing IoT Security
2023, Internet of Things (Netherlands)
In today's fast-paced world, a new technology paradigm known as the Internet of Things (IoT) is advancing every business. It provides communication between the digital and physical worlds, transforming the way people do business quickly. The IoT is a network of physical objects (things) equipped with sensors, intelligent networking, radio-frequency identification (RFID), and other technologies that communicate and exchange data with other systems and devices online. IoT applications are now significantly more prevalent worldwide. IoT is driving the real world to become more intelligent in several industries, including smart grids for electricity, intelligent traffic, and smart homes and buildings. As a result, predictions and research point to over 50 billion connected devices by 2020. It will be required to safeguard this growing volume of data during exchange because the amount of data being transmitted will be quite enormous. Data security is represented by cryptography, an essential tool (algorithms) in security, which is why many researchers are developing cryptographic algorithms to improve the Security of IoT. This survey paper introduced an overview of IoT technology, architecture, and applications and a detailed analysis comparing all cryptographic algorithms and their use in day-to-day life activities. This paper discusses lightweight block ciphers, stream ciphers, and hybrid ciphers. The report evaluates security algorithms, comparing performance and robustness with the computational complexity of these techniques. Finally, the survey presents IoT security challenges, threats, and attacks with their mitigation techniques.
A greedy algorithm based Compensation Circuit for Optimizing the Output Statistics of APUF
2023, Microelectronics Journal
Citation Excerpt :
Therefore, they can be widely used in information security fields such as intellectual property protection, device authentication, IoT protection, and secure key storage [4–7]. The concept of PUF was first proposed by Pappu [8] using the principle of coherent optical transmission, which was implemented using optical PUFs such as laser instruments. Gassend [9] proposed silicon PUFs by exploiting the physical process deviations of gate circuits in integrated circuits.
Physical unclonable function (PUF) can reduce the risk of password leakage of smart connected devices, and has broad application prospects in the field of information security. However, in actual implementation, the designed PUF often deviates greatly due to a lack of experience in using the FPGA platform. Therefore, this paper proposes an APUF adaptive compensation method based on a greedy algorithm. This method can modify the delay by changing the internal transmission path, thereby reducing the skew between APUF paths. First, to enhance the randomness of the APUF output, a compensation circuit with equal delay on the symmetric path of APUF is constructed in a differential manner. Then, the local solution is used to construct the global solution by using the greedy algorithm, which further improves the circuit regulation speed. Finally, the proposed method is implemented on FPGA, and the effectiveness of the method is verified by analyzing the statistical characteristics of the output. The experimental results show that the randomness (49.56%), uniqueness (49.08%), and reliability (95.78%) of APUF are close to the ideal values after using the adaptive compensation method. In addition, when implemented on different FPGA platforms and different chip locations, the average randomness of the PUF circuit is 49.46%. Therefore, the method is highly applicable and can be applied to all the same types of FPGA platforms without subsequent adjustments.
An ACF<0.03 low-power software PUF based on the RISC-V processor for IoT security
2022, Microelectronics Journal
Citation Excerpt :
This PUF does not require dedicated hardware overhead but requires precise frequency variations and multiple repetitive instructions, leading to its high power consumption and low output response bits. A software PUF scheme based on the Camellia cryptographic algorithm in Ref. [11] generates timing violations by adjusting the chip's operating frequency. However, the costs of cryptographic algorithms such as area overhead and power consumption are not suitable for applications in IoT systems with extreme resource constraints.
With the development of the Internet of Things (IoT) technology, more and more occasions require security protection under extreme resource-constrained conditions. The traditional PUF is difficult to function effectively and requires replacement of equipment, which leads to increased product design and time costs. To tackle these problems, we propose a Software Physical Unclonable Functions (SPUF) scheme based on the high robustness of the RISC-V processor. The main contribution is to utilize the low-voltage feature so that the RISC-V processor operates in an unusual state for generating abnormal information, and to use this information to characterize the chip characteristics. Meanwhile, the frequency compensation method is proposed to further optimize the robustness of the SPUF response, and a lightweight SPUF-based authentication protocol is adopted to improve the authentication security. In this way, the safety and reliability of the proposed PUF are evaluated. The experimental results show that the SPUF data passed the National Institute of Standards and Technology (NIST) randomness tests, with an autocorrelation less than 0.03 at 95% confidence level. The averaged Hamming weight and Hamming distance are 0.495 and 0.501, respectively, making it widely applicable to IoT security.
Software PUF with multiple entropy sources based on path sensitization
2022, Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University

View full text

SPUF design based on Camellia encryption algorithm

Abstract

Introduction

Section snippets

Timing violation

Design of SPUF

Experimental results and analysis

Conclusion

Declaration of competing interest

Acknowledgments

Microelectron. J.

Microelectron. J.

Microprocess. Microsyst.

Physical unclonable functions

Nat. Electron.

Silicon Physical Random Functions[C]//Proceedings of the 9th ACM Conference on Computer and Communications Security

Extracting secret keys from integrated circuits

IEEE Trans. Very Large Scale Integr. Syst.

Improving the Quality of a Physical Unclonable Function Using Configurable Ring Oscillators[C]//2009 International Conference on Field Programmable Logic and Applications

An ultra-low power, reconfigurable, aging resilient RO PUF for IoT applications

Microelectron. J.

A highly reliable arbiter PUF with improved uniqueness in FPGA implementation using bit-self-test

IEEE Access

An aging-resistant RO-PUF for reliable key generation

IEEE Trans. Emerg. Top. Comput.