Sensitized Path PUF: A Lightweight Embedded Physical Unclonable Function
Matthias Sauer1,a, Pascal Raiola1,b, Linus Feiten1,c, Bernd Becker1,d, Ulrich Rührmair2 and Ilia Polian3
1University of Freiburg, Georges-Köhler-Allee 51, 79110 Freiburg i. Br., Germany.
asauerm@tf.uni-freiburg.de
braiolap@tf.uni-freiburg.de
cfeiten@tf.uni-freiburg.de
dbecker@tf.uni-freiburg.de
2Ruhr University Bochum, Universitätsstrasse 150, 44801 Bochum, Germany.
ruehrmair@ilo.de
3University of Passau, Innstrasse 41, 94032 Passau, Germany.
ilia.polian@uni-passau.de
ABSTRACT
Physical unclonable functions (PUFs) can be used for a number of security applications, including secure on-chip generation of secret keys. We introduce an embedded PUF concept called sensitized path PUF (SP-PUF) that is based on extracting entropy out of inherent timing variability of modules already present in the circuit. The new PUF sensitizes paths of nearly identical lengths and generates response bits by racing transitions through different paths against each other. SP-PUF has lower area overhead and higher speed than earlier embedded PUFs and requires no helper data stored in non-volatile memory beyond standard error-correction information for fuzzy extraction. Compared with standalone PUFs, the new solution intrinsically and inseparably intertwines PUF behavior with functional circuitry, thus complicating invasive attacks or simplifying their detection.
We present a systematic design flow to turn an arbitrary (sufficiently complex) circuit into an SP-PUF. The flow leverages state-of-the-art sensitization algorithms, formal filtering based on statistical analysis, and MaxSAT-based optimization of SP-PUF's area overhead. Experiments show that SP-PUF extracts 256-bit keys with perfect reliability and nearly perfect uniqueness after fuzzy extraction for the majority of standard benchmark circuits.