Physical Unclonable Functions

Einzigartige Identitäten und kryptographische Schlüssel aus Hardwareeigenschaften

Kontakt: Michael Pehl (Gruppenleitung), Lars Tebelmann, Christoph Frisch, Jonas Ruchti, Tim Music

Eine Physical Unlonable Function (PUF) wertet Fertigungsschwankungen in einem Chip aus und erzeugt daraus ein individuelles Signal, das ähnlich wie ein eingescannter Fingerabdruck von Chip zu Chip stark und von Messung zu Messung leicht variiert.


Eine PUF erzeugt also ein verrauschtes Geheimnis reproduzierbar zur Laufzeit. Dieses Geheimnis kann entweder dazu genutzt werden, den Chip zu authentifizieren, oder es steht nach Entfernen des Rauschens als kryptografischer Schlüssel zur Verfügung.

Durch PUFs erhalten auch Systeme ohne sichere Schlüsselspeicher Zugang zu sicheren kryptografischen Schlüsseln.

Forschungsthemen

  • Neue PUF Primitive und Architekturen insbesonder auch Memristor-basierte PUFs
  • Simulation und Entwurf von PUFs
  • Schlüsselextraktion und Fehlerkorrektur für PUFs
  • Integration von PUFs in eingebettete Systeme
  • Protokolle für PUFs
  • Angriffe auf PUFs
  • Fingerprinting

Lehre zur Forschung

Seit 2018 wird zu diesem Forschungsgebiet die Vorlesung Physical Unclonable Functions angeboten.

Unser Tool zur Evaluierung von PUFs kann unter https://gitlab.lrz.de/tueisec/PQAS heruntergeladen werden.

Machine Learning Resistant PUF Authentication Schemes

Beschreibung

A Physical Unclonable Function (PUF) is a hardware element which uses subtle manufacturing variabilities to derive a device-unique secret. In the case of a multi-challenge PUF (or ‘strong PUF’), the PUF functions as a device-unqiue function, mapping challenges to PUF responses.

A PUF like this is very useful for authentication scenarios, where e.g. a server provides challenges to a device, which replies with the PUF response the server can now check against an internal model or response database.

Protocols like these, however, suffer from data leaks, allowing an attacker to create a model of a device’s PUF from captured challenge-response pairs. Thjus, the ostensibly unclonable device may be replicated just be eavesdropping on authentication communication.

The aim of this work is to investigate novel approaches for PUF authentication procedures which plug data leaks with simple on-device preprocessing while still allowing for reliable authentication in the presence of measurement noise. A software implementation can then be evaluated e.g. against a more standard implementation in terms of performance, complexity or resistance against a machine learning attack.

This work can either be conducted in German or in English.

I am happy to provide more details and answer your questions upon request.

Voraussetzungen

  • Necessary: Basic cryptography knowledge; mathematical background; programming skills
  • Favourably: Experience with machine learning techniques
  • Optionally: Basic knowledge of error-correcting codes, PUFs

Kontakt

If you are interested in this work, please contact me via email with a short CV and grade report. We will then arrange a short meeting where we can discuss the details.

Jonas Ruchti, M.Sc.
Technical University of Munich, Chair of Security in Information Technology
Room N1014
E-Mail: j.ruchti@tum.de

Betreuer:

Jonas Ruchti

Side - channel analysis of error - correcting codes for PUFs

Beschreibung

Physical Unclonable Functions (PUFs) exploit manufacturing process variations to generate unique signatures. PUF and error-correcting codes can be joined together to reliably generate cryptographically strong keys. However, the implementation of error-correcting codes is prone to physical attacks like side-channel attacks. Side-channel attacks exploit the information leaked during the computation of secret intermediate states to recover the secret key. Therefore, the implementation of error-correcting codes must also involve the implementation of proper countermeasures against side-channel attacks.

The goal of this thesis is to evaluate the side-channel resistance of a secure implementation of error-correcting codes for PUFs on FPGA. The thesis consists of the following steps:

  • Get familiar with currently available implementations of error-correcting codes for PUFs
  • Adapt and improve current implementations (VHDL)
  • Develop a measurement setup for side-channel analysis (Matlab/Python)
  • Perform side-channel analysis using the state-of-the-art EMF measurement equipment in our lab (Oscilloscope knowledge + Matlab/Python required)

Voraussetzungen

 The ideal candidate should have:

  • Previous experience in field of digital design (VHDL/Vivado/Xilinx FPGA)
  • Basic knowledge on using lab equipment (e.g Oscilloscope,...)
  • Basic knowledge in statistics
  • Good programming skills in Matlab/Python
  • Attendance at the lecture “Secure Implementation of Cryptographic Algorithms” is advantageous

 

Kontakt

Dr.-Ing. Michael Pehl
Chair for Security in Information Technology
Head: Prof. Dr.-Ing. Georg Sigl
Technical University of Munich
Arcisstr. 21, 80333 Munich (Germany)

Email: m.pehl@tum.de

Betreuer:

Michael Pehl, Lars Tebelmann

Further Topics on Physical Unclonable Functions

Beschreibung

Silicon based Physical Unclonable Functions (PUFs) are security primitives which can be used to derive device unique identities. Such identities can be used to identify a device or to derive a secret key.

You are interested in research in the field of Physical Unclonable Functions but you think that the topics which are listed on our page do not fit your previous knowledge or think there is no perfect match to what you are interested in? No problem! Please contact me at any time for advice regarding your thesis/student job. I can offer to

  • help you with your decision for/against some topic.
  • suggest probably further topics which are not advertised, yet.
  • bring you into contact with other members of our chair or at Fraunhofer AISEC.

Voraussetzungen

Plese send me an email which exhaustively describes your previous knowledge (e.g. your last grading sheet and a short CV) to allow me to prepare and to give you reasonable advice. Also, please provide 3-5 dates, which fit to your schedule, for a meeting.

Kontakt

Dr.-Ing. Michael Pehl
Chair for Security in Information Technology
Head: Prof. Dr.-Ing. Georg Sigl
Technical University of Munich
Arcisstr. 21, 80333 Munich (Germany)

Email: m.pehl@tum.de

Betreuer:

Aktuelle Projekte in diesem Bereich

  • VE-FIDES (Knowhow-Schutz und Identifizierbarkeit von Elektronikkomponenten für vertrauenswürdige Produktionsketten)
    Unser Beitrag: Verwendung von PUFs zur Absicherung der Lieferkette.
    [Link zum Projekt]
  • APRIORI (Resilienz gegen Fehlerinjektionsangriffe für verbesserten Datenschutz von IoT-Endgeräten):
    Unser Beitrag: Fehlerangriffe auf PUFs und Schutzmechanismen; Projektleitung
    [Link zum Projekt]
  • 6G Zukunftslabor Bayern – 6G Future Lab Bavaria:
    Verwendung von PUFs in 6G Netzwerken.
    [Link zum Projekt]

Ausgewählte Veröffentlichungen

Lars Tebelmann, Ulrich Kühne, Jean-Luc Danger, and  Michael Pehl, Analysis and Protection of the Two-Metric Helper Data Scheme, International Workshop on Constructive Side-Channel Analysis and Secure Design. Springer, Cham, 2021. [Download from eprint]

Emanuele Strieder, Christoph Frisch, and Michael Pehl, Machine Learning of Physical Unclonable Functions using Helper Data: Revealing a Pitfall in the Fuzzy Commitment Scheme, IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(2), 1-36. https://doi.org/10.46586/tches.v2021.i2.1-36i

Lars Tebelmann, Jean-Luc Danger, and Michael Pehl. Self-secured PUF: protecting the loop PUF by masking, International Workshop on Constructive Side-Channel Analysis and Secure Design. Springer, Cham, 2020. [Download from eprint]

Lars Tebelmann, Michael Pehl, and Vincent Immler. Side-channel analysis of the TERO PUF, International Workshop on Constructive Side-Channel Analysis and Secure Design. Springer, Cham, 2019. [Download from eprint]

Florian Wilde, Berndt Gammel, and Michael Pehl, Spatial Correlation Analysis on Physical Unclonable Functions, IEEE Transactions on Information Forensics and Security (Volume: 13 Issue: 6), 2018, pages: 1468-1480; Tool published with it

Lars Tebelmann, Michael Pehl, and Georg Sigl, EM side-channel analysis of BCH-based error correction for PUF-based key generation, Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security. 2017.

Michael Pehl, Matthias Hiller, and Georg Sigl, Secret Key Generation for Physical Unclonable Functions – Secret Key Generation and Authentication, In: Information Theoretic Security and Privacy of Information Systems, Cambridge, 2017

Florian Wilde, Large Scale Characterization of SRAM on Infineon XMC Microcontrollers as PUF. 4th Workshop on Cryptography and Security in Computing Systems (CS2 2017) HIPEAC17 , 2017 Public PUF dataset published with it

Matthias Hiller, Meng-Day (Mandel) Yu, and Sigl, Georg, Cherry-Picking Reliable PUF Bits with Differential Sequence Coding, IEEE Transactions on Information Forensics and Security (Volume: 11 Issue: 9), 2016, pages: 2065-2076

Matthias Hiller, Meng-Day (Mandel) Yu, and Michael Pehl, Systematic Low Leakage Coding for Physical Unclonable Functions, ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2015

Florian Wilde, Matthias Hiller, and Michael Pehl, Statistic-based security analysis of ring oscillator PUFs, 2014 International Symposium on Integrated Circuits (ISIC). IEEE, 2014.

Matthias Hiller, Dominik Merli, Frederic Stumpf, and Georg Sigl, Complementary IBS: Application Specific Error Correction for PUFs, IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 1-6, June 2012.