FPGA IP protection by binding Finite State Machine to Physical Unclonable Function (original) (raw)
Related papers
Extended abstract: The butterfly PUF protecting IP on every FPGA
2008 IEEE International Workshop on Hardware-Oriented Security and Trust, 2008
IP protection of hardware designs is the most important requirement for many FPGA IP vendors. To this end, various solutions have been proposed by FPGA manufacturers based on the idea of bitstream encryption. An alternative solution was advocated in [18]. Simpson and Schaumont proposed in [18] a new approach based on Physical Unclonable Functions (PUFs) for IP protection on FPGAs. PUFs are a unique class of physical systems that extract secrets from complex physical characteristics of the integrated circuits which along with the properties of unclonability provide a highly secure means of generating volatile secret keys for cryptographic operations. However, the first practical PUF on an FPGA was proposed only later in [7] based on the startup values of embedded SRAM memories which are intrinsic in some of the current FPGAs. The disadvantage of these intrinsic SRAM PUFs is that not all FPGAs support uninitialized SRAM memory. In this paper, we propose a new PUF structure called the Butterfly PUF that can be used on all types of FPGAs. We also present experimental results showing their identification and key generation capabilities.
Protection of FPGA IP core using lock and unlock mechanism
INTELLIGENT SYSTEMS: A STEP TOWARDS SMARTER ELECTRICAL, ELECTRONIC AND MECHANICAL ENGINEERING: Proceedings of 2nd International Conference on Industrial Electronics, Mechatronics, Electrical and Mechanical Power (IEMPOWER), 2021.
The Binding scheme of FPGA devices safeguard IP from being copied or being used for integration from unauthorized. We come up with methods to show how the FPGA devices are embedded with PUF, to lock and unlock FPGA IPs and to analyse of our PUF-FSM binding method security. Without the authorization of the FPGA vendor, no one can access the FPGA device, after the process of locking.
Secure lightweight obfuscated delay-based physical unclonable function design on FPGA
Bulletin of Electrical Engineering and Informatics, 2022
The internet of things (IoT) describes the network of physical objects equipped with sensors and other technologies to exchange data with other devices over the Internet. Due to its inherent flexibility, field-programmable gate array (FPGA) has become a viable platform for IoT development. However, various security threats such as FPGA bitstream cloning and intellectual property (IP) piracy have become a major concern for this device. Physical unclonable function (PUF) is a promising hardware fingerprinting technology to solve the above problems. Several PUFs have been proposed, including the implementation of reconfigurable-XOR PUF (R-XOR PUF) and multi-PUF (MPUF) on the FPGA. However, these proposed PUFs have drawbacks, such as high delay imbalances caused by routing constraints. Therefore, in this study, we explore relative placement method to implement the symmetric routing in the obfuscated delay-based PUF on the FPGA board. The delay analysis result proves that our method to implement the symmetric routing was successful. Therefore, our work has achieved good PUF quality with uniqueness of 48.75%, reliability of 99.99%, and uniformity of 52.5%. Moreover, by using the obfuscation method, which is an Arbiter-PUF combined with a random challenge permutation technique, we reduced the vulnerability of Arbiter-PUF against machine learning attacks to 44.50%.
Abstract Reconfigurable hardware is by far the most dominant implementation platform in terms of the number of designs per year. During the past decade, security has emerged as a premier design metrics with an ever increasing scope. Our objective is to identify and survey the most important issues related to FPGA security. Instead of insisting on comprehensiveness, we focus on a number of techniques that have the highest potential for conceptual breakthroughs or for the practical widespread adoption.
Time-bounded authentication of FPGAS
Information Forensics and Security …, 2011
This paper introduces a novel technique to authenticate and identify field programmable gate arrays (FPGAs). The technique uses the reconfigurability feature of FPGAs to perform self-characterization and extract the unique timing of the FPGA building blocks over the space of possible inputs. The characterization circuit is then exploited for constructing a physically unclonable function (PUF). The PUF can accept different forms of challenges including pulse width, digital binary and placement challenges. The responses from the PUF are only verifiable by entities with access to the unique timing signature. However, the authentic device is the only entity who can respond within a given time constraint. The constraint is set by the gap between the speed of PUF evaluation on authentic hardware and simulation of its behavior. A suite of authentication protocols is introduced based on the time-bounded mechanism. We ensure that the responses are robust to fluctuations in operational conditions such as temperature and voltage variations by employing: (i) a linear calibration mechanism that adjusts the clock frequency by a feedback from on-chip temperature and voltage sensor readings, (ii) a differential PUF structure with real-valued responses that cancels out the common impact of variations on delays. Security against various attacks is discussed and a proof-of-concept implementation of signature extraction and authentication are demonstrated on Xilinx Virtex 5 FPGAs.
FPGA Intrinsic PUFs and Their Use for IP Protection
Cryptographic Hardware and Embedded Systems - CHES 2007
In recent years, IP protection of FPGA hardware designs has become a requirement for many IP vendors. In [34], Simpson and Schaumont proposed a fundamentally different approach to IP protection on FPGAs based on the use of Physical Unclonable Functions (PUFs). Their work only assumes the existence of a PUF on the FPGAs without actually proposing a PUF construction. In this paper, we propose new protocols for the IP protection problem on FPGAs and provide the first construction of a PUF intrinsic to current FPGAs based on SRAM memory randomness present on current FPGAs. We analyze SRAMbased PUF statistical properties and investigate the trade offs that can be made when implementing a fuzzy extractor.
FPGA time-bounded unclonable authentication
Information Hiding, 2010
This paper introduces a novel technique for extracting the unique timing signatures of the FPGA configurable logic blocks in a digital form over the space of possible challenges. A new class of physical unclonable functions that enables inputs challenges such as timing, digital, and placement challenges can be built upon the delay signatures. We introduce a suite of new authentication protocols that take into account non-triviality of bitstream reverse-engineering in addition to the FPGA's unprecedented speed in responding to challenges. Our technique is secure against various attacks and robust to fluctuations in operational conditions. Proof of concept implementation of the signature extraction and evaluations of the proposed methods are demonstrated on Xilinx Virtex 5 FPGAs. Experimental results demonstrate practicality of the proposed techniques.
FPGA design security with time division multiplexed PUFs
2010
With the advent of FPGAs, high performance application specific processors can be designed and produced with little investment using a software-like methodology. This ease of design, on the other hand, creates a lot of opportunity for design theft through cloning. A solution to this is bitstream encryption, which is a feature available in rather pricey FPGAs. Physically Unclonable Functions (PUFs) make the same capability possible in ordinary FPGAs. A PUF module provides a signature unique to each chip with the help of manufacturing variations. However, a stable signature requires quite a few bits of PUF, which may not fit in small FPGAs. This paper presents a new PUF based design methodology, which we call Time Division Multiplexed PUF (TDM-PUF). A TDM-PUF divides a single and long PUF into several smaller PUFs run in different time segments. This is made possible by the widely available dynamic partial configuration capability of FPGAs.
A practical authentication method of FPGA designs suitable for mass production
2011
Traditionally, IC companies were able to protect their IP assets by simply keeping these in safe. However, the new trends such as outsourcing and fabless IC development make the silicon processing and IC development more accessible. Therefore, IC authentication and IP (intellectual property) protection have become real world problems that industry eagerly seeks for efficient solutions. Most of the considerable proposals to these intense problems involve complicated cryptographic schemes and procedures that bring extra burden on system design. Moreover, if the target platform is a constraint environment, this burden is amplified and even the most efficient solutions become infeasible. Therefore, designers tend to use the ad-hoc methods that possibly have serious security risks. In this study, we seek practical solutions for the FPGAs (Field Programmable Gate Array) which represent a relatively small but important subset of hardware IP utilization.
Novel secret-key IPR protection in FPGA environment
2005 Joint 30th International Conference on Infrared and Millimeter Waves and 13th International Conference on Terahertz Electronics, 2005
Some VLSI IP owners prefer to leave programming their IP into a Field Programmable Gate Array (FPGA) to the end customer. A major concern is the possible over-deployment of the IP into more devices than originally licensed. In this paper, we propose a system based on secured handshaking with encrypted device and design authentication information ensuring that the IP can only be deployed into agreed upon devices. The system consists of hardware-supported design encryption and secured authentication protocols.