CN114679277B - Reliability self-checking and reliable response depolarization method based on SR PUF - Google Patents

Reliability self-checking and reliable response depolarization method based on SR PUF Download PDF

Info

Publication number
CN114679277B
CN114679277B CN202210163141.XA CN202210163141A CN114679277B CN 114679277 B CN114679277 B CN 114679277B CN 202210163141 A CN202210163141 A CN 202210163141A CN 114679277 B CN114679277 B CN 114679277B
Authority
CN
China
Prior art keywords
response
puf
reliability
depolarization
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210163141.XA
Other languages
Chinese (zh)
Other versions
CN114679277A (en
Inventor
贺章擎
马丹
鲁犇
朱昕蕊
张霄
张寅�
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei University of Technology
Original Assignee
Hubei University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei University of Technology filed Critical Hubei University of Technology
Priority to CN202210163141.XA priority Critical patent/CN114679277B/en
Publication of CN114679277A publication Critical patent/CN114679277A/en
Application granted granted Critical
Publication of CN114679277B publication Critical patent/CN114679277B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/36Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols with means for detecting characters not meant for transmission
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Tests Of Electronic Circuits (AREA)

Abstract

The invention provides a reliability self-checking and reliable response depolarization method based on an SR PUF, which is characterized in that: the reliability mark generation part comprises a control module, an SR Latch PUF module based on PDL and a reliability mark generation module, wherein the reliability mark generation part comprises a response registration stage and a response recovery stage, and the reliability response depolarization method is divided into a response registration stage and a response recovery stage to perform depolarization treatment on the reliability response. The method can carry out real-time dynamic self-checking when the chip leaves the factory or in the using process, has high accuracy and flexible mode, does not need to change the environment temperature to carry out limit testing when leaving the factory, and can also detect unreliable response caused by aging or other reasons in real time.

Description

Reliability self-checking and reliable response depolarization method based on SR PUF
Technical Field
The invention belongs to the fields of digital integrated circuit design and security and anti-counterfeiting, and particularly relates to a reliability self-checking and reliable response depolarization method based on an SR PUF.
Background
The physical unclonable function (Physical Unclonable Functions) is a security primitive that uses process variations in the integrated circuit manufacturing process to create unique signatures for the chip. They may be used to provide unique identities or to generate and store encryption keys to prevent tampering attacks on physical devices. Reliability and unpredictability are two important properties of PUFs. Reliability means consistency of response obtained by repeated experiments of the same PUF. And unpredictability means that the response R cannot be predicted within fault tolerance limits given a large input-response sequence of a certain PUF circuit. A necessary condition for unpredictability is uniformity, i.e. the probability of 0 and 1 occurring in the PUF response should be the same, no bias situation of 0 or 1 exists.
The SR-Latch PUF (Set-Reset Latch PUF) is a weak PUF circuit suitable for FPGA (Field Programmable Gate Array) implementation, and has the main characteristics of simple structure, low power consumption and easy implementation. However, the SR-Latch PUF suffers from the main problem of insufficient reliability and poor bias characteristics. For cases where its reliability is insufficient, a Fuzzy Extractor (FE) is typically used to extract the stable key from the PUF response. However, FE requires a time-consuming, power-consuming error correction scheme, which not only reduces the efficiency of the PUF, but also increases the PUF application cost. In addition, PUF circuits are susceptible to systematic bias, response output may tend to be biased towards 0 or 1, and when PUF response bias is large, auxiliary data information in the error correction process may leak information of a key, thereby causing entropy loss. Classical depolarization algorithms such as von neumann, while solving the bias problem, have too low a utilization of PUF and therefore require a large number of PUF cells to be consumed.
Aiming at the problems, a reliability self-checking and reliable response depolarization method based on the SR PUF is provided, a PDL additional delay line is adopted to detect and provide a reliable SR-Latch PUF unit, and the subsequent error correction cost is reduced. Meanwhile, by combining the reliability self-checking PUF, the lightweight deviation rectifying method based on the reliability confidence information is provided, unreliable units are introduced into the error correcting process, the utilization rate of the PUF in the error correcting process is improved, and accordingly unbiased response is generated. The technology can effectively improve the reliability and bias characteristics of the PUF, extract stable PUF response and greatly reduce error correction cost.
Disclosure of Invention
Aiming at the problems of insufficient reliability and poor bias of the SR-Latch PUF in the background technology, the invention provides a reliability self-checking method and a response bias removing structure for the SR-Latch PUF. The method aims to detect reliable response in real time, achieve high-quality bias characteristics, ensure equipment safety and reduce error correction resource consumption.
The invention adopts the following technical scheme for solving the problems in the prior art:
a reliability self-checking and reliable response depolarization method based on an SR PUF is characterized in that: the device comprises a reliability mark generation part and a reliability response depolarization part, wherein the reliability mark generation part comprises a control module, an SR Latch PUF module based on PDL (programmable logic line) and a reliability mark generation module, and the control module enables the SR Latch PUF module based on PDL and the reliability mark generation module to work orderly by applying signals. The SR Latch PUF module based on PDL is used for generating a PUF response and a delay test response controlled by PDL (programmable logic line), and the PDL realizes different propagation delays by changing the length of a signal propagation path by utilizing an LUT (lookup table) structure in the Xilinx FPGA; the SR Latch PUF module based on PDL adopts two LUTs to construct a NAND gate, one is configured as an AND gate structure with PDL delay control, the other is a NOT gate with PDL, in the LUTs, two ports are used as NAND gate inputs, the rest 'irrelevant' signals are used as delay configuration ports, and the reliability mark generation module comprises a selector, a same-or structure, two distributors and two registers, and generates reliable response with reliability marks in real time.
Reliability flag F i The specific process of generating and reliable self-checking is as follows: firstly, inputting an active level into the clk end of a D trigger, initializing an SR-Latch PUF module, and then inputting an active level C into an enable end EN i Setting delay configuration bits of the upper and lower PDL programming lines:
step 1, generating an output response R i
Delay configuration of PDL into Port A 3 A 4 A 5 A 6 And B 3 B 4 B 5 B 6 All set to 0, assume D H And D L The total delay of the feedback loops of the upper and lower chains of the SR-Latch PUF, respectively. Two-way additional delay difference Δd=d controlled by PDL at this time H -D L =0. SR-Latch PUF normal output response R i R is taken as i Held in a register;
step 2, generating test output
Will be wound up chain A 3 A 4 A 5 A 6 Configuration signal is set to a value between 0001 and 1111, downlink B 3 B 4 B 5 B 6 Set to 0000, PDL generates value D on the way T The total delay of the add becomes D H +D T The delay difference of the two paths becomes Δd H =ΔD+D T Generates a test output T r1 And stores it, the equivalent circuit is shown in figure 3;
step 3, generating test output T r2
Will be downlink B 3 B 4 B 5 B 6 Configuration signal setup and uplink A in step 2 3 A 4 A 5 A 6 Is the same value of (C), uplink A 3 A 4 A 5 A 6 Set to 0000, at which time the total delay of the PUF drop becomes D L +D T Delay difference DeltaD of two paths L =ΔD-D T Generating test response T r2 The equivalent circuit is shown in fig. 4;
step 4, generating a reliability mark F i And reliable self-test
In step 2 and step 3, if T r1 And T r2 The same output, i.e. DeltaD H And DeltaD L The polarity of (c) is the same, then: ΔD of H =ΔD+D T > 0 and DeltaD L =ΔD-D T > 0, or DeltaD H < 0 and ΔD L < 0, due to D T Is positive, and is |DeltaD| > D T I.e. the absolute value of Δd is greater than the threshold D T . If the threshold value D T Is set large enough to generate a stable response when influenced by environmental noise, and the two test outputs are combined to generate a reliability flag F i T, i.e r1 ⊙T r2 =F i When F i When=1, the response R generated by the SR-Latch PUF module is proved i Is reliable; otherwise, prove response R i Unreliable.
The input of the upper chain end port and the door of the SR-Latch PUF module is A 1 A 2 Delay configuration signal A 3 A 4 A 5 A 6 The method comprises the steps of carrying out a first treatment on the surface of the The input of the chain end port and the door at the lower end of the SR-Latch PUF module is B 1 B 2 Delay configuration signal B 3 B 4 B 5 B 6 The method comprises the steps of carrying out a first treatment on the surface of the The input ends of two NAND gates of the SR-Latch PUF are respectively provided with a D trigger, so that the path delay connected to the two NAND gates is consistent, and when C is excited i When the input signal is input to the SR Latch PUF module based on PDL, the input end of the D trigger is used as an excitation receiving end, if the D trigger receives the clk signal from the control module part, the excitation reaches the input end A of the SR-Latch PUF module through the D trigger 1 And B 1 By configuring the delay signal A 3 A 4 A 5 A 6 And B 3 B 4 B 5 B 6 A PUF response is generated.
The reliability mark generation module receives the response from the SR Latch PUF module based on PDL, and controls the control signals S, K of the control module 1 ,K 2 The control reliability mark generating module orderly works to generate a reliability bit mark F i And response R i In the reliability mark generation module, two distributors are respectively a distributor 1 and a distributor 2, wherein the input end of the distributor 1 receives a PUF response, the 0 end output of the distributor 1 is connected with REG1, and the 1 end of the distributor 2 is output; the input end of the distributor 2 is connected with the 1 end output of the distributor 1, the output 1 end of the distributor is connected with the 1 end of the selector, and the output 0 end of the distributor is connected with the same or structure input end; the input 1 of the selector is connected to the 1-end output of the distributor 2, the input 0 of the selector is connected to the output end of the exclusive nor structure, the output end of the selector is connected to the REG2, and the output of the REG2 is used as the other input of the exclusive nor structure.
The reliable response depolarization method is divided into a response registration stage and a response recovery stage, the reliable response is depolarized, the depolarization process comprises a depolarization PUF coding structure and a depolarization PUF decoding structure, the depolarization PUF coding structure comprises a bit self-checking SR-Latch PUF and a depolarization data encoder, and the depolarization SR-Latch PUF decoding structure comprises a bit self-checking SR-Latch PUF and a depolarization data decoder;
during the registration phase of the depolarization method, depolarization stimulus C i And C i+1 Generating a response R by means of a bit-self-checking SR-Latch PUF i And R is i+1 And a reliable bit flag F i And F i+1 Response R i And R is i+1 Reliable bit flag F i And F i+1 Generating unbiased response Y via a depolarized data encoder i And auxiliary data d i The method comprises the steps of carrying out a first treatment on the surface of the Auxiliary data d i Restoring unbiased response Y by a depolarized data decoder i The working model diagram is shown in fig. 5.
During the recovery phase of the depolarization module, stimulus C i And C i+1 Generating noisy response R by inputting noisy bit self-test PUF i ' and R i+1 ' then the auxiliary data d i And noisy response R i '、R i+1 ' input to depolarized data decoder, restore depolarized response Y i '. The working model diagram is shown in fig. 6.
The registration stage is to judge and generate an unbiased response Y through the reliability mark F and the response R, and the following cases exist:
when F i =0,F i+1 =0 or F i =1,F i+1 =1 and R i =R i+1 When the corresponding response is discarded, the data d is depolarized i =0;
When F i =1,F i+1 =1 and R i ≠R i+1 When the data d is depolarized i =1, unbiased response Y i =R i
When F i =1,F i+1 When=0, the depolarized data d i =1, unbiased response Y i =R i
When F i =0,F i+1 When=1, the depolarized data d i =1, unbiased response Y i =R i+1
The recovery phase is to recover an unbiased response Y 'from the reliability flag F, the unbiased data d and the noisy response R' generated by the noisy PUF by:
when d i When=0, houseDiscarding consecutive two-bit PUF responses; when d i When=1, the reliability flag F is judged;
when F i =1,F i+1 =0, recovering unbiased response Y i =R i The method comprises the steps of carrying out a first treatment on the surface of the When F i =0,F i+1 When=1, the unbiased response Y is recovered i =R i+1
When F i =1,F i+1 When=1, the unbiased response Y is recovered i =R i
In the restoration algorithm, the depolarization data and the reliability flag can be used as auxiliary data, and no additional entropy leakage exists because these data only display the position information of reliable response.
The invention has the following advantages:
the invention provides a reliability self-checking and reliable response depolarization method based on an SR (Single-phase) PUF (PUF). A path trend of an AND gate and an inverter for realizing the SR Latch PUF is designed through PDL, so that a PDL delay detection module is formed, a delay deviation is generated to generate a reliability mark under the condition of configuring the path trend of the PDL, and an internal LUT port is adopted as a configuration signal, so that any hardware cost is not increased. Meanwhile, the reliability of the PUF response can be judged in real time only by introducing the delay test module controlled by the PDL inside, a subsequent complex error correction mechanism is not needed, and excessive expenditure and potential safety hazards introduced by the excessive expenditure are avoided.
The invention further carries out the depolarization processing of the reliable response while generating the reliable response, uses the bit self-checking PUF output sequence R and the reliable flag bit to realize the depolarization registering process, and generates the auxiliary data D and the unbiased response Y. And in the unbiased recovery, the high-reliability unbiased response Y is recovered by using the value of the corresponding R' response bit (noisy) and the auxiliary data D. Because the response is that the R is extremely small in the probability of being subjected to environmental change under the reliable zone bit, the unbiased response Y can be reliably generated by the method, so that the bias problem existing in the PUF response is eliminated, the unpredictable characteristic of the PUF is enhanced, and additional entropy leakage is not caused.
The reliability self-checking method can carry out real-time dynamic self-checking when the chip leaves the factory or in the using process, has high accuracy and flexible mode, does not need to change the environment temperature to carry out limit testing when leaving the factory, and can also detect unreliable response caused by aging or other reasons in real time.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
FIG. 2 is a reliability flag bit generation structure;
FIG. 3 test signal T r1 A generating circuit;
FIG. 4 test signal T r2 A generating circuit;
FIG. 5 is a depolarizing encoding module structure;
FIG. 6 illustrates a structure of a depolarizing decoding module;
FIG. 7 deskew stage;
fig. 8 depolarization recovery phase.
Detailed Description
The technical scheme of the invention is further specifically described by the following embodiments and with reference to the accompanying drawings, and the embodiment provides a reliability self-checking and reliable response depolarization method based on an SR PUF. In the reliability mark generation part, a delay test module controlled by adding PDL into an SR Latch PUF is adopted to test the reliability mark corresponding to each stimulus in real time, the technology can effectively screen out reliable response, and irrelevant ports which are not used in LUT are adopted in the delay test, so that any hardware cost is not increased. The depolarization part of the reliable response is divided into a registration stage and a recovery stage, because the depolarization response is reliable and less influenced by the environment, and the generated auxiliary data D only displays the position information of the reliable response, no extra entropy leakage is caused.
The reliability mark generation part consists of a control module, an SR Latch PUF module based on PDL and a reliability mark generation module. In a PDL-based SR Latch PUF module comprising two cross-coupled NAND, two D flip-flops and a programmable logic line PDL, as shown in fig. 1, when the enable signal (stimulus) C i When the signal is input into the D trigger, the D trigger receives a clock signal, the signal oscillates in the symmetrically coupled circuit, and the delay of the two delay paths is different due to process deviation in the manufacturing process, so that the SR-Latch finally stably outputs 0 or 1. Two LUTs are used to construct a NAND gate of an SR Latch PUF, one is configured as an AND gate structure with PDL delay control, the other is a NAND gate with PDL, in the LUTs, two ports are used as NAND gate inputs, and the remaining 'irrelevant' signals are used as delay configuration ports. At the moment, the input of the chain end port and the AND gate on the SR-Latch PUF is A 1 A 2 Delay configuration signal A 3 A 4 A 5 A 6 The method comprises the steps of carrying out a first treatment on the surface of the At the moment, the input of the chain end port and the AND gate under the SR-Latch PUF is B 1 B 2 Delay configuration signal B 3 B 4 B 5 B 6 The method comprises the steps of carrying out a first treatment on the surface of the In addition, a D trigger is added to the input ends of two NAND gates of the SR-Latch PUF to ensure that the path delay connected to the two NAND gates is consistent. When excited C i When input into the SR Latch PUF part based on PDL, at the moment, the input end of the D trigger is used as an excitation receiving end, if the D trigger receives the clk signal from the control module part, the excitation can reach the input end A of the SR-Latch PUF through the D trigger 1 And B 1 By configuring the delay signal A at this time 3 A 4 A 5 A 6 And B 3 B 4 B 5 B 6 A PUF response may be generated.
The reliability mark generating module consists of a selector, a same or structure, two distributors and two registers, and the specific constitution is shown in figure 2, the working sequence of the module is realized by a control module, and the main function is that when the PDL delay module is added, the test output responses of the upper chain and the lower chain are exclusive-or, the exclusive-or result is 1, the response is reliable, otherwise, the response is unreliable.
The specific example working procedure is as follows: when the circuit is operated, the excitation signal C is detected to be externally input i =[c 0 ,c 1 ,...,c N-1 ]Then, the control module generates corresponding control signals and clk signals to drive the D trigger to work, and simultaneously makesThe PUF performs the following process:
first PDL delay configuration bit Port A 3 A 4 A 5 A 6 And B 3 B 4 B 5 B 6 All set to 0,S =0, when the additional delay module is not connected to the PUF delay chain, the PUF is in normal operation mode, assuming D H And D L The total delay of the feedback loops of the upper and lower chains of the SR-Latch PUF, respectively. Suppose D H And D L The total delay of the feedback loops of the upper and lower chains of the SR-Latch PUF, respectively, where Δd=d H -D L =0, puf produces a response R i . The distributor 1 in the reliability mark generating module is connected to the upper path to output R i Stored in response register REG 1.
Will be uplink configuration signal a 3 A 4 A 5 A 6 Set to a value between 0001 and 1111, downlink B 3 B 4 B 5 B 6 Set to 0000, s=1, k1=1, k2=1, the puf enters test mode. At this time, the additional delay unit is connected to the winding delay chain, and D is caused by the configuration of PDL T The total delay of the uplink becomes D H +D T The delay difference between the two paths becomes DeltaD H =ΔD+D T Simultaneously generates a test output T r1 . At this time, the distributor 1 in the reliability flag generating module is connected to the lower output, the distributor 2 is connected to the upper output, the selector selects the upper signal input, and T is set r1 Stored in the reliability flag register REG 2.
Will be downlink B 3 B 4 B 5 B 6 Configuration signal setup and uplink a 3 A 4 A 5 A 6 Is the same value of (C), uplink A 3 A 4 A 5 A 6 Set to 0000, s=1, k1=0, k2=0, and the puf enters test mode. At this time, the additional delay unit is connected to the next delay chain, and D is caused by the configuration of PDL T The total delay of the add becomes D L +D T The delay difference between the two paths becomes DeltaD L =ΔD-D T Simultaneously generate a testTest output T r2 . At this time, the distributor 1 in the reliability flag generating module is connected to the lower output, the distributor 2 is connected to the upper output, and the selector selects the lower signal input, by which means T is applied r2 T originally stored with REG2 r1 Generating the reliability flag signal F simultaneously or thereafter i Again stored in the reliability flag register REG 2.
The external circuit reads the response value R i And corresponding reliability flag F i
The excitation value of the external circuit is C i+1 Generating and reading a response value R according to the sequence of the steps i+1 And corresponding reliability flag F i+1 . R is obtained i And R is i+1 ,F i And F i+1 Input to the depolarizing module.
The reliable response depolarization method mainly comprises a registration stage and a recovery stage. When a significant deviation of the PUF response occurs, the entropy of the PUF is reduced even if the resulting response is very stable, resulting in entropy leakage of the helper data. PUFs with low bias characteristics therefore also present a certain safety risk. The module has the characteristic of improving response uniformity, and the working example is as follows:
in the registration stage, when the depolarizing structure encoding module receives R i And R is i+1 ,F i And F i+1 When the method starts the registration process of the depolarization structure, and further obtains unbiased response Y i And auxiliary data d i . Examples of registration phases as shown in table 2 and fig. 7, the unbiased response Y is generated by judging together the reliability flag F and the response R, and the procedure can be divided into the following cases:
1) When F i =0,F i+1 =0 or F i =1,F i+1 =1 and R i =R i+1 When the corresponding response is discarded, the data d is depolarized i =0。
2) When F i =1,F i+1 =1 and R i ≠R i+1 When the data d is depolarized i =1, unbiased response Y i =R i
3) When F i =1,F i+1 When=0, the depolarized data d i =1, unbiased response Y i =R i
4) When F i =0,F i+1 When=1, the depolarized data d i =1, unbiased response Y i =R i+1
TABLE 1 De-biasing registration procedure based on reliability confidence information
Figure GDA0004164897180000091
/>
Figure GDA0004164897180000101
When the decoding module of the depolarizing module obtains R with noise i ' and R i+1 ',F i And F i+1 In this case, the auxiliary data d obtained in the registration stage is used i An unbiased response Y 'can be obtained' i . Examples of recovery phases as shown in table 2 and fig. 8, the unbiased response Y 'is recovered based on the reliability flag F, the depolarized data d, and the noisy response R', and the process can be divided into the following cases:
1) When d i When=0, discarding consecutive two-bit PUF responses; when d i When=1, the reliability flag F is judged.
2) When F i =1,F i+1 =0, recovering unbiased response Y i =R i The method comprises the steps of carrying out a first treatment on the surface of the When F i =0,F i+1 When=1, the unbiased response Y is recovered i =R i+1
3) When F i =1,F i+1 When=1, the unbiased response Y is recovered i =R i
TABLE 2 De-biasing recovery procedure based on reliability confidence information
Figure GDA0004164897180000102
/>
Figure GDA0004164897180000111
The protective scope of the invention is not limited to the embodiments described above, but it will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the scope and spirit of the invention. It is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (4)

1. A reliability self-checking and reliable response depolarization method based on an SR PUF is characterized in that: the device comprises a reliability mark generation part and a reliability response depolarization part, wherein the reliability mark generation part comprises a control module, a SR Latch PUF module based on PDL and a reliability mark generation module, and the control module enables the SR Latch PUF module based on PDL and the reliability mark generation module to work orderly by applying signals; the SR Latch PUF module based on the PDL is used for generating a PUF response and a delay test response controlled by the PDL, and the PDL realizes different propagation delays by changing the length of a signal propagation path by utilizing the LUT structure in the Xilinx FPGA; the SR Latch PUF module based on PDL adopts two LUTs to construct a NAND gate, one is configured as an AND gate structure with PDL delay control, the other is a NOT gate with PDL, in the LUTs, two ports are used as NAND gate inputs, the rest 'irrelevant' signals are used as delay configuration ports, and the reliability mark generation module comprises a selector, a same-or structure, two distributors and two registers, and generates reliable response with reliability marks in real time;
the reliable response depolarization method is divided into a response registration stage and a response recovery stage, the reliable response is depolarized, the depolarization process comprises a depolarization PUF coding structure and a depolarization PUF decoding structure, the depolarization PUF coding structure comprises a bit self-checking SR-Latch PUF and a depolarization data encoder, and the depolarization SR-Latch PUF decoding structure comprises a bit self-checking SR-Latch PUF and a depolarization data decoder;
during the registration phase of the depolarization method, depolarization stimulus C i And C i+1 Generating a response R by means of a bit-self-checking SR-Latch PUF i And R is i+1 And a reliable bit flag F i And F i+1 Response R i And R is i+1 Reliable bit flag F i And F i+1 Generating unbiased response Y via a depolarized data encoder i And auxiliary data d i The method comprises the steps of carrying out a first treatment on the surface of the Auxiliary data d i Restoring unbiased response Y by a depolarized data decoder i
During the recovery phase of the depolarization module, stimulus C i And C i+1 Generating noisy response R by inputting noisy bit self-test PUF i ' and R i+1 ' then the auxiliary data d i And noisy response R i '、R i+1 ' input to depolarized data decoder, restore depolarized response Y i ';
The specific process of generating the reliability mark and reliable self-checking is as follows: firstly, inputting an active level into the clk end of a D trigger, initializing an SR-Latch PUF module, and then inputting an active level C into an enable end EN i Setting delay configuration bits of the upper and lower PDL programming lines:
step 1, generating an output response R i
Delay configuration of PDL into Port A 3 A 4 A 5 A 6 And B 3 B 4 B 5 B 6 All set to 0, assume D H And D L The total delay of the upper chain feedback loop and the lower chain feedback loop of the SR-Latch PUF are respectively; two-way additional delay difference Δd=d controlled by PDL H -D L =0, sr-Latch PUF normal output response R i R is taken as i Held in a register;
step 2, generating test output:
will be wound up chain A 3 A 4 A 5 A 6 Configuration signal is set to a value between 0001 and 1111, downlink B 3 B 4 B 5 B 6 Set to 0000, PDL generates value D on the way T The total delay of the add becomes D H +D T The delay difference of the two paths becomes Δd H =ΔD+D T Generates aTest output T r1 And store it;
step 3, generating test output T r2
Will be downlink B 3 B 4 B 5 B 6 Configuration signal setup and uplink A in step 2 3 A 4 A 5 A 6 Is the same value of (C), uplink A 3 A 4 A 5 A 6 Set to 0000, at which time the total delay of the PUF drop becomes D L +D T Delay difference DeltaD of two paths L =ΔD-D T Generating test response T r2
Step 4, generating a reliability mark F i And reliable self-checking;
in step 2 and step 3, if T r1 And T r2 The same output, i.e. DeltaD H And DeltaD L The polarity of (c) is the same, then: ΔD of H =ΔD+D T > 0 and DeltaD L =ΔD-D T > 0, or DeltaD H < 0 and ΔD L < 0, due to D T Is positive, and is |DeltaD| > D T I.e. the absolute value of Δd is greater than the threshold D T If the threshold value D T Is set large enough to generate a stable response when influenced by environmental noise, and the two test outputs are combined to generate a reliability flag F i T, i.e r1 ⊙T r2 =F i When F i When=1, the response R generated by the SR-Latch PUF module is proved i Is reliable; otherwise, prove response R i Unreliable.
2. The SR PUF-based reliability self-test and reliable response depolarization method of claim 1, wherein: the input of the upper chain end port and the door of the SR-Latch PUF module is A 1 A 2 Delay configuration signal A 3 A 4 A 5 A 6 The method comprises the steps of carrying out a first treatment on the surface of the The input of the chain end port and the door at the lower end of the SR-Latch PUF module is B 1 B 2 Delay configuration signal B 3 B 4 B 5 B 6 The method comprises the steps of carrying out a first treatment on the surface of the The input ends of two NAND gates of the SR-Latch PUF are respectively provided with a D trigger, so that the connection to the two NAND gates is ensuredThe path delays are consistent, when exciting C i When the input signal is input to the SR Latch PUF module based on PDL, the input end of the D trigger is used as an excitation receiving end, if the D trigger receives the clk signal from the control module part, the excitation reaches the input end A of the SR-Latch PUF module through the D trigger 1 And B 1 By configuring the delay signal A 3 A 4 A 5 A 6 And B 3 B 4 B 5 B 6 A PUF response is generated.
3. The SR PUF-based reliability self-test and reliable response depolarization method of claim 1, wherein: the reliability mark generating module receives the response from the SR Latch PUF module based on PDL, and the control signal of the control module controls the reliability mark generating module to orderly work to generate a reliability bit mark F i And response R i In the reliability mark generation module, two distributors are distributor 1 and distributor 2 respectively, wherein the input end of the distributor 1 receives a PUF response, the 0 end output of the distributor 1 is connected with REG1, and the 1 end of the distributor outputs the distributor 2; the input end of the distributor 2 is connected with the 1 end output of the distributor 1, the output 1 end of the distributor is connected with the 1 end of the selector, and the output 0 end of the distributor is connected with the same or structure input end; the input 1 of the selector is connected to the 1-end output of the distributor 2, the input 0 of the selector is connected to the output end of the exclusive nor structure, the output end of the selector is connected to the REG2, and the output of the REG2 is used as the other input of the exclusive nor structure.
4. The SR PUF-based reliability self-test and reliable response depolarization method of claim 1, wherein: the registration stage is to judge and generate an unbiased response Y through the reliability mark F and the response R, and the following cases exist:
when F i =0,F i+1 =0 or F i =1,F i+1 =1 and R i =R i+1 When the corresponding response is discarded, the data d is depolarized i =0;
When F i =1,F i+1 =1 and R i ≠R i+1 When the data d is depolarized i =1, unbiased response Y i =R i
When F i =1,F i+1 When=0, the depolarized data d i =1, unbiased response Y i =R i
When F i =0,F i+1 When=1, the depolarized data d i =1, unbiased response Y i =R i+1
The recovery phase is to recover an unbiased response Y 'from the reliability flag F, the unbiased data d and the noisy response R' generated by the noisy PUF by:
when d i When=0, discarding consecutive two-bit PUF responses; when d i When=1, the reliability flag F is judged;
when F i =1,F i+1 =0, recovering unbiased response Y i =R i The method comprises the steps of carrying out a first treatment on the surface of the When F i =0,F i+1 When=1, the unbiased response Y is recovered i =R i+1
When F i =1,F i+1 When=1, the unbiased response Y is recovered i =R i
In the restoration algorithm, the depolarization data and the reliability flag can be used as auxiliary data, and no additional entropy leakage exists because these data only display the position information of reliable response.
CN202210163141.XA 2022-02-22 2022-02-22 Reliability self-checking and reliable response depolarization method based on SR PUF Active CN114679277B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210163141.XA CN114679277B (en) 2022-02-22 2022-02-22 Reliability self-checking and reliable response depolarization method based on SR PUF

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210163141.XA CN114679277B (en) 2022-02-22 2022-02-22 Reliability self-checking and reliable response depolarization method based on SR PUF

Publications (2)

Publication Number Publication Date
CN114679277A CN114679277A (en) 2022-06-28
CN114679277B true CN114679277B (en) 2023-05-09

Family

ID=82071638

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210163141.XA Active CN114679277B (en) 2022-02-22 2022-02-22 Reliability self-checking and reliable response depolarization method based on SR PUF

Country Status (1)

Country Link
CN (1) CN114679277B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117478327B (en) * 2023-12-27 2024-03-19 湖北工业大学 PUF-based von Neumann key generator depolarization algorithm

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107103144A (en) * 2017-05-08 2017-08-29 北京化工大学 The wiring delay deviation quick calibration method of arbitration type PUF based on FPGA
EP3340216A1 (en) * 2016-12-23 2018-06-27 Secure-IC SAS Secret key generation using a high reliability physically unclonable function
CN113177007A (en) * 2021-05-20 2021-07-27 湖北工业大学 High-reliability Arbiter PUF circuit based on deviation compensation
CN113505401A (en) * 2021-07-13 2021-10-15 湖北工业大学 Hybrid PUF circuit capable of extracting physical fingerprints of chip and circuit board and extraction method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102012217716A1 (en) * 2012-09-28 2014-06-12 Siemens Aktiengesellschaft Self-test of a Physical Unclonable Function
US11522725B2 (en) * 2017-03-29 2022-12-06 Board Of Regents, The University Of Texas System Reducing amount of helper data in silicon physical unclonable functions via lossy compression without production-time error characterization

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3340216A1 (en) * 2016-12-23 2018-06-27 Secure-IC SAS Secret key generation using a high reliability physically unclonable function
CN107103144A (en) * 2017-05-08 2017-08-29 北京化工大学 The wiring delay deviation quick calibration method of arbitration type PUF based on FPGA
CN113177007A (en) * 2021-05-20 2021-07-27 湖北工业大学 High-reliability Arbiter PUF circuit based on deviation compensation
CN113505401A (en) * 2021-07-13 2021-10-15 湖北工业大学 Hybrid PUF circuit capable of extracting physical fingerprints of chip and circuit board and extraction method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
一种适用于PUF可靠性提升的微弱延时测试方案;江悦;梁华国;应健锋;周凯;马高亮;蒋翠云;鲁迎春;黄正峰;;微电子学;第50卷(第02期);正文第292至295页 *
基于BST-PUF模型的轻量型认证与会话密钥交换协议;贺章擎等;计算机工程与应用(第1期);正文第2-4页 *
基于比特自检的 Arbiter PUF 电路研究及 FPGA 实现;张零超;中国优秀硕士论文电子期刊(第第11期期);正文第8-30页 *

Also Published As

Publication number Publication date
CN114679277A (en) 2022-06-28

Similar Documents

Publication Publication Date Title
Gao et al. Lightweight (reverse) fuzzy extractor with multiple reference PUF responses
CN107483180B (en) High-stability physical unclonable function circuit
US20140189890A1 (en) Device authentication using a physically unclonable functions based key generation system
US20090110188A1 (en) Configurable random number generator
CN104168264B (en) A kind of low cost, high security physics unclonable function circuit
US9722805B2 (en) Integrated security device and signal processing method used for an integrated security device
CN112272084B (en) Anti-attack and self-checking characteristic key generation system and method based on composite PUF
CN113297634B (en) Physical unclonable function hardware circuit based on full spin logic and implementation method
CN114679277B (en) Reliability self-checking and reliable response depolarization method based on SR PUF
CN112364391A (en) Arbiter PUF reliable response screening system and bias control and response screening method thereof
US20190305972A1 (en) Physically unclonable function resistant to side-channel attack and method therefor
CN108683505A (en) A kind of high security APUF circuit structures
CN109633422A (en) The encryption chip safety detecting method obscured based on scanning
Hemavathy et al. Arbiter PUF-a review of design, composition, and security aspects
Abdelraheem et al. Cryptanalysis of ARMADILLO2
WO2021232255A1 (en) True random number generator and electronic device
Chakraborty et al. A combined power and fault analysis attack on protected grain family of stream ciphers
Nassar et al. CaPUF: Cascaded PUF structure for machine learning resiliency
Shariffuddin et al. Review on arbiter physical unclonable function and its implementation in FPGA for IoT security applications
Biryukov et al. Cryptanalysis of the Atmel cipher in SecureMemory, CryptoMemory and CryptoRF
CN108763977B (en) Circuit and electronic device of clamp phase inverter PUF and implementation method
Santana-Andreo et al. A DRV-based bit selection method for SRAM PUF key generation and its impact on ECCs
CN117081751A (en) High-reliability quantitative response arbiter type PUF structure
Surya et al. Local clock glitching fault injection with application to the ASCON cipher
US9344273B2 (en) Cryptographic device for implementing S-box

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant