CN107017990B

CN107017990B - System and method for stable physically unclonable functions

Info

Publication number: CN107017990B
Application number: CN201610892280.0A
Authority: CN
Inventors: S·U·郭
Original assignee: Maxim Integrated Products Inc
Current assignee: Maxim Integrated Products Inc
Priority date: 2015-10-13
Filing date: 2016-10-13
Publication date: 2021-05-04
Anticipated expiration: 2036-10-13
Also published as: CN107017990A

Abstract

Various embodiments of the present invention allow for the utilization of natural statistical variations of physical properties in semiconductor devices in order to create cryptographic bits that are truly random, repeatable, and difficult to detect. In some embodiments, this may be achieved by recursive pairings of PUF elements with mismatch values to ensure that the generated PUF key bits remain insensitive to environmental errors without affecting the utilization of available PUF elements. The pairing process may be applied to any given hardware to generate a more stable PUF bit sequence that provides a higher error margin, an increased number of bits for a given error margin, or any combination thereof.

Description

System and method for stable physically unclonable functions

Cross Reference to Related Applications

This application claims priority to U.S. provisional application No.62/240,991 entitled "Systems and Methods for Stable physical open Functions", filed on Sung Ung Kwak, 10/13/2015, which is incorporated herein by reference in its entirety.

Technical Field

The present invention relates to security systems for identification and authentication, and more particularly to systems, devices, and methods for random cryptographic key generation by means of a Physical Unclonable Function (PUF).

Background

The purpose of semiconductor processing is to minimize process variations, which are the cause of tolerances generated in physical components on a wafer that result in variations in threshold, capacitance, resistance values, etc. of transistors. Variations between components cannot be completely eliminated by virtue of the fabrication techniques employed, including non-uniform deposition and etching processes, whose repeatability remains imperfect. These varying statistical properties accompany the inability to obtain information about the component by merely examining the component layout. In other words, absent extremely difficult measurements at the component level, these physical changes cannot be detected or replicated.

PUF designs take advantage of these small, but characteristic, manufacturing variations in physical semiconductor components in order to generate random sequences, unique cryptographic keys. In some existing designs, individual key bits are determined based on a mismatch in the polarity of PUF elements to generate a single bit result. In a typical gaussian distribution of mismatches, a relatively large number of PUF elements in a population of PUF elements will be centered at the midpoint of the distribution. The use of a commonly employed zero-one comparator opens the following possibilities in view of the effects of other non-manufacturing variations (e.g., voltage offset, temperature drift, relative aging processes, package stress, noise, etc.): the key bits undesirably change from zero to one (and vice versa) based on the polarity of the individual PUF elements, thereby negatively affecting the repeatability of the stored code.

Ideally, the PUF elements are made of circuit components that exhibit large mismatches in order to minimize the effects of environmental variations on the device and thereby improve the repeatability and stability of the generated key bits. As the parts of the population of PUF elements that exhibit a relatively small mismatch are statistically more likely to undergo a change in sign, PUF elements falling within the population are not suitable for the purpose of generating random key bits. Thus, PUF elements that exhibit relatively small mismatches are typically excluded from any given batch in order to prevent PUF output bit reactions, which would be sensitive to environmental changes and produce unstable cryptographic keys.

Unfortunately, techniques that improve stability by selecting PUF elements based on mismatched polarities tend to discard a significant portion of the useful PUF elements from the population in order to achieve a desired bit error rate. However, excluding a large portion of the PUF elements necessarily reduces the overall utilization.

What is needed is a tool for ensuring that computing system designers maintain high utilization of PUF elements without negatively impacting the stability and accuracy of key bits generated by an electronic PUF system.

Drawings

Reference will now be made to embodiments of the invention, examples of which may be illustrated in the accompanying drawings. The drawings are intended to be illustrative, not restrictive. While the invention is summarized in the context of these embodiments, it should be understood that it is not intended to limit the scope of the invention to these particular embodiments.

Figure ("figure") 1 shows the effect of drift on the normal gaussian distribution of the PUF element output representing a mismatch value.

Figure 2 illustrates an exemplary pairing process for generating PUF key bits using an exemplary gaussian distribution of classified mismatch values, in accordance with various embodiments of the present invention.

Fig. 3A and 3B illustrate an exemplary measured and normal gaussian distribution of Vgs mismatch in a MOS device converted to an exemplary bi-modal (bi-modal) distribution using sorted pair mismatch data according to various embodiments of the invention.

FIG. 4 illustrates a desired margin of error rate (margin) as a function of various embodiments of the present invention.

Figure 5 illustrates an exemplary implementation of a system for generating a stable 128-bit PUF key using recursive pairing, according to various embodiments of the invention.

Fig. 6A and 6B illustrate exemplary recursive pairings of two bimodal distributions of pairing mismatch data resulting from a transformation of a gaussian distribution, in accordance with various embodiments of the present invention.

Fig. 7A and 7B illustrate the effect of recursive pairing in fig. 6.

Figure 8 illustrates an exemplary expected error rate for a PUF array when used in accordance with various embodiments of the present invention.

FIG. 9 is a flow diagram of an illustrative process for generating pairing information in accordance with various embodiments of the invention.

Detailed Description

In the following description, for purposes of explanation, specific details are set forth in order to provide an understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without these specific details. Those skilled in the art will recognize that the embodiments of the present invention described below may be implemented in a variety of ways and using a variety of means. Those skilled in the art will also recognize that additional modifications, applications, and embodiments are within the scope of the invention as defined by the further fields in which the invention may be of utility. Thus, the embodiments described below illustrate specific embodiments of the invention and are intended to avoid obscuring the invention.

Reference in the specification to "one embodiment" or "an embodiment" means that a particular feature, structure, characteristic, or function described in connection with the embodiment is included in at least one embodiment of the invention. The appearances of the phrases "in one embodiment" or "in an embodiment" in various places in the specification are not necessarily all referring to the same embodiment.

Furthermore, the relationships between components or method steps in the drawings are not limited to directly affecting relationships. Rather, the relationships between the components or method steps shown in the drawings may be modified or otherwise changed by the addition of intermediate components or method steps without departing from the teachings of the present invention.

The terms "variation" and "mismatch" are used interchangeably herein. "PUF elements" and "PUF devices" include physical elements, chemical elements, and other elements recognized by those skilled in the art.

Fig. 1 shows the drift effect on a normal gaussian distribution of the PUF element output representing a mismatch value. Mismatches in PUF elements may be caused by a number of factors including variations in doping concentration, variations in gate oxide thickness, and variations in geometric tolerances due to imperfect semiconductor manufacturing processes during the manufacture of MOS devices. Mismatch information of PUF elements present in a physical device may be obtained in various forms, for example in the form of electrical, magnetic or optical information.

In general, PUT bits are selected from a given population (e.g., threshold voltage) of measured mismatch values of PUF elements based on polarity. In fig. 1, PUF elements with small mismatch values are typically discarded to ensure stability and to prevent drift from causing unwanted bit flipping. As used herein, drift may be any change in an environmental variable, such as temperature drift, noise, etc. Therefore, many useful PUF elements in the distribution are typically discarded, thereby facilitating the achievement of the desired stability. In detail, the upper curve in fig. 1 is the mismatch distribution, whereas the lower curve shows the distribution of the drift for any given mismatch. This information can be derived from the measurement of the PUF element.

We consider PUF elements with mismatches at the +1 σ 112 or-1 σ 114 points at the location of the distribution 102, then the mismatch value in the region 120 on the left or negative side of the distribution may be considered large enough to ensure a bit "0". Likewise, mismatch values in region 140 located on the right or positive side of the distribution may be considered large enough to ensure a bit "1". However, as illustrated by curve 104, the value of the mismatch located in the middle section 130 of the distribution 102 may vary greatly if affected by one or more environmental variables.

This increases the probability of unwanted PUF key bit flips, since the edges of the curve 104 are relatively closer to the center of the distribution. For example, if any mismatch values outside the +/-1 σ band 130 are considered stable, all PUF elements associated with values lying below the curve 102 that fall within the +/-1 σ window 130 (i.e., 68% of the population of gaussian distributions 102) will have to be discarded. It is noted that other distributions do not eliminate this problem, as they produce similar comparable results. Advantageously, the methods and systems presented herein are independent of the type of specific statistical distribution of any sample group of actual components.

In short, to achieve a desired bit error rate (e.g., to allow operation over a wide temperature range), a relatively large portion of the useful PUF elements must be discarded from the entire population 102 to account for potential drift and to ensure stable PUF bits. However, the improvement in error rate comes at the expense of a reduction in the number of available PUF elements that are capable of producing PUF bits. Intuitively, the more PUF elements are used that are located near the center of the distribution, the smaller their mismatch will be and the more non-repeatable PUF bits will be included in the section, resulting in a larger error rate.

It is therefore desirable to have systems and methods avoid this trade-off between utilization and error rate, so that the resulting PUF key bits remain insensitive to environmental errors without affecting the overall utilization of the available PUF elements.

Figure 2 illustrates an exemplary pairing process for generating PUF key bits using an exemplary gaussian distribution of classified, unprocessed PUF element mismatch data, in accordance with various embodiments of the invention. The gaussian distribution 202 includes 256 measured mismatch values for a 16 x 16 bit array of 256 PUF elements (not shown). Each PUF element is associated with its own mismatch value, which is output by the array of PUF elements. In an embodiment, 256 mismatch values representing 256 measured samples are sorted by magnitude and polarity and combined into pairs to create random values from the difference of the mismatch values in the pairs 250.

In detail, the rightmost value in the example in fig. 2 is the first PUF element 210 and the leftmost value is the 256 th PUF element 212. According to this distribution, the first PUF element 210 and the 256 th PUF element 212 each have a relatively large mismatch value with opposite polarities. In contrast, the 129 th PUF element 220 has a mismatch value of approximately zero. It is to be understood that by this classification method (assuming a sufficiently large population of mismatch values), about half of the obtained values will be positive, while the other half will be negative.

In an embodiment, once the mismatch values of PUF elements are classified from 1 to n (where n is 256), pairing is performed in the following way: the PUF element with the largest positive mismatch (i.e. the first PUF element 210 at the far right positive side of the distribution 202) is paired with the PUF element with the smallest negative mismatch located at the negative side close to the central area of the distribution 202 (i.e. the 129 th PUF element 220 used to construct the first pairing value). Next, the second largest positive PUF element (i.e., the second PUF element 240) is paired with the second smallest negative PUF element 230 (i.e., the 130 th PUF element), resulting in a second pairing result, and so on.

This pairing method (referred to herein as non-recursive) continues until all 256 mismatch values in the distribution 202 are paired. This results in a total of 128 random pair values being generated. The pairing information is different. This approach makes the PUF key bits insensitive to variations in different parts, wafers, lots or packages, etc., since the measured data is unique for each part.

In mathematical form, for n elements, pairing for i ═ 1 to n is performed by pairing the ith element with the (n/2+ i) th element. In an embodiment, pairing of mismatch values includes subtracting the mismatch values in pairs, such that a relatively large number paired with a smaller number creates 128 random and relatively large differences. In an embodiment, a selection circuit (not shown) may be implemented to select and quantify the difference in mismatch values between pairs of devices, for example by assigning a numerical value to the difference between each pair.

In an embodiment, to maintain randomness of key bit generation in addition to stability, the values resulting from the subtraction are randomly switched to generate random 0 or 1 values. This may be done, for example, by randomly subtracting both numbers in a pair from each other (i.e., by randomly selecting the subtracted number and the subtracted number before performing the subtraction operation).

Assuming an index of 1 to 256 representing the mismatched physical arrangement of physical PUF elements, once classified, the index will be different from the original index. In one embodiment, each element is assigned an exponent number based on position prior to subtraction, and if the first exponent number is greater than the second exponent number, then the first number is selected to be subtracted. Conversely, if the first exponent number is less than the second exponent number, the first number is selected to be a decrement number. In other words, the choice of the decremented number is also based on the mismatch of the particular chip as represented by the exponential number, thereby taking advantage of the randomness characteristics of the PUF itself and preventing unwanted randomness contamination. Those skilled in the art will appreciate that other mapping and classification schemes may be utilized.

Fig. 3A and 3B illustrate exemplary measurements of mismatch values and conversion of a normal gaussian distribution into an exemplary bimodal distribution, in accordance with various embodiments of the present invention. Mismatch is typically made by a number (e.g., voltage difference Δ V)_GS) To indicate. In an embodiment, the pairing of identified or measured and classified elements loses Vgs in the MOS deviceThe histogram of the original gaussian distribution 302 of the pair is converted into a bimodal distribution 350 comprising the pair mismatch data. Each sample in bimodal distribution 350 is derived from a paired set of mismatched data points in distribution 302. Thus, for example, the generation of a 128-bit PUF key requires 256 PUF elements that sample 256 mismatched data points, because the two elements of the pairing are combined to generate a single PUF bit.

Graph 300 in fig. 3A is an original gaussian distribution 302 that is mismatched prior to pairing. Mismatch distribution 302 may be derived from measurements (e.g., performed at ambient temperature during wafer testing). Graph 350 in fig. 3B shows a bimodal distribution 350, bimodal distribution 350 having an increased margin that is at least 1.5 times the standard deviation of distribution 302. In an embodiment, once pairing is completed, the two numbers in each pair are subtracted from each other to generate a relatively large difference. For example, if the subtraction results in a positive number, the resulting bit will be assigned a value of "1", whereas if the subtraction results in a negative number, the bit will be assigned a value of "0". By virtue of the subtraction operation, a large difference widens the safety margin and thus ensures that the result is not affected by drift effects.

The effect of combining the paired PUF elements in this manner is to transform the Vgs-mismatched normal distribution 302 into a bimodal distribution 350, the bimodal distribution 350 containing no Vgs values within the exclusion range located near the center of the distribution 350. This satisfies the criterion of minimum spacing of pairs of PUF elements, which is intended to ensure that stable PUF bits are generated due to an improved expected error rate, as will be discussed next.

FIG. 4 illustrates desired margin of error rate as a function of various embodiments of the invention. Ideally, the error rate (i.e., the likelihood of misreading a single bit due to a change in polarity) due to, for example, environmental effects, would be zero. However, empirical data indicates a failure rate of 350 parts per million (ppm) for a 128-bit key. Similarly, for a 256 bit key, the failure rate was found to be 650 ppm. Also, in some applications, the 1.35 σ spacing may not provide sufficient margin for a typical failure rate of a 128-bit key.

For example, as shown in FIG. 4, a ten-fold lower failure rate 402 from 1ppm to 100 parts per billion (ppb) requires an interval increase of 0.15 standard deviations (here from 1.65 to 1.8) for a 128-bit key. For the same 128-bit key, a lower failure rate of one hundred times from 1ppm to 10ppb requires an interval increase of 0.25 standard deviations, and so on. It is to be noted that for the purposes of the present invention, 100% utilization of PUF elements is not required. Advantageously, systematic errors do not affect the results, since these errors are inherent to the overall system and apply equally to all mismatched pairs. The error caused by the noise is also negligible when compared to the magnitude of the detected difference.

In an embodiment, in order to even further improve the stability by the pairing scheme discussed in relation to fig. 2 and 3, the pairing of the analog PUF elements is performed in a recursive manner, as will be explained with reference to fig. 5, fig. 5 shows an exemplary implementation of a system for generating a stable 128-bit PUF key by using recursive pairing according to various embodiments of the present invention. The system 500 includes

chips

502, 504, and an ADC 530. Those skilled in the art will appreciate that the system 500 may include additional components to analyze, convert, amplify, process, and protect data, including logic devices and power supplies as are known in the art.

The inventors contemplate that the mismatch values are handled by any mathematical operation (e.g., by multiplication rather than simple subtraction). In addition, any number of mismatch values may be selected and combined for processing. For example, three mismatch values may be processed to generate a PUF key. In addition, different algorithms may be used for different physical devices in order to reduce detectability and thus enhance security.

The

chips

502, 504 comprise two identical but independent 16 x

16PUF arrays

510, 520, which can be used to generate the two separate bimodal distributions shown in fig. 6A and 6B. As depicted in the figures, the spacing of the mating mismatch elements in fig. 6A and 6B is +/-1.35 σ, i.e., the same value as in fig. 3, obtained by the mating process discussed with respect to fig. 2 and 3.

Referring back to fig. 5, each

PUF array

510, 520 is designed as a mating element 504 as previously described. Although only two arrays are shown in fig. 5, the inventors envision that any number and combination of possible arrays may be used. In an embodiment, once the PUF elements 504 are classified from one to n (e.g., n-256) for each array, they are paired in the following manner:

the largest positive mismatch from one bimodal distribution (e.g., number 1 of array 1510) is paired with the smallest negative mismatch from the other bimodal distribution (e.g., number 65 of array 2520) to obtain a first recursive pairing result. The second largest positive mismatch from the first bimodal distribution (e.g., number 2 of array 1510) is paired with the smallest negative mismatch from the second bimodal distribution (e.g., number 66 of array 2520) until all 128 paired values are re-paired. In other words, for n elements 504, pairing i 1 to n/2 is performed by pairing the i-th element of array 1 with the (i + n/2) th element of array 2, and pairing i n/2+1 to n is performed by pairing the i-th element of array 1 with the (i-n/2) th element of array 2.

The method provides two elements for each bimodal distribution, namely four elements from which the 0 and 1 key bits can be generated. In an embodiment, similar to fig. 2, as before, the value of 0 or 1 is generated, for example, by assigning an exponential-based value of 0 or 1, subtracting the pairing value and applying a random switch. However, the recursive approach is expected to yield relatively large intervals, i.e., margins, compared to the non-recursive approach of FIG. 2.

In an embodiment, the interval of the recursive approach is at least twice as large as the non-recursive approach. For example, as can be seen in fig. 6A and 6B, matching of the mismatch associated with σ (610) of-4 to the mismatch associated with σ (660) of +1.35 results in a relatively wide overall spacing margin of 5.35, which is almost 4 times greater than 1.35 for the particular pair 630. Even when considering the non-linear nature of the

bimodal distribution

600, 650 and examining the mismatch value at the middle of the distribution at the middle point representing the density, the pairing of the mismatch associated with σ (614) from the bimodal distribution 600 and σ (662) from the bimodal distribution 650 and about +1.46 will yield a total separation margin of about 2.93, which is more than twice the 2.7 separation that can be obtained by the non-recursive method. Thus, even the smallest available spacing will be more than twice as large as 1.35 for any given pairing.

One advantage of recursive pairing according to embodiments of the present invention is that the method can be used iteratively on any given hardware to selectively generate more stable PUF bits or increase the number of bits.

Fig. 7A and 7B illustrate the effect of recursive pairing in fig. 6. FIG. 7A shows the same bimodal distribution 700 as in FIG. 3B, the bimodal distribution 700 resulting from non-recursive pairing when applied to a Gaussian distribution. In contrast, bimodal distribution 750 in FIG. 7B shows the results obtained by using the system presented in FIG. 5 that applies recursive pairing. As can be seen, the random values in distribution 750 in fig. 7B are also distributed in a bi-modal manner. However, the increased separation distance advantageously provides a larger margin. Comparing empirical data from two different pairing methods, it can be seen that the interval increases from 1.35 for non-recursive pairings in FIG. 7A to 2.93 for recursive pairings in FIG. 7B. In other words, the separation distance is more than twice as large. Thus, for example, for a 128-bit key, a recursive pairing approach may be used to achieve a failure rate of 0.4 ppb.

Figure 8 illustrates an exemplary expected error rate for a PUF array when used in accordance with various embodiments of the present invention. The number N in table 800 indicates a number for performing non-recursive pairing (i.e., N ═ 1) or recursive pairing (i.e., N) according to embodiments of the present invention>1) The exemplary 16 x 16 array. Although up to 8 arrays are listed in fig. 8, one skilled in the art will appreciate that the number of possible arrays and combinations thereof is not limited. In units of σ (Δ V)_GS) The indicated margin 810 represents the spacing achievable based on a given number of arrays 810. The standard deviation 820 of the total drift is based on empirical data and is also in units of σ (Δ V)_GS) To indicate. The value of partial failure rate 830 is based on empirical data for an exemplary 128-bit key.

As shown in fig. 8, when recursive pairing is extended to include multiple PUF arrays, the margin 810 doubles more than each time the number of arrays 802 doubles. This result translates directly into enhanced PUF stability and accuracy without the need for more accurate measurements. In addition, since the number of arrays 802 is doubled, the standard deviation of the total drift 820 increases by a factor of v 2, and the partial failure rate 830 decreases accordingly, further emphasizing the benefit of this highly scalable model based on modular PUF array designs that require minimal or no changes to add arrays to improve stability.

In an embodiment, some or all of the functionality of the modular system may be implemented in software. Those skilled in the art will appreciate that accuracy may be traded for a longer key length. For example, more arrays may be added at constant intervals to increase the key bit length (e.g., from 128 to 256). Alternatively, the bit length may be kept constant for purposes of PUF stability and accuracy, in order to increase the separation distance to achieve a larger margin.

It is to be understood that the various embodiments of the present invention may be applied to any physical characteristic having a natural variable, such as threshold voltage, oscillation frequency, resistance, capacitance, and the like. In one embodiment, different characteristics of the element pairs are combined to create mathematical operations (e.g., Vt mismatch and capacitance mismatch). Further, those skilled in the art will appreciate that various memory structures may be used to store pairing information.

FIG. 9 is a flow diagram of an illustrative process for generating pairing information in accordance with various embodiments of the invention. The process for generating pairing information begins at 902 when mismatch data is determined for two to more PUF elements.

At step 904, the mismatch data is classified by magnitude and polarity to obtain a group of classified mismatch data having a certain mathematical distribution.

At step 906, data pairs are selected from the sorted set of mismatched data according to some selection mechanism in order to generate a bimodal data distribution of paired values. In an embodiment, pairs may be selected from one or more bimodal distributions generated by one or more PUF arrays. In an embodiment, the individual values of a pair may be subtracted from each other to increase the separation distance between them.

At step 908, the individual values of the pairs are randomly switched and polarities are assigned to the paired values to maintain randomness.

At step 910, a bit sequence is generated from the pairing values using the bimodal distribution data.

Finally, at step 912, the unprocessed PUF path mismatch data is erased from memory.

Those skilled in the art will appreciate that fewer or additional steps may be incorporated with the steps shown herein without departing from the scope of the invention. The arrangement of blocks within a flowchart or description herein does not imply a particular order.

It will be further appreciated that the foregoing examples and embodiments are exemplary and are for purposes of clarity and understanding and do not limit the scope of the invention. All permutations, enhancements, equivalents, combinations, and improvements that are apparent to one skilled in the art upon reading the specification and studying the drawings are intended to be within the scope of the invention. It is therefore intended that the following appended claims include all such modifications, permutations, and equivalents as fall within the true spirit and scope of the present invention.

Claims

1. An apparatus for generating PUF key bits, the apparatus comprising:

a sense element configured to detect a mismatch in physical characteristics between PUF elements and to output a signal associated with the mismatch;

a data converter coupled to the sensing element, the data converter converting the output signal into mismatch data associated with a first distribution;

a classification module coupled to receive the mismatch data from the data converter, the classification module classifying at least some of the mismatch data by magnitude and polarity to generate a classified mismatch value;

a pairing module to pair the at least two classified mismatch values to generate a pair value associated with a second distribution; and

a sequence generator that generates a sequence of bits using the second distribution.

2. The apparatus of claim 1, wherein the pairing module pairs the classified mismatch values to generate a first pairing value associated with a second distribution, a second pairing value associated with a third distribution, and the pairing module generates a fourth distribution using the first pairing value and the second pairing value.

3. The apparatus of claim 1, wherein the pairing value is generated by combining a first sorted mismatch value associated with a large positive number and a second sorted mismatch value associated with a relatively small negative number.

4. The apparatus of claim 3, further comprising a switching module to switch an order of at least some of the classified mismatch values to assign a polarity representing one of zero and 1 to the pairing value.

5. The apparatus of claim 1, wherein a difference between two pairing values equals or exceeds a predetermined value.

6. The apparatus of claim 3, wherein the plurality of PUF elements are located on separate arrays.

7. The apparatus of claim 6, wherein the first sorted mismatch values are associated with a first array and the second sorted mismatch values are associated with a second array.

8. The apparatus of claim 1, wherein the mismatch data is stored in a first memory and is overwritten when a second memory stores the pairing data.

9. The apparatus of claim 8, wherein the first memory comprises a register to receive the mismatch data.

10. The apparatus of claim 1, wherein at least one of the classification module and the pairing module is implemented in software.

11. The apparatus of claim 1, wherein the sensing element detects a mismatch under start-up conditions.

12. The apparatus of claim 1, wherein the data converter digitizes the mismatch data prior to classifying pairs.

13. The apparatus of claim 10, wherein switching module comprises a summing module that subtracts the switched classified mismatch value based on the output signal.

14. A method of reliably regenerating a randomly generated unique bit sequence, the method comprising:

determining mismatch data related to at least one physical characteristic of a plurality of PUF elements, the mismatch data being associated with a first distribution;

classifying at least some of the mismatch data by magnitude and polarity to generate classified mismatch values;

pairing the classified mismatch values to generate a first pair value associated with a second distribution; and

generating a bit sequence using the second distribution.

15. The method of claim 14, wherein pairing comprises combining a first sorted mismatch value associated with a large positive number and a second sorted mismatch value associated with a relatively small negative number to generate a pairing value.

16. The method of claim 15, wherein the first sorted mismatch values are associated with a first array and the second sorted mismatch values are associated with a second array, the first and second arrays being independent of each other.

17. The method of claim 14, further comprising switching an order of at least some of the sorted mismatch values to assign a polarity to the pairing value, the polarity representing one of zero and 1.

18. The method of claim 14, wherein the first distribution is a normal distribution and the second distribution is a bimodal distribution.

19. A method of reliably regenerating a randomly generated unique bit sequence, the method comprising:

pairing the classified mismatch values to generate a first pair value associated with the second distribution and a second pair value associated with the third distribution;

pairing the first pairing value with the second pairing value to generate a fourth distribution; and

generating a bit sequence using the fourth distribution.

20. The method of claim 19, wherein a first interval of the fourth distribution is at least twice as large as a second interval of the first distribution.