CN112272084A - Anti-attack and self-checking characteristic key generation system and method based on composite PUF - Google Patents

Anti-attack and self-checking characteristic key generation system and method based on composite PUF Download PDF

Info

Publication number
CN112272084A
CN112272084A CN202011031519.8A CN202011031519A CN112272084A CN 112272084 A CN112272084 A CN 112272084A CN 202011031519 A CN202011031519 A CN 202011031519A CN 112272084 A CN112272084 A CN 112272084A
Authority
CN
China
Prior art keywords
output
puf
response
level
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011031519.8A
Other languages
Chinese (zh)
Other versions
CN112272084B (en
Inventor
梁润华
钟鸣
何柏声
蔡述庭
熊晓明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong University of Technology
Original Assignee
Guangdong University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong University of Technology filed Critical Guangdong University of Technology
Priority to CN202011031519.8A priority Critical patent/CN112272084B/en
Publication of CN112272084A publication Critical patent/CN112272084A/en
Application granted granted Critical
Publication of CN112272084B publication Critical patent/CN112272084B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Abstract

The invention discloses a key generation system based on a compound PUF (physical unclonable function) with anti-attack and self-checking characteristics, which comprises a first-level PUF circuit module, an excitation generation module, a second-level PUF circuit module and a result output module, wherein: the first-level PUF circuit module receives original excitation and generates an output response with N bits, and registers the response in a register group; the excitation generation module receives the output response of the first-level PUF circuit module as a reset signal, and generates pseudo-random output according to the configured primitive polynomial after the reset is completed; the second-level PUF circuit module comprises two D trigger-based arbiter type PUF circuits with self-checking circuits, receives the pseudo-random output from the m-sequence generator as input stimuli and respectively and independently generates a response and a reliable mark; and the result output module uses the last bit signal from the m-sequence generator as a selection control signal to selectively output the response of the output result of the second-level PUF circuit module and the reliable mark.

Description

Anti-attack and self-checking characteristic key generation system and method based on composite PUF
Technical Field
The invention relates to the technical field of communication, in particular to a key generation method based on a composite PUF (physical unclonable function) with anti-attack and self-checking characteristics.
Background
With the rapid development of the internet of things and intelligent terminals in recent years, the problem of information security gradually gets more and more attention of multiple users. The encryption and decryption algorithms in cryptography are generally not open to information security issues, and for most encryption applications, an essential prerequisite is that keys can be securely generated, stored and retrieved. Whether the encryption operation system is realized based on software or software, the key is the core of the whole encryption operation system. In a general embedded device with an encryption function, keys are all stored in a nonvolatile memory, and are easily threatened by means of invasive attack, semi-invasive attack and the like, so that security problems such as key leakage, falsification and the like are caused.
The physical unclonable function PUF is a hardware function implementation circuit which depends on the physical characteristics of a chip, has unclonability and unpredictability and can be used for key generation. However, with the proposed concept of PUF, various attack means for PUF have been developed, such as channel measurement attack and machine learning modeling attack, and many attack techniques have proved to be able to break the PUF structure. In order to improve the performance of a single PUF structure against attacks, the PicoPUF and the D trigger-based arbiter type PUF are used for forming a two-stage compound type PUF serving as a key generation structure in the scheme. Meanwhile, in order to ensure that the excitation generation has randomness and further improve the safety, an m-sequence generator which is easy to realize is used for replacing a state machine to control the excitation generation.
Although the use of a PUF to generate a key has the advantages of being non-conservative, easy to obtain, determined by process variations, unique and unpredictable in excitation response, etc., the output of the PUF circuit is noise-containing because the circuit itself has a special structure and is inevitably affected by changes in the conditions (voltage, temperature, etc.) around the chip. In conventional cryptography, based on the consideration of the security of the cryptographic algorithm, it is necessary to ensure that the key of the algorithm is reliable, stable, and random, so that the output of the PUF circuit cannot meet the requirement of being directly used as the key. Existing solutions are usually achieved by introducing output error correction techniques, but new problems arise: the error correction technology can bring huge execution overhead and resource occupation, and is not suitable for small and medium-sized embedded devices with limited software and hardware resources.
Disclosure of Invention
The invention provides a key generation method based on a compound PUF with anti-attack and self-check characteristics, which is used for considering the reliability of PUF output and reducing the use of resources.
In order to realize the task, the invention adopts the following technical scheme:
a key generation system based on a compound PUF with anti-attack and self-checking characteristics comprises a first-level PUF circuit module, an excitation generation module, a second-level PUF circuit module and a result output module, wherein:
the first-level PUF circuit module comprises N PicoPUF circuits which are arranged in parallel, and the PicoPUF circuits are used for receiving an original stimulus and generating an output response with N bits and registering the response in a register group;
the excitation generation module comprises an m-sequence generator, the m-sequence generator is used for receiving the output response of the first-level PUF circuit module as a reset signal, and after the reset is completed, pseudo-random output is generated according to the configured primitive polynomial;
the second-level PUF circuit module comprises two D trigger-based arbiter PUF circuits, and self-checking circuits are arranged in the D trigger-based arbiter PUF circuits; the two D-flip-flop based arbiter type PUF circuits receive the pseudo-random output from the m-sequence generator as input stimuli and respectively generate a response and a reliable flag independently;
and the result output module comprises two selectors, and the response of the output result of the second-level PUF circuit module and the reliable mark are selectively output by using the last bit signal from the m-sequence generator as a selection control signal.
Further, the picoPUF circuit in the first-level PUF circuit module includes a D flip-flop (I), a D flip-flop (II), an SR latch (III), and a data selector (IV), wherein:
when a D trigger (a) receives a reset signal clear, a Q port is reset to be 0; then, the D flip-flop (I) is turned over under the action of a start signal, and an SR latch (III) connected with the D flip-flop (I) can distinguish the arrival sequence of the turning signals of the two flip-flops, so that 0 or 1 can be stably output; under the selection action of the data selector (IV) through original excitation, signals at the upper end and the lower end of the SR latch (IV) can be selectively output.
Further, the m-sequence generator in the excitation generation module comprises a circuit structure formed by linear feedback shift registers, and the circuit structure comprises linear feedback shift registers formed by N D triggers and N feedback coefficient g configuration registers; the Q port output of the ith (i ═ 1 … N) D flip-flop is exclusive-ored with the ith g, and the exclusive-or is used as the input of the (i + 1) th D flip-flop D port.
Further, the output response from the first-level PUF circuit module is used as a setting signal to initialize the m-sequence generator; under the drive of a clock CLK, a Q port triggered by each clock period D changes to form a pseudo-random output which is used as an m sequence generator; the feedback coefficient g needs to be valued according to the primitive polynomial, and when the value is 1, it indicates that the feedback of the path exists, otherwise, it indicates that the feedback does not exist.
Furthermore, in the second-level PUF circuit module, the self-checking circuit in the D trigger-based arbiter type PUF circuit comprises a delay module and a self-checking module, the delay module comprises a data selector (c) and a delay unit (c), and the self-checking module comprises a 1-2 data distributor (c), a data selector (c) and a register (c);
for the delay module, delay data from a path 1 are respectively connected to a port 1 of a data selector I, and delay data from a path 2 are respectively connected to a port 0 and a port 1 of the data selector I; the output of the first data selector is respectively connected to the 0 port of the second data selector after passing through a delay unit;
for the self-checking module, the output response of the arbiter D trigger is connected to the input ends of the register (c) and the 1-2 data distributor (c) through the 1-2 data distributor (c) and the back 1 output end and the 0 output end respectively; the 1 output end of the 1-2 data distributor is connected to the 1 port of the data selector, the 0 output end and the output of the register are connected to the 0 port of the data selector; the output terminal of the data selector is connected to the input port of the register.
Further, the working process of the reliability self-checking mechanism formed by the delay module and the self-checking module together is as follows:
a) when K1 is equal to 1 and K2 is equal to 1, the system is in a normal working state, the time delay of the path 1 and the path 2 respectively reaches a data port and a clock port of a D trigger through a data selector (c), and the output response of the trigger is stored in a register REG1 after passing through a 1-2 data distributor (c);
b) when K1 is equal to 0, K2 is equal to 1, and S is equal to 1, the system is self-checking the operation status, the delay of path 1 is added with the delay value T of delay unit ninucThen, the data reaches a data port of the D trigger through a data selector, and a path 2 is unchanged; at this time, the output response of the trigger is stored in the register REG2 after passing through the 1-2 data distributor (r) and the data selector (c);
c) when K1 is equal to 1, K2 is equal to 0, and S is equal to 0, the system is self-checking the operation status, and the delay of path 2 is added with the delay value T of delay unit ninucThen, the path 1 is unchanged from the data selector to the clock port of the D trigger; at this time, the output response of the trigger is subjected to the exclusive nor operation with the value from the register REG2 after passing through the 1-2 data distributor, and the result of the operation is stored in the register REG2 after passing through the data selector;
d) the result in the register REG1 is the output response of the original input stimulus, and the result in the register REG1 is a reliable flag; when the reliable flag is 1, the input excitation-output response is reliable, otherwise, the input excitation-output response is unreliable;
wherein, S is the input signal of the data selector I, the data distributor II and the data selector II, K1 is the input signal of the data selector II and the data distributor II, and K2 is the input signal of the data selector III and the data distributor II.
A key generation method based on a compound PUF with anti-attack and self-checking characteristics comprises the following steps:
(1) selecting a primitive polynomial to configure a register of a feedback coefficient g of the m sequence generator;
(2) the original input excitation is used as the input excitation of a first-level PUF circuit module of the compound PUF, and each 1-bit original input excitation corresponds to the input excitation of each PicoPUF; each PicoPUF is first reset by the clear signal and then input with a signal by the rising edge of the start signal. Under the selection of input excitation, the output of the SR latch is selectively output;
(3) the first-level PUF circuit module outputs a response with a data length of 64 bits, and in order to keep the stability of data, the output response result of the first-level PUF is stored in a register REG;
(4) initializing the excitation generation module using the result in the register REG as a set value of the m-sequence generator; the m sequence generator is driven by a clock signal to generate pseudo-random number output, and the changed output is used as input excitation of the second-level PUF circuit module;
(5) two D trigger-based arbiter type PUF circuits of the second-level PUF circuit module receive the same input excitation and output results for pseudo-random numbers generated by the m-sequence generator;
(6) the output response and the reliability mark of the second-level PUF circuit module are used as the input of the result output module, and the output response and the reliability mark of the second-level PUF circuit module are selectively output according to the output of the m-sequence generator;
(7) if the reliability flag F of the result output module is 1, the response R of the current selection output is reliable, and the response R can be used as 1bit data of the key; if the reliability flag F of the result output module is 0, the response R of the current selection output is unreliable, the current output response R is abandoned, and the next input excitation signal from the m-sequence generator is waited.
Compared with the prior art, the invention has the following technical characteristics:
1. the physically unclonable function PUF is used for generating the secret key by utilizing the deviation of the process, so that the information safety problem that the secret key is leaked and tampered when the secret key is stored in a storage is avoided.
2. In order to avoid that a single PUF is easily attacked by means of side channel attack, machine learning attack and the like, the anti-attack performance of the system is improved, and a composite PUF structure is used for replacing the PUF with the single structure, so that the PUF structure becomes more complex, and higher security performance can be obtained with smaller hardware resource consumption.
3. The m-sequence generator is used as a controller for excitation generation, and the requirement of matching keys with different lengths is met.
4. In order to obtain a high-reliability key and reduce resource consumption for small and medium-sized embedded equipment, a self-checking mechanism is introduced into a hardware circuit, the high-reliability algorithm key can be obtained on the premise of not using an error correction technology, and the method is suitable for the use requirements of the small and medium-sized embedded equipment.
Drawings
Fig. 1 is a schematic structural diagram of a key generation system based on a composite PUF with anti-attack and self-test characteristics according to the present invention;
FIG. 2 is a schematic diagram of a single PicoPUF circuit configuration;
FIG. 3 is a schematic diagram of an m-sequence generator circuit;
FIG. 4 is a schematic diagram of a D flip-flop based arbiter type PUF circuit;
fig. 5 is a schematic diagram of a circuit structure of an arbiter type PUF based on D-triggering and having a self-test structure.
Detailed Description
Referring to fig. 1, the present invention provides a key generation system based on a compound PUF with anti-attack and self-check characteristics, which can be divided into 4 parts: 1. the first-level PUF circuit module consists of 64 PicoPUF +64bit triggers; 2. an excitation generating module composed of an m-sequence generator; 3. a second-level PUF circuit module composed of two D-trigger-based arbiter-type PUFs with self-checking structures; 4. the result output module is composed of two selectors.
The PicoPUF has a simple structure and good reliability and uniqueness, and 64 PicoPUF circuits are utilized to form a first-level PUF circuit module of the compound PUF key generation system in parallel, and a 64-bit output response is generated after 64-bit original excitation is received; to keep the output response stable, the result is registered in the register set REG.
The m sequence generator is composed of a linear feedback shift register, receives the output response of the first-level PUF circuit as a reset signal, and generates pseudo-random output according to a configured primitive polynomial after the reset is completed; the m sequence generator can generate output data with randomness and also can generate regular output according to the reset signal, and the structure is used in the scheme, so that the requirement of random access of the secret key is met while the secret key is prevented from being stored.
A D-trigger-based arbiter type PUF with a self-checking structure introduces a self-checking circuit structure on the circuit structure of a traditional D-trigger-based arbiter PUF, and provides a simple reliability checking method. The second level PUF circuit block is constructed with two D-trigger based arbiter type PUFs with self-test structures that receive the same pseudo-random output from the m-sequence generator as input stimuli and individually generate a response and a reliable flag, respectively.
And a result output module consisting of two selectors, and the response and the reliable mark of the second-level PUF circuit module are selectively output by using the last bit signal from the m-sequence generator as a selection control signal. For machine learning modeling attack, the simple structure is used to improve the complexity of the system and increase the difficulty of cracking so as to obtain higher security performance.
The various parts of the present invention will now be described in detail with reference to the accompanying drawings.
1. First-level PUF circuit module
The first level PUF circuit module mainly comprises 64 PicoPUFs, and the structure of a single PicoPUF circuit is shown in FIG. 2 and comprises the following components:
the digital-to-analog converter comprises a D trigger, an SR latch and a data selector. The two D-triggered Q 'ports are connected to the D ports of the D-triggered Q' ports, the Q ports are respectively connected to the S port and the R port of the SR latch, and the output of the SR latch is respectively connected to the 1 port and the 0 port of the data selector.
The design principle of the part is that a D trigger (R) is turned over under the trigger of a start signal, an SR latch latches the turned-over result of the D trigger, and a response R' is output under the selection action of a data selector (R) which takes an original signal as a selection signal.
The detailed working process of the partial circuit is as follows: firstly, resetting a Q port to be 0 by a D trigger (firstly) when receiving a reset signal clear; then, the D flip-flops (i) flip under the action of the start signal, due to the difference in the manufacturing process, the flip speeds of the two D flip-flops (i) are slightly different, and the SR latch (iii) connected with the D flip-flops (i) will distinguish the sequence of arrival of the flip-flop signals of the two D flip-flops, so that 0 or 1 is stably output. Finally, the signals at the upper end and the lower end of the SR latch can be selectively output under the selection action of the data selector through the original excitation.
Since the picoPUF circuit belongs to a weak PUF, only one excitation signal is received and one output response is generated, and the consumption of resources is low. Meanwhile, the composite PUF circuit has good reliability and uniqueness, so that the composite PUF circuit is used as a first-level PUF circuit structure of the composite PUF structure in the scheme.
2. Excitation generating module
The core of the excitation generating module of the m-sequence based generator is a circuit structure formed by linear feedback shift registers, as shown in fig. 3.
According to fig. 1, a key generation system based on a compound PUF, the coefficient N in fig. 3 is taken to be 64. The circuit comprises a linear feedback shift register formed by 64D triggers and 64 feedback coefficient g configuration registers. The Q port output and gi of the ith (i ═ 1 … N) D flip-flop are exclusive-ored and then are used as the input of the (i + 1) th D flip-flop D port.
The principle of design of this section is that the output from the first level PUF circuit block initializes the m-sequence generator in response to a set signal. Driven by the clock CLK, the Q port which is triggered every clock cycle D changes, and a pseudo-random composed of { Q1, Q2, … Q64} is used as the output of the m-sequence generator. g is a feedback coefficient, a value needs to be taken according to the primitive polynomial, when the value is 1, the feedback of the path exists, otherwise, the feedback does not exist.
Because the D trigger-based arbiter type PUF needs a plurality of bit input stimulus responses to obtain a 1-bit output response, a strategy needs to be introduced to automatically generate a plurality of groups of input stimuli for the D trigger-based arbiter type PUF to obtain output responses with different lengths, and an m-sequence generator is adopted to replace a manual input mode. For the same N value, different primitive polynomials are corresponded, and the feedback coefficient g is configured according to the different primitive polynomials, so that the complexity of the system is further increased, and higher safety performance is obtained.
3. Second-level PUF circuit module
A conventional D flip-flop based arbiter type PUF has a circuit configuration as shown in fig. 4. Mainly utilizes the characteristic that the line delay in the circuit has inevitable difference in the manufacturing process.
The design principle of the part is that the circuit forms two completely symmetrical delay paths by cascading a plurality of switch delay modules, each switch delay model comprises two symmetrical delay units, and two input signals respectively reach output through different delay units according to different selection signals. Because the chip has process deviation in the manufacturing process, the delay time of two paths which should be symmetrical in an ideal state has certain deviation, so that the time of reaching the D trigger is different. When the path reaching the data port of the D trigger is later than the path reaching the clock port, outputting a 0 signal; when the path to the data port of the D flip-flop is earlier than the path to the clock port, a 1 signal is output.
A D-flip-flop based arbiter-type PUF implements a physically unclonable function by extracting the delay skew of two symmetric paths. Assume that the path delay to the D flip-flop data port is T1The path delay of the clock port is T2When delay deviation ΔT=T1-T2The response is a number 0 > 0 and a number 1 when Δ T < 0. However, there are two problems in practical application:
(1) when the delay deviation Δ T is small, then its polarity is easily changed when the temperature and voltage are changed, resulting in a change in response. Only when the delay deviation Δ T is large, the output response thereof is not easily affected, i.e., is reliable.
(2) For a D flip-flop, the hold timing needs to be satisfied when Δ T > 0 and the setup timing needs to be satisfied when Δ T < 0. The output result is therefore reliable when the absolute value of the delay deviation is greater than a certain value.
Therefore, whether the output response of the circuit is reliable or not is judged by introducing a threshold value and judging the relative magnitude of the delta T and the threshold value.
A D-trigger based arbiter-type PUF with a self-test structure, whose structure is shown in fig. 5:
on the basis of the structure of fig. 4, a delay module and a self-checking module are respectively added in front of and behind a trigger of an arbiter D to jointly form a reliability self-checking mechanism, the delay module comprises a data selector (c) and a delay unit (c), and the self-checking module comprises a 1-2 data distributor (c), a data selector (c) and a register (c).
For the delay module, delay data from a path 1 are respectively connected to a port 1 of a data selector I, and delay data from a path 2 are respectively connected to a port 0 and a port 1 of the data selector I; the output of the first data selector is respectively connected to the 0 port of the second data selector after passing through a delay unit. For the self-checking module, the output response of the arbiter D trigger is connected to the input ends of the register (c) and the 1-2 data distributor (c) through the 1-2 data distributor (c) and the back 1 output end and the 0 output end respectively; the 1 output end of the 1-2 data distributor is connected to the 1 port of the data selector, the 0 output end and the output of the register are connected to the 0 port of the data selector; the output terminal of the data selector is connected to the input port of the register.
The detailed working process of the reliability self-checking mechanism is as follows:
a) when K1 is 1 and K2 is 1, the system is in a normal operating state, at this time, the delays of path 1 and path 2 reach the data port and the clock port of the D flip-flop respectively through the data selector (c), and the output response of the flip-flop is stored in the register REG1 after passing through the 1-2 data distributor (c).
b) When K1 is equal to 0, K2 is equal to 1, and S is equal to 1, the system is self-checking the operation status, the delay of path 1 is added with the delay value T of delay unit ninucThen reaches the data port of the D trigger through the data selector, and the path 2 is unchanged. At this time, the output response of the flip-flop is stored in the register REG2 through the 1-2 data distributor (r) and the data selector (c).
c) When K1 is equal to 1, K2 is equal to 0, and S is equal to 0, the system is self-checking the operation status, and the delay of path 2 is added with the delay value T of delay unit ninucThen the path 1 is unchanged through the clock port from the data selector to the D trigger. At this time, the output response of the flip-flop is subjected to an exclusive nor operation with the value from the register REG2 through the 1-2 data distributor (r), and the result of the operation is stored in the register REG2 through the data selector (c).
d) At this point, the result in register REG1 is the output response of the original input stimuli and the result in register REG1 is the reliable flag. When the reliable flag is 1, the input excitation-output response is reliable, otherwise, the input excitation-output response is unreliable;
wherein, S is the input signal of the data selector I, the data distributor II and the data selector II, K1 is the input signal of the data selector II and the data distributor II, and K2 is the input signal of the data selector III and the data distributor II.
The reliability self-checking mechanism has the design principle that:
in operation b), the delay deviation is changed from Δ T to Δ T1=(T1+Tc)-T2(ii) a In the c) operation, the delay deviation is changed from Δ T to Δ T2=T1-(T2+Tc). Comprises the following steps:
(1) when the result of the exclusive-nor operation is 1, it means that the output responses of the same delay introduced into the different paths are the same, and there is Δ T1And Δ T2Is of the same polarity, i.e. Δ T1≥0,ΔT2Not less than 0, or Δ T1≤0,ΔT2Less than or equal to 0. Due to TcConstantly positive, therefore, it can be determined that | Δ T | ═ T1-T2|≥TcIt is always true that the original output response is considered reliable.
(2) When the result of the exclusive nor operation is 0, it indicates that the output responses introducing the same delay to different paths are different, Δ T1And Δ T2Is not the same in polarity, i.e. Δ T1>0,ΔT2< 0, or Δ T1<0,ΔT2Is greater than 0. Due to TcAlways positive, so it can be determined that | Δ T | ═ T1-T2|<TcIt is always true that the original output response is unreliable.
According to the process requirements of the integrated circuit, the requirements of the hold time sequence and the setup time sequence of the D flip-flop are easily known, and the threshold value can be selected as follows according to the process requirements: t isc=nax{Thold,Tsetup}。
2 can be generated due to the n-stage delay modulenThe CRPs (Challenge replay Pairs) can obtain higher security performance by increasing the number of stages of delay modules, and is a strong PUF. In the scheme, the PUF structure is taken as a second-level circuit structure of the compound PUF structure. According to fig. 1 and 4, n has a value of 64.
Based on the technical scheme, in order to reduce the chip cost of small and medium-sized embedded devices and reduce the use of hardware circuit resources, according to the key generation system based on the composite PUF shown in FIG. 1, 64-bit data length is adopted as the original incentive of the scheme. The invention further provides a key generation method based on the compound PUF with anti-attack and self-checking characteristics, which comprises the following steps:
(1) and selecting an appropriate primitive polynomial to configure the register of the feedback coefficient g of the m sequence generator according to the condition that N is 64. By selecting different primitive polynomial choices, different stimulus generation modules can be constructed.
(2) Using 64-bit original input excitation as input excitation of a first-level PUF circuit module of the compound PUF, wherein each 1-bit original input excitation corresponds to the input excitation of each PicoPUF; each PicoPUF is first reset by the clear signal and then input with a signal by the rising edge of the start signal. Under the selection of input excitation, the output of the SR latch is selectively output.
(3) The first-level PUF circuit outputs a response of 64-bit data length, and the output response result of the first-level PUF is stored in the register REG in order to maintain the stability of the data.
(4) The stimulus generation module is initialized using the result in the register REG as a set value for the m-sequence generator. The m-sequence generator is driven by a clock signal to generate a 64-bit pseudo-random number output. The varying output is excited as an input to the second level PUF circuit.
(5) The second level of the complex PUF consists of two D-flip-flop based arbiter type PUFs with self-test structures, accepting the same input stimuli (pseudo-random number output results from the m-sequence generator).
(6) The output response and the reliability flag of the second-level PUF circuit block are input to the result output block, and the output response and the reliability flag of the second-level PUF circuit block are selectively output using Q64 (last bit signal of the m-sequence generator) as a selection signal.
(7) If the reliability flag F of the result output module is 1, the response R of the current selection output is reliable, and the response R can be used as 1bit data of the key; if the reliability flag F of the result output module is 0, the response R of the current selection output is unreliable, the current output response R is abandoned, and the next input excitation signal from the m-sequence generator is waited.
In order to meet the requirements of different encryption algorithms on algorithm keys with different lengths, the scheme achieves the purpose by controlling the m-sequence generator to generate excitation signals for different times.
In a key generation scheme based on a composite PUF, through the combination of a PicoPUF and an arbiter PUF based on D trigger and the control of excitation generation through an m-sequence generator, the structure of the PUF becomes more complex, and higher security performance can be obtained with smaller hardware cost.
The above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims (7)

1. A key generation system based on a compound PUF with anti-attack and self-checking characteristics is characterized by comprising a first-level PUF circuit module, an excitation generation module, a second-level PUF circuit module and a result output module, wherein:
the first-level PUF circuit module comprises N PicoPUF circuits which are arranged in parallel, and the PicoPUF circuits are used for receiving an original stimulus and generating an output response with N bits and registering the response in a register group;
the excitation generation module comprises an m-sequence generator, the m-sequence generator is used for receiving the output response of the first-level PUF circuit module as a reset signal, and after the reset is completed, pseudo-random output is generated according to the configured primitive polynomial;
the second-level PUF circuit module comprises two D trigger-based arbiter PUF circuits, and self-checking circuits are arranged in the D trigger-based arbiter PUF circuits; the two D-flip-flop based arbiter type PUF circuits receive the pseudo-random output from the m-sequence generator as input stimuli and respectively generate a response and a reliable flag independently;
and the result output module comprises two selectors, and the response of the output result of the second-level PUF circuit module and the reliable mark are selectively output by using the last bit signal from the m-sequence generator as a selection control signal.
2. The system for generating a key based on a composite PUF with anti-attack and self-test characteristics according to claim 1, wherein the PicoPUF circuit in the first level PUF circuit module includes a D flip-flop (r), an SR latch (r), and a data selector (r), wherein:
when a D trigger (a) receives a reset signal clear, a Q port is reset to be 0; then, the D flip-flop (I) is turned over under the action of a start signal, and an SR latch (III) connected with the D flip-flop (I) can distinguish the arrival sequence of the turning signals of the two flip-flops, so that 0 or 1 can be stably output; under the selection action of the data selector (IV) through original excitation, signals at the upper end and the lower end of the SR latch (IV) can be selectively output.
3. A composite PUF-based key generation system according to claim 1, having anti-attack and self-test properties, wherein the m-sequence generator in the stimulus generation module comprises a circuit arrangement of linear feedback shift registers, the circuit arrangement comprising N linear feedback shift registers of D flip-flops and N feedback coefficient g configuration registers; the Q port output of the ith (i ═ 1 … N) D flip-flop is exclusive-ored with the ith g, and the exclusive-or is used as the input of the (i + 1) th D flip-flop D port.
4. A composite PUF-based key generation system according to claim 3 having anti-attack and self-test properties, wherein the m-sequence generator is initialised in response to an output from the first level PUF circuit block as a set signal; under the drive of a clock CLK, a Q port triggered by each clock period D changes to form a pseudo-random output which is used as an m sequence generator; the feedback coefficient g needs to be valued according to the primitive polynomial, and when the value is 1, it indicates that the feedback of the path exists, otherwise, it indicates that the feedback does not exist.
5. The system for generating a key based on a composite PUF with anti-attack and self-inspection characteristics according to claim 1, wherein in the second-level PUF circuit module, the self-inspection circuit in the arbiter-type PUF circuit based on the D flip-flop includes a delay module and a self-inspection module, the delay module includes a data selector (r) and a delay unit (r), and the self-inspection module includes a 1-2 data distributor (r), a data selector (c), and a register (r);
for the delay module, delay data from a path 1 are respectively connected to a port 1 of a data selector I, and delay data from a path 2 are respectively connected to a port 0 and a port 1 of the data selector I; the output of the first data selector is respectively connected to the 0 port of the second data selector after passing through a delay unit;
for the self-checking module, the output response of the arbiter D trigger is connected to the input ends of the register (c) and the 1-2 data distributor (c) through the 1-2 data distributor (c) and the back 1 output end and the 0 output end respectively; the 1 output end of the 1-2 data distributor is connected to the 1 port of the data selector, the 0 output end and the output of the register are connected to the 0 port of the data selector; the output terminal of the data selector is connected to the input port of the register.
6. A composite PUF-based key generation system with anti-attack and self-check properties according to claim 1, wherein the working process of the reliability self-check mechanism formed by the delay module and the self-check module together is as follows:
a) when K1 is equal to 1 and K2 is equal to 1, the system is in a normal working state, the time delay of the path 1 and the path 2 respectively reaches a data port and a clock port of a D trigger through a data selector (c), and the output response of the trigger is stored in a register REG1 after passing through a 1-2 data distributor (c);
b) when K1 is equal to 0, K2 is equal to 1, and S is equal to 1, the system is self-checking the operation status, the delay of path 1 is added with the delay value T of delay unit ninucThen, the data reaches a data port of the D trigger through a data selector, and a path 2 is unchanged; at this time, the output response of the trigger is stored in the register REG2 after passing through the 1-2 data distributor (r) and the data selector (c);
c) when K1 is equal to 1, K2 is equal to 0, and S is equal to 0, the system is self-checking the operation status, and the delay of path 2 is added with the delay value T of delay unit ninucThen, the path 1 is unchanged from the data selector to the clock port of the D trigger; at this time, touchThe output response of the transmitter is subjected to the exclusive OR operation with the value from the register REG2 after passing through the 1-2 data distributor, and the operation result is stored in the register REG2 after passing through the data selector;
d) the result in the register REG1 is the output response of the original input stimulus, and the result in the register REG1 is a reliable flag; when the reliable flag is 1, the input excitation-output response is reliable, otherwise, the input excitation-output response is unreliable;
wherein, S is the input signal of the data selector I, the data distributor II and the data selector II, K1 is the input signal of the data selector II and the data distributor II, and K2 is the input signal of the data selector III and the data distributor II.
7. A key generation method based on a compound PUF with anti-attack and self-checking characteristics is characterized by comprising the following steps:
(1) selecting a primitive polynomial to configure a register of a feedback coefficient g of the m sequence generator;
(2) the original input excitation is used as the input excitation of a first-level PUF circuit module of the compound PUF, and each 1-bit original input excitation corresponds to the input excitation of each PicoPUF; each PicoPUF is first reset by the clear signal and then input with a signal by the rising edge of the start signal. Under the selection of input excitation, the output of the SR latch is selectively output;
(3) the first-level PUF circuit module outputs a response with a data length of 64 bits, and in order to keep the stability of data, the output response result of the first-level PUF is stored in a register REG;
(4) initializing the excitation generation module using the result in the register REG as a set value of the m-sequence generator; the m sequence generator is driven by a clock signal to generate pseudo-random number output, and the changed output is used as input excitation of the second-level PUF circuit module;
(5) two D trigger-based arbiter type PUF circuits of the second-level PUF circuit module receive the same input excitation and output results for pseudo-random numbers generated by the m-sequence generator;
(6) the output response and the reliability mark of the second-level PUF circuit module are used as the input of the result output module, and the output response and the reliability mark of the second-level PUF circuit module are selectively output according to the last bit signal of the m-sequence generator;
(7) if the reliability flag F of the result output module is 1, the response R of the current selection output is reliable, and the response R can be used as 1bit data of the key; if the reliability flag F of the result output module is 0, the response R of the current selection output is unreliable, the current output response R is abandoned, and the next input excitation signal from the m-sequence generator is waited.
CN202011031519.8A 2020-09-27 2020-09-27 Anti-attack and self-checking characteristic key generation system and method based on composite PUF Active CN112272084B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011031519.8A CN112272084B (en) 2020-09-27 2020-09-27 Anti-attack and self-checking characteristic key generation system and method based on composite PUF

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011031519.8A CN112272084B (en) 2020-09-27 2020-09-27 Anti-attack and self-checking characteristic key generation system and method based on composite PUF

Publications (2)

Publication Number Publication Date
CN112272084A true CN112272084A (en) 2021-01-26
CN112272084B CN112272084B (en) 2023-04-07

Family

ID=74349675

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011031519.8A Active CN112272084B (en) 2020-09-27 2020-09-27 Anti-attack and self-checking characteristic key generation system and method based on composite PUF

Country Status (1)

Country Link
CN (1) CN112272084B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113177007A (en) * 2021-05-20 2021-07-27 湖北工业大学 High-reliability Arbiter PUF circuit based on deviation compensation
CN114584297A (en) * 2022-03-01 2022-06-03 广东工业大学 Encryption and decryption system and encryption and decryption method based on physical unclonable technology
CN114928454A (en) * 2022-06-09 2022-08-19 湖南大学 CRP (common noise control) obfuscation circuit and data obfuscation method
CN115865353A (en) * 2023-02-23 2023-03-28 湖北工业大学 Strong PUF circuit based on transient effect ring oscillator and response generation method

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107862101A (en) * 2017-09-12 2018-03-30 广东工业大学 A kind of circuit structure of the brand-new framework physics unclonable function based on moderator
US20180198447A1 (en) * 2017-01-12 2018-07-12 Semiconductor Components Industries, Llc Component authentication utilizing multi-level arbiter
CN109063515A (en) * 2018-07-10 2018-12-21 湖北工业大学 For the reliability enhancing structure and its Enhancement Method of moderator PUF
CN109614790A (en) * 2018-11-28 2019-04-12 河海大学常州校区 Light-weight authentication equipment and authentication method based on feedback loop PUF
US20200052912A1 (en) * 2018-08-13 2020-02-13 Taiwan Semiconductor Manufacturing Co., Ltd. Method and apparatus for protecting embedded software
CN110929299A (en) * 2019-12-04 2020-03-27 湖北工业大学 Reliability self-checking circuit for arbiter PUF and reliability enhancing method
CN111339576A (en) * 2020-02-12 2020-06-26 鹏城实验室 Three-state physical unclonable function circuit, control method and chip
CN111385091A (en) * 2018-12-31 2020-07-07 三星电子株式会社 Integrated circuit and apparatus for security of physically unclonable functions

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180198447A1 (en) * 2017-01-12 2018-07-12 Semiconductor Components Industries, Llc Component authentication utilizing multi-level arbiter
CN107862101A (en) * 2017-09-12 2018-03-30 广东工业大学 A kind of circuit structure of the brand-new framework physics unclonable function based on moderator
CN109063515A (en) * 2018-07-10 2018-12-21 湖北工业大学 For the reliability enhancing structure and its Enhancement Method of moderator PUF
US20200052912A1 (en) * 2018-08-13 2020-02-13 Taiwan Semiconductor Manufacturing Co., Ltd. Method and apparatus for protecting embedded software
CN109614790A (en) * 2018-11-28 2019-04-12 河海大学常州校区 Light-weight authentication equipment and authentication method based on feedback loop PUF
CN111385091A (en) * 2018-12-31 2020-07-07 三星电子株式会社 Integrated circuit and apparatus for security of physically unclonable functions
CN110929299A (en) * 2019-12-04 2020-03-27 湖北工业大学 Reliability self-checking circuit for arbiter PUF and reliability enhancing method
CN111339576A (en) * 2020-02-12 2020-06-26 鹏城实验室 Three-state physical unclonable function circuit, control method and chip

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113177007A (en) * 2021-05-20 2021-07-27 湖北工业大学 High-reliability Arbiter PUF circuit based on deviation compensation
CN113177007B (en) * 2021-05-20 2023-02-21 湖北工业大学 High-reliability arbiterPUF circuit based on deviation compensation
CN114584297A (en) * 2022-03-01 2022-06-03 广东工业大学 Encryption and decryption system and encryption and decryption method based on physical unclonable technology
CN114584297B (en) * 2022-03-01 2024-02-27 广东工业大学 Encryption and decryption system and encryption and decryption method based on physical unclonable technology
CN114928454A (en) * 2022-06-09 2022-08-19 湖南大学 CRP (common noise control) obfuscation circuit and data obfuscation method
CN114928454B (en) * 2022-06-09 2024-01-09 湖南大学 CRP (common-point control) confusion circuit and data confusion method
CN115865353A (en) * 2023-02-23 2023-03-28 湖北工业大学 Strong PUF circuit based on transient effect ring oscillator and response generation method

Also Published As

Publication number Publication date
CN112272084B (en) 2023-04-07

Similar Documents

Publication Publication Date Title
CN112272084B (en) Anti-attack and self-checking characteristic key generation system and method based on composite PUF
Sahoo et al. A multiplexer-based arbiter PUF composition with enhanced reliability and security
Majzoobi et al. Lightweight secure pufs
US9628272B2 (en) PUF authentication and key-exchange by substring matching
Megha Mukundan et al. Hash‐One: a lightweight cryptographic hash function
CN109614790B (en) Lightweight authentication equipment and authentication method based on feedback loop PUF
Banik et al. A differential fault attack on the grain family under reasonable assumptions
CN112364391A (en) Arbiter PUF reliable response screening system and bias control and response screening method thereof
CN112713894B (en) Strong and weak mixed PUF circuit
Hammouri et al. A tamper-proof and lightweight authentication scheme
CN113297634B (en) Physical unclonable function hardware circuit based on full spin logic and implementation method
Chatterjee et al. Theory and application of delay constraints in arbiter PUF
Ning et al. Modeling and efficiency analysis of clock glitch fault injection attack
Gu et al. A modeling attack resistant deception technique for securing PUF based authentication
CN108683505A (en) A kind of high security APUF circuit structures
US20090204656A1 (en) Pseudo random number generator and method for generating a pseudo random number bit sequence
Wu et al. FLAM-PUF: A response–feedback-based lightweight anti-machine-learning-attack PUF
Hemavathy et al. Arbiter PUF-a review of design, composition, and security aspects
Abdelraheem et al. Cryptanalysis of ARMADILLO2
Jana et al. Differential Fault Attack on PHOTON-Beetle
Chatterjee et al. SACReD: An attack framework on SAC resistant delay-PUFs leveraging bias and reliability factors
Hou et al. A lightweight and secure-enhanced Strong PUF design on FPGA
Khaleghi et al. An stt-MRAM based strong PUF
Surya et al. Local clock glitching fault injection with application to the ASCON cipher
Dan et al. A modeling attack resistant R-XOR APUF based on FPGA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant