CN112436945A - Secret key obtaining method based on SRAM-PUF - Google Patents
Secret key obtaining method based on SRAM-PUF Download PDFInfo
- Publication number
- CN112436945A CN112436945A CN202011253048.5A CN202011253048A CN112436945A CN 112436945 A CN112436945 A CN 112436945A CN 202011253048 A CN202011253048 A CN 202011253048A CN 112436945 A CN112436945 A CN 112436945A
- Authority
- CN
- China
- Prior art keywords
- puf
- sequence
- bch
- sram
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Abstract
The invention discloses a secret key obtaining method of an SRAM-PUF (static random access memory-physical unclonable function), belonging to the field of SoC (system on chip) information security. The SRAM-PUF chip and the temperature controller are placed on a set of detection device, detection software is connected with the detection device through a serial port, the power-on response, the sub-key generation and the key identification of the SRAM-PUF chip can be obtained, the RS error correction of the SRAM-PUF chip and the BCH code error correction of the detection software under severe conditions are carried out, the error correction capability can be improved, and the problem of low reliability of the chip caused by environmental influence is solved.
Description
Technical Field
The invention relates to the technical field of SoC information security, in particular to a secret key obtaining method based on an SRAM-PUF.
Background
PUF (physical unclonable function), also known as "chip DNA technology", generates random unique and unpredictable responses according to the property of the chip to produce differences due to uncontrollable process variations during the manufacturing process, so that PUF circuits can defend against a variety of traditional attack patterns, and are widely used in the security field to generate security keys.
The "challenge-response" mechanism is the basis for implementing PUF functions. Different PUF systems can generate different responses for the same stimulus, so an attacker cannot obtain the same stimulus response pair from other chips of the same model; for the same PUF, the difference between the responses generated at multiple times should approach 0 when it receives the same stimulus. Using this principle, SRAM-PUFs are often used in conjunction with a fuzzy extractor in generating cryptographic keys. The fuzzy extractor is composed of a generation model and a reconstruction model. When the password is generated, reading the output response of the SRAM-PUF under the action of input excitation, and generating a secret key and auxiliary data through a generation model; and during password reconstruction, the key is reconstructed by utilizing the auxiliary data and the stable response output response of the same stimulus acting on the PUF.
However, the PUF circuit is susceptible to interference of environmental variables such as temperature, electromagnetic interference, aging effect, power supply voltage, and the like, and there is a certain error between the reconstructed key and the generated key, so that an error correction coding module is introduced to the PUF chip to eliminate the interference of the error.
Disclosure of Invention
The invention aims to provide a secret key obtaining method based on an SRAM-PUF (static random access memory-physical unclonable function), which can obtain a correct secret key by detecting software decoding when an error bit of the SRAM-PUF exceeds the error correction capability of a chip design in a severe environment.
In order to solve the technical problem, the invention provides a secret key obtaining method based on an SRAM-PUF, which comprises the following steps:
the SRAM-PUF chip and the temperature controller are placed on a set of detection device, and detection software is connected with the detection device through a serial port and can acquire a power-on initial value and a temperature state of the SRAM-PUF chip;
collecting a stable power-on initial value, recording the stable power-on initial value as a sequence PUF, and recording a corresponding position sequence KeyFile; respectively adopting RS encoding and decoding and BCH encoding and decoding to generate a segment of sequence SRS、SBCH(ii) a Performing bitwise XOR operation by using the coding sequence and the PUF to obtain an auxiliary sequence helpDataRS、helpDataBCH;
Electrifying the SRAM-PUF chip once, reading the electrifying initial value of the KeyFile point position to obtain a sequence PUF ', and electrifying the sequence PUF' and the hellpDataRSPerforming exclusive-or operation to obtain a key sequence S1 to be authenticated; sending an authentication command and a key sequence to be authenticated S1 to the detection device, returning a decoded key S2, when S2 is equal to SRSIf so, returning to the authentication success; if not, then,
if the temperature controller returns to a state not at normal temperature, the sequences PUF' and helpData are processedBCHPerforming exclusive-or operation to obtain a key sequence S1' to be authenticated; the detection software performs BCH decoding on S1 ' to return a key S2 ', when S2 ' is equal to SBCHIf so, returning to the authentication success; otherwise, authentication fails.
Optionally, the sequence PUF, SRS、SBCHKnown to the system, invisible to the authenticated user; the helper sequence helpDataRS、helpDataBCHAnd the sequence KeyFile is visible to the authenticated user as a transmission sequence.
Optionally, the lengths of the RS codec and the BCH codec are consistent or inconsistent.
Optionally, the error correction capability of the BCH codec is greater than that of the RS codec.
Optionally, the sequence SRSWith the corresponding helper sequence helpDataRSOf uniform length, said sequence SBCHWith the corresponding helper sequence helpDataBCHThe lengths are consistent.
Optionally, the length of the sequence PUF is a value with a large code length in RS encoding and decoding and BCH encoding and decoding.
According to the key acquisition method based on the SRAM-PUF, the SRAM-PUF chip and the temperature controller are placed on a set of detection device, the detection software is connected with the detection device through a serial port, the power-on response of the SRAM-PUF chip can be acquired, the sub-key generation and the key identification are carried out in two stages, the RS error correction of the SRAM-PUF chip is carried out, the BCH code error correction of the detection software under severe conditions is carried out, the error correction capability is improved, and the problem of low reliability of the chip caused by environmental influence is solved.
Drawings
FIG. 1 is a block diagram of a key generation phase flow of a SRAM-PUF based key acquisition method;
FIG. 2 is a PUF distribution diagram of a SRAM-PUF based key acquisition method;
fig. 3 is a flow chart of a key identification phase of the key acquisition method based on the SRAM-PUF.
Detailed Description
The following describes a key acquisition method based on SRAM-PUF in further detail with reference to the accompanying drawings and specific embodiments. Advantages and features of the present invention will become apparent from the following description and from the claims. It is to be noted that the drawings are in a very simplified form and are not to precise scale, which is merely for the purpose of facilitating and distinctly claiming the embodiments of the present invention.
Example one
The invention provides a secret key obtaining method based on an SRAM-PUF (static random access memory-PUF), which is characterized in that an SRAM-PUF chip and a temperature controller are arranged on a set of detection device, detection software is connected with the detection device through a serial port, a power-on initial value and a temperature state of the SRAM-PUF chip can be obtained, and the secret key detection method is divided into two components of secret key generation and secret key identification:
(1) and a key generation stage: firstly, repeatedly electrifying for hundreds of times, collecting stable electrifying initial values in hundreds of times, recording the stable electrifying initial values as a sequence PUF, and recording a corresponding position sequence KeyFile; respectively adopting RS encoding and decoding and BCH encoding and decoding to generate a segment of sequence SRS、SBCH(ii) a Performing bitwise XOR operation by using the coding sequence and the PUF to obtain an auxiliary sequence helpDataRS、helpDataBCH(ii) a The sequence PUF, SRS、SBCHKnown to the system, invisible to the authenticated user; the helper sequence helpDataRS、helpDataBCHAnd the sequence KeyFile is visible to the authenticated user as a transmission sequence.
(2) And a key identification stage: electrifying the SRAM-PUF chip once, reading the electrifying initial value of the KeyFile point position to obtain a sequence PUF ', and electrifying the sequence PUF' and the hellpDataRSPerforming exclusive-or operation to obtain a key sequence S1 to be authenticated; sending an authentication command and a key sequence to be authenticated S1 to the detection deviceReturning the decoded key S2 when S2 equals SRSAnd if so, returning the authentication success.
Otherwise, if the temperature controller returns to a state not at normal temperature, the sequences PUF' and helpData are processedBCHPerforming exclusive-or operation to obtain a key sequence S1' to be authenticated; the detection software performs BCH decoding on S1 ' to return a key S2 ', when S2 ' is equal to SBCHIf so, returning to the authentication success; otherwise, authentication fails.
The lengths of the RS coding and decoding sequence and the BCH coding and decoding sequence can be inconsistent, but the error correction capability of the BCH coding and decoding is ensured to be larger than that of the RS coding and decoding; sequence SRSWith the corresponding helper sequence helpDataRSOf uniform length, sequence SBCHWith the corresponding helper sequence helpDataBCHThe lengths are consistent, and the sequence PUF length is a larger value of the code length in RS encoding and decoding and BCH encoding and decoding.
The key extraction method of the present invention is described in detail below with reference to specific examples. The SRAM-PUF is used for realizing the function of a physical unclonable function based on the characteristics of the SRAM, the size of a chip of the SRAM-PUF is 256kbits, the SRAM-PUF is divided into 128 blocks, each block is 2048 bits, the RS decoding function is arranged in the chip, and the RS code length is 640. The SRAM-PUF chip usage is mainly divided into two cases: firstly, the chip can repeatedly read out SRAM with the size of 256kbits in a key generation stage and output the SRAM through a serial port, and secondly, the chip can carry out error correction decoding on information which is input from the serial port and is subjected to RS coding in a key identification stage and output the result through the serial port. The process of the invention is carried out in two stages.
The key generation stage flow is as shown in fig. 1, the detection device is powered on to correctly connect with the detection software, in the detection software, a chip number and an address block are input, all power-on initial values of each address block are read, and the process is repeated for 100 times; software carries out bit comparison to these 100 groups of data, and the bit position that the statistics is stable, that is PUF, corresponds RS code length and is 640 bits, corresponds the BCH code, and through being 2236 bits to BCH code theoretical analysis suitable BCH code length, the error correction ability is 106 bits, combines actually to read data for byte reading, expands the BCH code for 2240bit, consequently takes 2240 bits to constitute the PUF sequence to record corresponds bit KeyFile.
At 25 ℃, 4096 address acquisition results randomly read by 24 chips are distributed as shown in the following fig. 2, and the stable PUF point number proportion and the proportion of 0 to 1 in the stable point number are both stable, which shows that the design of the SRAM-PUF has effectiveness.
Generating a finite field pseudo-random sequence Data aiming at the RS code, and obtaining a secret key S by utilizing RS codingRSInvisible to the authenticated user; PUF and SRSXOR operation to obtain auxiliary sequence helpDataRS,helpDataRSVisible to the authenticated user.
Similarly, the key S is obtained by BCH codingBCHInvisible to the authenticated user; PUF and SBCHXOR operation to obtain auxiliary sequence helpDataBCH,helpDataBCHVisible to the authenticated user.
The flow chart of the identification phase is shown in fig. 3, a user is electrified once to read a power-on initial value, obtains a PUF 'according to KeyFile point location information, and takes the first 640 bits of the PUF' and the helpDataRSThe sequence S1 obtained after the XOR is sent to the chip for authentication, and the return sequence is subjected to the authentication with the chip by the detection softwareRSAnd comparing whether the two are consistent or not, and if so, indicating that the authentication is passed. If the authentication is not passed, whether the temperature is in a non-normal temperature state or not is judged according to the value obtained by the temperature controller, and if the temperature is in a non-normal temperature state, the PUF' and the helpData are processedBCHPerforming BCH decoding on the sequence S1' obtained after the XOR by an upper computer, and performing the BCH decoding on the returned sequence S by detection softwareBCHAnd comparing whether the two are consistent, if so, indicating that the authentication is passed, otherwise, failing to authenticate.
And (3) carrying out key authentication on 24 chips at the normal temperature of 25 ℃, wherein the experimental result shows that the Hamming distance between 2240 PUFs' and the PUFs in the acquisition stage is [0,10], and the chips pass the authentication when carrying out the key authentication. And (3) performing key authentication on 24 chips at low temperature (-40 ℃), wherein the experimental result shows that the Hamming distance between 2240 PUFs' and the PUFs in the acquisition stage is 0,28, and the chips pass the authentication when the keys of the chips are identified. And (3) carrying out key authentication on 24 chips at high temperature (+85 ℃), wherein experimental results show that the Hamming distance between 2240 PUFs' and the PUFs in the acquisition stage is [2,49], and when carrying out chip key identification, the returned authentication fails. Then, the software key identification is carried out, and the authentication success is returned.
Experimental results show that the SRAM-PUF secret key acquisition method has the advantages that the SRAM-PUF chip and the temperature controller are placed on a set of detection device, the RS error correction of the SRAM-PUF chip is realized, the BCH code error correction of software is detected under severe conditions, the error correction capability can be improved, and the problem of low reliability of the chip caused by environmental influence is solved.
The above description is only for the purpose of describing the preferred embodiments of the present invention, and is not intended to limit the scope of the present invention, and any variations and modifications made by those skilled in the art based on the above disclosure are within the scope of the appended claims.
Claims (6)
1. A secret key obtaining method based on SRAM-PUF is characterized by comprising the following steps:
the SRAM-PUF chip and the temperature controller are placed on a set of detection device, and detection software is connected with the detection device through a serial port and can acquire a power-on initial value and a temperature state of the SRAM-PUF chip;
collecting a stable power-on initial value, recording the stable power-on initial value as a sequence PUF, and recording a corresponding position sequence KeyFile; respectively adopting RS encoding and decoding and BCH encoding and decoding to generate a segment of sequence SRS、SBCH(ii) a Performing bitwise XOR operation by using the coding sequence and the PUF to obtain an auxiliary sequence helpDataRS、helpDataBCH;
Electrifying the SRAM-PUF chip once, reading the electrifying initial value of the KeyFile point position to obtain a sequence PUF ', and electrifying the sequence PUF' and the hellpDataRSPerforming exclusive-or operation to obtain a key sequence S1 to be authenticated; sending an authentication command and a key sequence to be authenticated S1 to the detection device, returning a decoded key S2, when S2 is equal to SRSIf so, returning to the authentication success; if not, then,
if the temperature controller returns to a state not at normal temperature, the sequences PUF' and helpData are processedBCHPerforming exclusive-or operation to obtain a key sequence S1' to be authenticated; the detection software performs BCH decoding on S1 ' to return a key S2 ', when S2 ' is equal to SBCHIf so, returning to the authentication success; otherwise, authentication fails.
2. SRAM-PUF based key derivation method according to claim 1, wherein the sequence PUF, SRS、SBCHKnown to the system, invisible to the authenticated user; the helper sequence helpDataRS、helpDataBCHAnd the sequence KeyFile is visible to the authenticated user as a transmission sequence.
3. The SRAM-PUF based key acquisition method of claim 1, wherein the RS codec and the BCH codec sequence are identical in length or are not identical in length.
4. The SRAM-PUF based key acquisition method of claim 3, wherein the BCH codec has an error correction capability greater than the RS codec.
5. SRAM-PUF based key derivation method according to claim 4, wherein the sequence SRSWith the corresponding helper sequence helpDataRSOf uniform length, said sequence SBCHWith the corresponding helper sequence helpDataBCHThe lengths are consistent.
6. The SRAM-PUF-based key acquisition method according to claim 5, wherein the length of the sequence PUF is a value with a larger code length in RS encoding and decoding and BCH encoding and decoding.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011253048.5A CN112436945B (en) | 2020-11-11 | 2020-11-11 | Secret key obtaining method based on SRAM-PUF |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011253048.5A CN112436945B (en) | 2020-11-11 | 2020-11-11 | Secret key obtaining method based on SRAM-PUF |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112436945A true CN112436945A (en) | 2021-03-02 |
CN112436945B CN112436945B (en) | 2023-01-20 |
Family
ID=74700874
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011253048.5A Active CN112436945B (en) | 2020-11-11 | 2020-11-11 | Secret key obtaining method based on SRAM-PUF |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112436945B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113110380A (en) * | 2021-04-01 | 2021-07-13 | 四川九洲空管科技有限责任公司 | M6 mode friend or foe identification equipment comprehensive test system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102656588A (en) * | 2009-08-14 | 2012-09-05 | 本质Id有限责任公司 | Physically unclonable function with tamper prevention and anti-aging system |
CN104980268A (en) * | 2014-04-10 | 2015-10-14 | 西门子公司 | Key generating device and method for generating a key |
US9501664B1 (en) * | 2014-12-15 | 2016-11-22 | Sandia Corporation | Method, apparatus and system to compensate for drift by physically unclonable function circuitry |
CN106301786A (en) * | 2016-08-10 | 2017-01-04 | 南京航空航天大学 | A kind of physics based on SRAM type memorizer unclonable function response error correction circuit |
CN110730068A (en) * | 2019-09-25 | 2020-01-24 | 中国电子科技集团公司第五十八研究所 | Secret key extraction method based on SRAM-PUF |
-
2020
- 2020-11-11 CN CN202011253048.5A patent/CN112436945B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102656588A (en) * | 2009-08-14 | 2012-09-05 | 本质Id有限责任公司 | Physically unclonable function with tamper prevention and anti-aging system |
CN104980268A (en) * | 2014-04-10 | 2015-10-14 | 西门子公司 | Key generating device and method for generating a key |
US9501664B1 (en) * | 2014-12-15 | 2016-11-22 | Sandia Corporation | Method, apparatus and system to compensate for drift by physically unclonable function circuitry |
CN106301786A (en) * | 2016-08-10 | 2017-01-04 | 南京航空航天大学 | A kind of physics based on SRAM type memorizer unclonable function response error correction circuit |
CN110730068A (en) * | 2019-09-25 | 2020-01-24 | 中国电子科技集团公司第五十八研究所 | Secret key extraction method based on SRAM-PUF |
Non-Patent Citations (3)
Title |
---|
SACHIN TANEJA 等: ""PUF-based Key Generation with Design Margin Reduction via In-Situ and PVT Sensor Fusion"", 《ESSCIRC 2019 - IEEE 45TH EUROPEAN SOLID STATE CIRCUITS》 * |
徐太忠等: "基于纠错码模糊提取器的SRAM-PUF设计方法", 《计算机科学》 * |
邵健 等: ""基于SRAM-PUF的秘钥提取方案设计"", 《电子设计工程》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113110380A (en) * | 2021-04-01 | 2021-07-13 | 四川九洲空管科技有限责任公司 | M6 mode friend or foe identification equipment comprehensive test system |
CN113110380B (en) * | 2021-04-01 | 2022-06-14 | 四川九洲空管科技有限责任公司 | M6 mode friend or foe identification equipment comprehensive test system |
Also Published As
Publication number | Publication date |
---|---|
CN112436945B (en) | 2023-01-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Yang et al. | Hardware designs for security in ultra-low-power IoT systems: An overview and survey | |
Delvaux et al. | Helper data algorithms for PUF-based key generation: Overview and analysis | |
EP2359520B1 (en) | Distributed puf | |
JP5306465B2 (en) | Pre-calculation of message authentication code applied to secure memory | |
Oren et al. | On the effectiveness of the remanence decay side-channel to clone memory-based PUFs | |
Gao et al. | Building secure SRAM PUF key generators on resource constrained devices | |
CN110089075B (en) | Pseudo-random generation of matrices for computing fuzzy extractors and method for verification | |
CN101421792A (en) | Semiconductor device identifier generation method and semiconductor device | |
WO2006053304A9 (en) | Volatile device keys and applications thereof | |
WO2018141378A1 (en) | Methods and devices for protecting data | |
WO2002078248A1 (en) | Portable information storage medium and its authentification method | |
US11528135B2 (en) | Integrated circuit (IC) signatures with random number generator and one-time programmable device | |
CN106385316B (en) | PUF is fuzzy to extract circuit and method | |
CN106100823B (en) | Password protection device | |
CN112436945B (en) | Secret key obtaining method based on SRAM-PUF | |
CN115913577B (en) | Anti-physical clone equipment authentication system and method based on lightweight SPONGENT hash algorithm | |
CN110730068A (en) | Secret key extraction method based on SRAM-PUF | |
JP2007174024A (en) | Encryption processing apparatus | |
EP3865997B1 (en) | System and method for generating and authenticating a physically unclonable function | |
CN113079019B (en) | Integrated circuit device and method and system for generating security key thereof | |
CN111565110B (en) | Unified identity authentication system and method based on RO PUF multi-core system | |
JP6031729B1 (en) | RFID tag code generation device and method, authentication device and method, and program | |
Yu et al. | Security and reliability properties of syndrome coding techniques used in PUF key generation | |
JP4435593B2 (en) | Tamper resistant information processing equipment | |
Yu et al. | On designing PUF-based TRNGs with known answer tests |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |