Journal of Signal Processing Systems

, Volume 67, Issue 1, pp 15–29 | Cite as

Using Data Contention in Dual-ported Memories for Security Applications

  • Tim GüneysuEmail author


Field Programmable Gate Arrays (FPGA) provide the invaluable feature of dynamic hardware reconfiguration by loading configuration bit files. However, this flexibility also opens up the threat of theft of Intellectual Property (IP) since these configuration files can be easily extracted and cloned. In this context, the ability to bind an application configuration to a specific device is an important step to prevent product counterfeiting. Furthermore, such a technology can also enable advanced business models such as device-specific feature activation. In this work, we present a new technique to generate entropy on FPGA device—based on data contention in the hardware circuitry. For this entropy, we use the output of intentionally generated write collisions in synchronous dual-ported block RAMs (BRAM). We show that the parts of this output generated by such write collisions can be either probabilistic but also deterministic and device-specific. The characteristics of such an entropy source can be used for a large variety of security applications, such as chip identification and device authentication. In addition to that, we also propose a solution to efficiently create cryptographic keys on-chip at runtime. As a last contribution, we eventually present a strategy how to transform this entropy source into a circuit for True Random Number Generation (TRNG).


Write collisions Field-programmable gate arrays Security applications Device identification Random number generation Metastability Data contention Dual-ported block RAM 

Supplementary material

11265_2010_560_MOESM1_ESM.pdf (280 kb)
(PDF 280 KB)


  1. 1.
    Altera Corporation (2004). FPGA design security solution using MAX II devices. White Paper, September 2004. ver. 1.0 at
  2. 2.
    Bösch, C., Guajardo, J. Sadeghi, A.-R., Shokrollahi, J., & Tuyls, P. (2008). Efficient helper data key extractor on FPGAs. In Cryptographic Hardware and Embedded Systems—CHES 2008. Lecture notes in computer science (Vol. 5154, pp. 181–197). Berlin/Heidelberg: Springer.CrossRefGoogle Scholar
  3. 3.
    Bundesamt für Sicherheit in der Informationstechnik (2001). AIS 31—Functionality classes and evaluation methodology for physical random number generators. Application note, September 2001.
  4. 4.
    Callegari, S., Rovatti, R., & Setti, G. (2005). First direct implementation of a true random source on programmable hardware: Research articles. International Journal of Circuit Theory and Applications, 33(1), 1–16.zbMATHCrossRefGoogle Scholar
  5. 5.
    Danger, J. L., Guilley, S., & Hoogvorst, P. (2009). High speed true random number generator based on open loop structures in fpgas. Microelectronics Journal, 40(11), 1650–1656.CrossRefGoogle Scholar
  6. 6.
    Davies, R. B. (2002). Exclusive OR (XOR) and hardware random number generators. Accessed 28 February 2002.
  7. 7.
    Dichtl, M., & Golić, J. D. (2007). High-speed true random number generation with logic gates only. In Cryptographic hardware and embedded systems—CHES 2007 (pp. 45–62) Berlin/Heidelberg: Springer.CrossRefGoogle Scholar
  8. 8.
    Digilent Inc. (2009). Spartan-3 Board, populated with XC3S200 FPGAs, 2009.
  9. 9.
    Dodis, Y., Ostrovsky, R., Reyzin, L., & Smith, A. (2008). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139.zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Epstein, M., Hars, L., Krasinski, R., Rosner, M., & Zheng, H. (2003). Design and implementation of a true random number generator based on digital circuit artifacts. In Cryptographic hardware and embedded systems—CHES 2003. Lecture notes in computer science (Vol. 2779, pp. 152–165). Berlin/Heidelberg: Springer.CrossRefGoogle Scholar
  11. 11.
    Fischer, V., & Drutarovský, M. (2002). True random number generator embedded in reconfigurable hardware. In Cryptographic hardware and embedded systems—CHES 2002.Lecture notes in computer science (Vol. 2523, pp. 415–430). Springer-Verlag.Google Scholar
  12. 12.
    Gassend, B., Clarke, D., Van Dijk, M., & Devadas, S. (2002). Silicon physical random functions. In 9th ACM Conference on computer and communications security (pp. 148–160). New York: ACM.CrossRefGoogle Scholar
  13. 13.
    Golic, J. D. (2006). New methods for digital generation and postprocessing of random data. IEEE Transactions on Computers, 55(10), 1217–1229.CrossRefGoogle Scholar
  14. 14.
    Guajardo, J., Kumar, S., Schrijen, G., & Tuyls, P. (2007). FPGA intrinsic PUFs and their use for IP protection. In Cryptographic hardware and embedded systems—CHES 2007 (Vol. 4727, p. 63). Springer.Google Scholar
  15. 15.
    Guajardo, J., Kumar, S., Schrijen, G., & Tuyls, P. (2007). Physical Unclonable Functions and public-key crypto for FPGA IP Protection. In International conference on field programmable logic and applications, 2007. FPL 2007 (pp. 189–195).Google Scholar
  16. 16.
    Güneysu, T., Kasper, T., Novotný, M., Paar, C., & Rupp, A. (2008). Cryptanalysis with COPACOBANA. IEEE Transactions on Computers, 57(11), 1498–1513.CrossRefGoogle Scholar
  17. 17.
    Güneysu, T., Möller, B., & Paar, C. (2007). Dynamic intellectual property protection for reconfigurable devices. In Proceedings of the IEEE international conference on field-programmable technology (ICFPT 2007) (pp. 169–176). IEEE Computer Society.Google Scholar
  18. 18.
    Güneysu, T., & Paar, C. (2009). Transforming write collisions in block RAMs into security applications. In International conference on field-programmable technology—FPT 2009. (pp. 128–134). IEEE.Google Scholar
  19. 19.
    Jenkins J., Lesea, A., & Alfke, P. (2009). VIRTEX: Under the hood—an insider’s guide to Xilinx FPGAs. Technical report, Xilinx Inc.Google Scholar
  20. 20.
    Kean, T. (2002). Cryptographic rights management of FPGA intellectual property cores. In 10th international symposium on field-programmable gate arrays (FPGA 2002). Monterey, CA.Google Scholar
  21. 21.
    Kohlbrenner, P., & Gaj, K. (2004). An embedded true random number generator for fpgas. In FPGA ’04: Proceedings of the 2004 ACM/SIGDA 12th international symposium on field programmable gate arrays (pp. 71–78). New York: ACM.CrossRefGoogle Scholar
  22. 22.
    Kumar, S., Guajardo, J., Maes, R., Schrijen, G., & Tuyls, P. (2008). Extended abstract: The butterfly PUF protecting IP on every FPGA. In IEEE international workshop on hardware-oriented security and trust (HOST 2008) (pp. 67–70).Google Scholar
  23. 23.
    Kwok, S. H. M., & Lam, E. Y. (2006). Fpga-based high-speed true random number generator for cryptographic applications. In IEEE proc. TENCON 2006 (pp. 1–4).Google Scholar
  24. 24.
    Maes, R., Tuyls, P., & Verbauwhede, I. (2008). Intrinsic PUFs from flip-flops on reconfigurable devices. In 3rd Benelux workshop on information and system security (WISSec 2008).Google Scholar
  25. 25.
    Maes, R., Tuyls, P., & Verbauwhede, I. (2009). Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In Cryptographic hardware and embedded systems—CHES 2009 LNCS (Vol. 5747, pp. 332–347). Springer-Verlag.Google Scholar
  26. 26.
    Marsaglia, G. (1995). The Marsaglia random number CDROM including the Diehard Battery of tests of randomness. Accessed 28 June 2010.
  27. 27.
    Mick, J. R. (1996). Application note AN-45: Introduction to IDT’s FourPort RAM. Technical report, Integrated Device Technology, Inc.Google Scholar
  28. 28.
    National Institute of Standards and Technology (NIST) (2007). Recommendation for random number generation using deterministic random bit generators. NIST Special Publication SP 800-90.Google Scholar
  29. 29.
    Pappu, R., Recht, B., Taylor, J., & Gershenfeld, N. (2002). Physical one-way functions. Science, 297(5589), 2026–2030.CrossRefGoogle Scholar
  30. 30.
    J. Rice. Mathematical statistics and data analysis. Duxbury Press, 1995. ISBN: 0-534-20934-3.Google Scholar
  31. 31.
    Schindler, W. (2001). Efficient online tests for true random number generators. In Cryptographic hardware and embedded systems—CHES 2001. Lecture notes in computer science (Vol. 2162, pp. 103–117). Berlin/Heidelberg: Springer.CrossRefGoogle Scholar
  32. 32.
    Schindler, W., & Killmann, W. (2003). Evaluation criteria for true (physical) random number generators used in cryptographic applications. In Cryptographic hardware and embedded systems—CHES 2002. Lecture notes in computer science (Vol. 2523, pp. 431–449). Berlin/Heidelberg: Springer.CrossRefGoogle Scholar
  33. 33.
    Simpson, E., & Schaumont, P. (2006). Offline hardware/ software authentication for reconfigurable platforms. In Cryptographic hardware and embedded systems—CHES 2006. LNCS (Vol. 4249, pp. 311–323).Google Scholar
  34. 34.
    Smerdon, M. (2008). Security solutions using Spartan-3 generation FPGAs. Xilinx Inc., April 2008.
  35. 35.
    Sunar, B., Martin, W. J., & Stinson, D. R. (2007). A provably secure true random number generator with built-in tolerance to active attacks. SIAM Journal on Computing, 56(1), 109–119.MathSciNetGoogle Scholar
  36. 36.
    Trusted Computing Group (TCG) (2006). TPM specification, version 1.2 revision 94, March 2006.
  37. 37.
    Tsoi, K. H., Leung, K. H., & Leong, P. H. W. (2003). Compact fpga-based true and pseudo random number generators. In FCCM ’03: Proceedings of the 11th annual IEEE symposium on field-programmable custom computing machines (p. 51). Washington: IEEE Computer Society.CrossRefGoogle Scholar
  38. 38.
    Tuyls, P., Schrijen, G.-J., kori, B., van Geloven, J., Verhaegh, N., & Wolters, R. (2006). Read-proof hardware from protective coatings. In Cryptographic hardware and embedded systems—CHES 2006. Lecture notes in computer science (Vol. 4249, pp. 369–383). Berlin/Heidelberg: Springer.CrossRefGoogle Scholar
  39. 39.
    Walker, S., & Foo, S. (2001). Evaluating metastability in electronic circuits for random number generation. In Proc. IEEE computer society workshop VLSI (pp. 99–101).Google Scholar
  40. 40.
    Xilinx Application Note (2005). XAPP463—Using block RAM in Spartan-3 generation FPGAs. March 2005.

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Horst Görtz Institute for IT SecurityRuhr-Universität BochumBochumGermany

Personalised recommendations