Skip to main content
SpringerLink
Log in

Variable-Length Bit Mapping and Error-Correcting Codes for Higher-Order Alphabet PUFs—Extended Version

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Device-specific physical characteristics provide the foundation for physical unclonable functions (PUFs), a hardware primitive for secure storage of cryptographic keys. Thus far, they have been implemented by either directly evaluating a binary output or by mapping symbols from a higher-order alphabet to a fixed-length bit sequence. However, when combined with equidistant quantization, this causes significant bias in the derived secret which is a security issue. To overcome this limitation, we propose a variable-length bit mapping that reflects the properties of a Gray code in a different metric, namely the Levenshtein metric instead of the classical Hamming metric. Subsequent error correction is therefore based on a custom insertion/deletion error-correcting code (ECC). This new approach effectively counteracts the bias in the derived key already at the input side of the ECC. We present the concept for our scheme and demonstrate its feasibility based on an empirical PUF distribution. As a result, we increase the effective output bit length of the secret by over 40% compared to state-of-the-art approaches. In addition to that, we investigate different segmentation approaches which is important due to the variable length of the considered values. Practical implementation results demonstrate that the proposed scheme requires only a fraction of the execution time compared to Bose-Chaudhuri-Hocquenghem (BCH) codes. This opens up a new direction of ECCs for PUFs that output responses with symbols of a higher-order alphabet.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. For example, the element X1 is the output of a single node which is a symbol of the variable-length bit mapping.

References

  1. Armknecht F, Maes R, Sadeghi AR, Standaert FX, Wachsmann C (2011) A formalization of the security features of physical functions. In: IEEE symposium on security and privacy (S&P), pp 397–412

  2. Bleichenbacher D, Kiayias A, Yung M (2003) Decoding of interleaved Reed Solomon codes over noisy data. In: Baeten JCM, Lenstra JK, Parrow J, Woeginger GJ (eds) Automata, languages and programming, vol 2719, chap 9, p 188

  3. Bösch C, Guajardo J, Sadeghi AR, Shokrollahi J, Tuyls P (2008) Efficient helper data key extractor on FPGAs. In: Oswald E, Rohatgi P (eds) Workshop on cryptographic hardware and embedded systems (CHES)

  4. Brown A, Minder L, Shokrollahi A (2004) Probabilistic decoding of interleaved RS-codes on the q-ary symmetric channel. In: International symposium on information theory (ISIT). IEEE, p 326

  5. Colombier B, Bossuet L, Fischer V, Hely D (2017) Key reconciliation protocols for error correction of silicon PUF responses. IEEE Trans Inf Forensics Secur 12(8):1988–2002. https://ieeexplore.ieee.org/document/7890428

    Article  Google Scholar 

  6. Coppersmith D, Sudan M (2003) Reconstructing curves in three (and higher) dimensional space from noisy data. In: ACM symposium on theory of computing (STOC). ACM, pp 136–142

  7. Davida GI, Frankel Y, Matt BJ (1998) On enabling secure applications through off-line biometric identification. In: IEEE symposium on security and privacy (S&P), pp 148–157

  8. Delvaux J, Verbauwhede I (2014) Key-recovery attacks on various RO PUF constructions via helper data manipulation. In: Design, automation test in Europe conference exhibition (DATE)

  9. Delvaux J, Gu D, Verbauwhede I, Hiller M, Yu M (2015) Secure sketch metamorphosis: tight unified bounds. IACR eprint archive

  10. Delvaux J, Gu D, Verbauwhede I, Hiller M, Yu M (2016) Efficient fuzzy extraction of PUF-induced secrets: theory and applications. In: Conference on cryptographic hardware and embedded systems (CHES)

  11. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in cryptology (EUROCRYPT)

  12. Feng GL, Tzeng KK (1989) A generalized Euclidean algorithm for multisequence shift-register synthesis. IEEE Trans Inf Theory 35(3):584–594

    Article  MathSciNet  MATH  Google Scholar 

  13. Feng GL, Tzeng KK (1991) A generalization of the Berlekamp-Massey algorithm for multisequence shift-register synthesis with applications to decoding cyclic codes. IEEE Trans Inf Theory 37(5):1274–1287

    Article  MathSciNet  MATH  Google Scholar 

  14. Gray F (1953) Pulse code communication. US Patent 2,632,058

  15. Guajardo J, Kumar S, Schrijen GJ, Tuyls P (2007) FPGA Intrinsic PUFs and their use for IP protection. In: Workshop on cryptographic hardware and embedded systems (CHES)

  16. Günlü O, Iscan O (2014) DCT based ring oscillator physical unclonable functions. In: IEEE international conference on acoustics, speech and signal processing (ICASSP), pp 8248–8251

  17. Ignatenko T, Willems FM (2010) Information leakage in fuzzy commitment schemes. IEEE Trans Inf Forensics Secur 5(2):337–348

    Article  Google Scholar 

  18. Immler V, Hennig M, Kürzinger L, Sigl G (2016) Practical aspects of quantization and tamper-sensitivity for physically obfuscated keys. In: Workshop on cryptography and security in computing systems (CS2)

  19. Immler V, Hiller M, Liu Q, Lenz A, Wachter-Zeh A (2017) Variable-length bit mapping and error-correcting codes for higher-order alphabet PUFs. In: Security, privacy, and applied cryptography engineering (SPACE)

  20. Immler V, Obermaier J, König M, Hiller M, Sigl G (2018) B-TREPID: batteryless tamper-resistant envelope with a PUF and integrity detection. In: IEEE international symposium on hardware oriented security and trust (HOST)

  21. Juels A, Wattenberg M (1999) A fuzzy commitment scheme. In: ACM conference on computer and communications security (CCS)

  22. Krachkovsky VY, Lee YX (1997) Decoding for iterative Reed-Solomon coding schemes. IEEE Trans Magn 33(5):2740–2742

    Article  Google Scholar 

  23. Krachkovsky VY, Lee YX (1998) Decoding of parallel Reed-Solomon codes with applications to product and concatenated codes. In: IEEE international symposium on information theory, 1998, p 55

  24. Krachkovsky VY (2003) Reed-Solomon codes for correcting phased error bursts. IEEE Trans Inf Theory 49 (11):2975–2984

    Article  MathSciNet  MATH  Google Scholar 

  25. Levenshtein V (1965) Binary codes capable of correcting deletions, insertions and reversals (in Russian). Doklady Akademii Nauk SSR 163(4):845–848

    MATH  Google Scholar 

  26. Levenshtein VI (1966) Binary codes capable of correcting deletions, insertions, and reversals. Sov Phys Dokl 10(8):707–710

    MathSciNet  Google Scholar 

  27. Maes R (2012) Physically unclonable functions: constructions, properties and applications. Dissertation

  28. Maes R, van der Leest V, van der Sluis E, Willems F (2016) Secure key generation from biased PUFs: extended version. J Cryptogr Eng 6(2):121–137

    Article  MATH  Google Scholar 

  29. NIST: Recommendation for the Entropy Sources Used for Random Bit Generation (2012). http://csrc.nist.gov/publications/drafts/800-90/draft-sp800-90b.pdf

  30. Obermaier J, Immler V (2018) The past, present, and future of physical security enclosures: from battery-backed monitoring to PUF-based inherent security and beyond. Journal of Hardware and Systems Security. https://link.springer.com/article/10.1007%2Fs41635-018-0045-2

  31. Obermaier J, Immler V, Hiller M, Sigl G (2018) A measurement system for capacitive puf-based security enclosures. In: Proceedings of the 55th annual design automation conference, DAC 2018, San Francisco, CA, USA, June 24–29, 2018, pp 64:1–64:6

  32. Puchinger S, Nielsen JR (2017) Decoding of interleaved Reed-Solomon codes using improved power decoding. In: IEEE international symposium on information theory (ISIT), pp 356–360

  33. Puchinger S, Müelich S, Bossert M, Wachter-Zeh A (2017) Timing attack resilient decoding algorithms for physical unclonable functions. In: International ITG conference on systems, communications and coding (SCC)

  34. Saowapa K, Kaneko H, Fujiwara E (1999) Systematic deletion/insertion error correcting codes with random error correction capability. In: Defect and fault tolerance in VLSI systems

  35. Schmidt G, Sidorenko VR, Bossert M (2009) Collaborative decoding of interleaved Reed-Solomon codes and concatenated code designs. IEEE Trans Inf Theory 55(7):2991–3012

    Article  MathSciNet  MATH  Google Scholar 

  36. Sloane NJA (2002) On single-deletion-correcting codes. In: Codes and designs. de Gruyter, pp 273–292

  37. Stanko T, Andini FN, Skoric B (2017) Optimized quantization in zero leakage helper data systems. IEEE Trans Inf Forensics Secur 12(8):1957–1966. https://dl.acm.org/citation.cfm?id=3101341

    Article  Google Scholar 

  38. Suh GE, Devadas S (2007) Physical unclonable functions for device authentication and secret key generation. In: ACM/IEEE design automation conference (DAC)

  39. Suzuki M, Ueno R, Homma N, Aoki T (2017) Multiple-valued debiasing for physically unclonable functions and its application to fuzzy extractors. In: International workshop on constructive side-channel analysis and secure design (COSADE)

  40. Tenengolts G (1984) Nonbinary codes, correcting single deletion or insertion (corresp.). IEEE Trans Inf Theory 30(5):766–769

    Article  MathSciNet  MATH  Google Scholar 

  41. Tuyls P, Schrijen GJ, Skoric B, van Geloven J, Verhaegh N, Wolters R (2006) Read-proof hardware from protective coatings. In: Workshop on cryptographic hardware and embedded systems (CHES)

  42. Varshamov RR, Tenengolts GM (1965) Codes which correct single asymmetric errors (in Russian). Automatika i Telemekhanika

  43. von Neumann J (1951) Various techniques used in connection with random digits. Applied Math Series

  44. Wachter-Zeh A, Zeh A, Bossert M (2014) Decoding interleaved Reed–Solomon codes beyond their joint error-correcting capability. Des Codes Crypt 71(2):261–281

    Article  MathSciNet  MATH  Google Scholar 

  45. Yu M, Devadas S (2010) Secure and robust error correction for physical unclonable functions. IEEE Des Test Comput 27(1):48–65

    Article  Google Scholar 

  46. Yu M, Hiller M, Devadas S (2015) Maximum likelihood decoding of device-specific multi-bit symbols for reliable key generation. In: IEEE international symposium on hardware-oriented security and trust (HOST), pp 38–43

  47. Zeh A, Wachter A (2011) Fast multi-sequence shift-register synthesis with the Euclidean algorithm. Adv Math Commun 5(4):667–680

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

Many thanks to Aysun Önalan for preparing the numbers of the RS-based fuzzy commitment scheme.

Funding

The authors from Fraunhofer AISEC have been supported by the Fraunhofer Internal Programs under Grant no. MAVO 828 432. A. Lenz and A. Wachter-Zeh have been supported by the Technical University of Munich–Institute for Advanced Study, funded by the German Excellence Initiative and European Union Seventh Framework Programme under Grant Agreement No. 291763.

Author information

Authors and Affiliations

  1. Fraunhofer Institute AISEC, Garching near Munich, Germany

    Vincent Immler & Matthias Hiller

  2. RWTH Aachen University, Aachen, Germany

    Qinzhi Liu

  3. Institute for Communications Engineering, Technical University of Munich (TUM), Munich, Germany

    Andreas Lenz & Antonia Wachter-Zeh

Authors
  1. Vincent Immler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Matthias Hiller
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qinzhi Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Andreas Lenz
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Antonia Wachter-Zeh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vincent Immler.

Additional information

This paper is an extended version of the paper [19], presented at SPACE 2017. In comparison with it, its novelties are: implementation results of insertion/deletion codes running on a microcontroller, a new concept for how to create segments to combine multiple values for error correction, additional results for a concatenation of insertion/deletion codes with an Interleaved Reed-Solomon code, and an entropy assessment of different bit mappings by the NIST800-90b test suite.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Immler, V., Hiller, M., Liu, Q. et al. Variable-Length Bit Mapping and Error-Correcting Codes for Higher-Order Alphabet PUFs—Extended Version. J Hardw Syst Secur 3, 78–93 (2019). https://doi.org/10.1007/s41635-018-0056-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-018-0056-z

Keywords

Search

Navigation