Abstract
Device-specific physical characteristics provide the foundation for physical unclonable functions (PUFs), a hardware primitive for secure storage of cryptographic keys. Thus far, they have been implemented by either directly evaluating a binary output or by mapping symbols from a higher-order alphabet to a fixed-length bit sequence. However, when combined with equidistant quantization, this causes significant bias in the derived secret which is a security issue. To overcome this limitation, we propose a variable-length bit mapping that reflects the properties of a Gray code in a different metric, namely the Levenshtein metric instead of the classical Hamming metric. Subsequent error correction is therefore based on a custom insertion/deletion error-correcting code (ECC). This new approach effectively counteracts the bias in the derived key already at the input side of the ECC. We present the concept for our scheme and demonstrate its feasibility based on an empirical PUF distribution. As a result, we increase the effective output bit length of the secret by over 40% compared to state-of-the-art approaches. In addition to that, we investigate different segmentation approaches which is important due to the variable length of the considered values. Practical implementation results demonstrate that the proposed scheme requires only a fraction of the execution time compared to Bose-Chaudhuri-Hocquenghem (BCH) codes. This opens up a new direction of ECCs for PUFs that output responses with symbols of a higher-order alphabet.
Similar content being viewed by others
Notes
For example, the element X1 is the output of a single node which is a symbol of the variable-length bit mapping.
References
Armknecht F, Maes R, Sadeghi AR, Standaert FX, Wachsmann C (2011) A formalization of the security features of physical functions. In: IEEE symposium on security and privacy (S&P), pp 397–412
Bleichenbacher D, Kiayias A, Yung M (2003) Decoding of interleaved Reed Solomon codes over noisy data. In: Baeten JCM, Lenstra JK, Parrow J, Woeginger GJ (eds) Automata, languages and programming, vol 2719, chap 9, p 188
Bösch C, Guajardo J, Sadeghi AR, Shokrollahi J, Tuyls P (2008) Efficient helper data key extractor on FPGAs. In: Oswald E, Rohatgi P (eds) Workshop on cryptographic hardware and embedded systems (CHES)
Brown A, Minder L, Shokrollahi A (2004) Probabilistic decoding of interleaved RS-codes on the q-ary symmetric channel. In: International symposium on information theory (ISIT). IEEE, p 326
Colombier B, Bossuet L, Fischer V, Hely D (2017) Key reconciliation protocols for error correction of silicon PUF responses. IEEE Trans Inf Forensics Secur 12(8):1988–2002. https://ieeexplore.ieee.org/document/7890428
Coppersmith D, Sudan M (2003) Reconstructing curves in three (and higher) dimensional space from noisy data. In: ACM symposium on theory of computing (STOC). ACM, pp 136–142
Davida GI, Frankel Y, Matt BJ (1998) On enabling secure applications through off-line biometric identification. In: IEEE symposium on security and privacy (S&P), pp 148–157
Delvaux J, Verbauwhede I (2014) Key-recovery attacks on various RO PUF constructions via helper data manipulation. In: Design, automation test in Europe conference exhibition (DATE)
Delvaux J, Gu D, Verbauwhede I, Hiller M, Yu M (2015) Secure sketch metamorphosis: tight unified bounds. IACR eprint archive
Delvaux J, Gu D, Verbauwhede I, Hiller M, Yu M (2016) Efficient fuzzy extraction of PUF-induced secrets: theory and applications. In: Conference on cryptographic hardware and embedded systems (CHES)
Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in cryptology (EUROCRYPT)
Feng GL, Tzeng KK (1989) A generalized Euclidean algorithm for multisequence shift-register synthesis. IEEE Trans Inf Theory 35(3):584–594
Feng GL, Tzeng KK (1991) A generalization of the Berlekamp-Massey algorithm for multisequence shift-register synthesis with applications to decoding cyclic codes. IEEE Trans Inf Theory 37(5):1274–1287
Gray F (1953) Pulse code communication. US Patent 2,632,058
Guajardo J, Kumar S, Schrijen GJ, Tuyls P (2007) FPGA Intrinsic PUFs and their use for IP protection. In: Workshop on cryptographic hardware and embedded systems (CHES)
Günlü O, Iscan O (2014) DCT based ring oscillator physical unclonable functions. In: IEEE international conference on acoustics, speech and signal processing (ICASSP), pp 8248–8251
Ignatenko T, Willems FM (2010) Information leakage in fuzzy commitment schemes. IEEE Trans Inf Forensics Secur 5(2):337–348
Immler V, Hennig M, Kürzinger L, Sigl G (2016) Practical aspects of quantization and tamper-sensitivity for physically obfuscated keys. In: Workshop on cryptography and security in computing systems (CS2)
Immler V, Hiller M, Liu Q, Lenz A, Wachter-Zeh A (2017) Variable-length bit mapping and error-correcting codes for higher-order alphabet PUFs. In: Security, privacy, and applied cryptography engineering (SPACE)
Immler V, Obermaier J, König M, Hiller M, Sigl G (2018) B-TREPID: batteryless tamper-resistant envelope with a PUF and integrity detection. In: IEEE international symposium on hardware oriented security and trust (HOST)
Juels A, Wattenberg M (1999) A fuzzy commitment scheme. In: ACM conference on computer and communications security (CCS)
Krachkovsky VY, Lee YX (1997) Decoding for iterative Reed-Solomon coding schemes. IEEE Trans Magn 33(5):2740–2742
Krachkovsky VY, Lee YX (1998) Decoding of parallel Reed-Solomon codes with applications to product and concatenated codes. In: IEEE international symposium on information theory, 1998, p 55
Krachkovsky VY (2003) Reed-Solomon codes for correcting phased error bursts. IEEE Trans Inf Theory 49 (11):2975–2984
Levenshtein V (1965) Binary codes capable of correcting deletions, insertions and reversals (in Russian). Doklady Akademii Nauk SSR 163(4):845–848
Levenshtein VI (1966) Binary codes capable of correcting deletions, insertions, and reversals. Sov Phys Dokl 10(8):707–710
Maes R (2012) Physically unclonable functions: constructions, properties and applications. Dissertation
Maes R, van der Leest V, van der Sluis E, Willems F (2016) Secure key generation from biased PUFs: extended version. J Cryptogr Eng 6(2):121–137
NIST: Recommendation for the Entropy Sources Used for Random Bit Generation (2012). http://csrc.nist.gov/publications/drafts/800-90/draft-sp800-90b.pdf
Obermaier J, Immler V (2018) The past, present, and future of physical security enclosures: from battery-backed monitoring to PUF-based inherent security and beyond. Journal of Hardware and Systems Security. https://link.springer.com/article/10.1007%2Fs41635-018-0045-2
Obermaier J, Immler V, Hiller M, Sigl G (2018) A measurement system for capacitive puf-based security enclosures. In: Proceedings of the 55th annual design automation conference, DAC 2018, San Francisco, CA, USA, June 24–29, 2018, pp 64:1–64:6
Puchinger S, Nielsen JR (2017) Decoding of interleaved Reed-Solomon codes using improved power decoding. In: IEEE international symposium on information theory (ISIT), pp 356–360
Puchinger S, Müelich S, Bossert M, Wachter-Zeh A (2017) Timing attack resilient decoding algorithms for physical unclonable functions. In: International ITG conference on systems, communications and coding (SCC)
Saowapa K, Kaneko H, Fujiwara E (1999) Systematic deletion/insertion error correcting codes with random error correction capability. In: Defect and fault tolerance in VLSI systems
Schmidt G, Sidorenko VR, Bossert M (2009) Collaborative decoding of interleaved Reed-Solomon codes and concatenated code designs. IEEE Trans Inf Theory 55(7):2991–3012
Sloane NJA (2002) On single-deletion-correcting codes. In: Codes and designs. de Gruyter, pp 273–292
Stanko T, Andini FN, Skoric B (2017) Optimized quantization in zero leakage helper data systems. IEEE Trans Inf Forensics Secur 12(8):1957–1966. https://dl.acm.org/citation.cfm?id=3101341
Suh GE, Devadas S (2007) Physical unclonable functions for device authentication and secret key generation. In: ACM/IEEE design automation conference (DAC)
Suzuki M, Ueno R, Homma N, Aoki T (2017) Multiple-valued debiasing for physically unclonable functions and its application to fuzzy extractors. In: International workshop on constructive side-channel analysis and secure design (COSADE)
Tenengolts G (1984) Nonbinary codes, correcting single deletion or insertion (corresp.). IEEE Trans Inf Theory 30(5):766–769
Tuyls P, Schrijen GJ, Skoric B, van Geloven J, Verhaegh N, Wolters R (2006) Read-proof hardware from protective coatings. In: Workshop on cryptographic hardware and embedded systems (CHES)
Varshamov RR, Tenengolts GM (1965) Codes which correct single asymmetric errors (in Russian). Automatika i Telemekhanika
von Neumann J (1951) Various techniques used in connection with random digits. Applied Math Series
Wachter-Zeh A, Zeh A, Bossert M (2014) Decoding interleaved Reed–Solomon codes beyond their joint error-correcting capability. Des Codes Crypt 71(2):261–281
Yu M, Devadas S (2010) Secure and robust error correction for physical unclonable functions. IEEE Des Test Comput 27(1):48–65
Yu M, Hiller M, Devadas S (2015) Maximum likelihood decoding of device-specific multi-bit symbols for reliable key generation. In: IEEE international symposium on hardware-oriented security and trust (HOST), pp 38–43
Zeh A, Wachter A (2011) Fast multi-sequence shift-register synthesis with the Euclidean algorithm. Adv Math Commun 5(4):667–680
Acknowledgements
Many thanks to Aysun Önalan for preparing the numbers of the RS-based fuzzy commitment scheme.
Funding
The authors from Fraunhofer AISEC have been supported by the Fraunhofer Internal Programs under Grant no. MAVO 828 432. A. Lenz and A. Wachter-Zeh have been supported by the Technical University of Munich–Institute for Advanced Study, funded by the German Excellence Initiative and European Union Seventh Framework Programme under Grant Agreement No. 291763.
Author information
Authors and Affiliations
Corresponding author
Additional information
This paper is an extended version of the paper [19], presented at SPACE 2017. In comparison with it, its novelties are: implementation results of insertion/deletion codes running on a microcontroller, a new concept for how to create segments to combine multiple values for error correction, additional results for a concatenation of insertion/deletion codes with an Interleaved Reed-Solomon code, and an entropy assessment of different bit mappings by the NIST800-90b test suite.
Rights and permissions
About this article
Cite this article
Immler, V., Hiller, M., Liu, Q. et al. Variable-Length Bit Mapping and Error-Correcting Codes for Higher-Order Alphabet PUFs—Extended Version. J Hardw Syst Secur 3, 78–93 (2019). https://doi.org/10.1007/s41635-018-0056-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41635-018-0056-z