A Practical Device Authentication Scheme Using SRAM PUFs

  • Patrick Koeberl
  • Jiangtao Li
  • Anand Rajan
  • Claire Vishik
  • Wei Wu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6740)


The contamination of electronic component supply chains by counterfeit hardware devices is a serious and growing risk in today’s globalized marketplace. Current practice for detecting counterfeit semiconductors includes visual checking, electrical testing, and reliability testing which can require significant investments in expertise, equipment, and time. Additionally, best practices have been developed in industry worldwide to combat counterfeiting in many of its variants. Although the current approaches improve the situation significantly, they do not provide extensive technical means to detect counterfeiting. However, new approaches in this area are beginning to emerge.

Suh and Devadas recently proposed a low cost device authentication scheme which relies on Physically Unclonable Functions (PUFs) to implement a challenge-response authentication protocol. There are several constraints in their authentication scheme, e.g., their scheme requires a secure online database and relies on PUF constructions that exhibit a large number of challenge-response pairs. In this paper, we introduce a new device authentication scheme using PUFs for device anti-counterfeiting. Our scheme is simple and practical as it does not require any online databases and is not tied to any PUF implementations. For hardware devices which already have SRAM and non-volatile storage embedded, our scheme takes almost no additional cost.


Authentication Scheme Trusted Platform Module Enrollment Phase Hardware Device False Rejection Rate 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    1149.1-1990 - IEEE Standard Test Access Port and Boundary-Scan Architecture,
  2. 2.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Sunar, B., Tuyls, P.: PUF-PRFs: A new tamper-resilient cryptographic primitive. In: Advances in Cryptology – EUROCRYPT 2009 Poster Session, pp. 96–102 (2000)Google Scholar
  3. 3.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Sunar, B., Tuyls, P.: Memory leakage-resilient encryption based on physically unclonable functions. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 685–702. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Federal Information Processing Standard 186-3: Digital Signature Standard (DSS),
  6. 6.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled physical random functions. In: Proceedings of the 18th Annual Computer Security Conference (2002)Google Scholar
  7. 7.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: ACM Conference on Computer and Communications Security, pp. 148–160. ACM Press, New York (2002)Google Scholar
  8. 8.
    Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic pUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Holcomb, D.E., Burleson, W.P., Fu, K.: Power-up sram state as an identifying fingerprint and source of true random numbers. IEEE Transactions on Computers 58(9), 1198–1210 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    ISO/IEC16022:2006 Data Matrix bar code symbology specification,
  11. 11.
    U. S. G. A. Office. Defense supplier base: Dod should leverage ongoing initiatives in developing its program to mitigate risk of counterfeit parts. GAO-10-389 (March 2010)Google Scholar
  12. 12.
    Pappu, R.S.: Physical one-way functions. PhD thesis. Massachusetts Institute of Technology (March 2001)Google Scholar
  13. 13.
    Semiconductor Industry Association,
  14. 14.
    Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: Design Automation Conference, pp. 9–14. ACM Press, New York (2007)Google Scholar
  15. 15.
    S. T20-1109. Specification for authentication of semiconductors and related products (2009),
  16. 16.
    Trusted Computing Group. TCG TPM specification 1.2 (2003),
  17. 17.
    Tuyls, P., Batina, L.: Rfid-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    van der Leest, V., Schrijen, G.-J., Handschuh, H., Tuyls, P.: Hardware intrinsic security from d flip-flops. In: Proceedings of the Fifth ACM Workshop on Scalable Trusted Computing, STC 2010, pp. 53–62. ACM, New York (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Patrick Koeberl
    • 1
  • Jiangtao Li
    • 1
  • Anand Rajan
    • 1
  • Claire Vishik
    • 1
  • Wei Wu
    • 1
  1. 1.Intel CorporationUSA

Personalised recommendations