Variable-Length Bit Mapping and Error-Correcting Codes for Higher-Order Alphabet PUFs

  • Vincent ImmlerEmail author
  • Matthias Hiller
  • Qinzhi Liu
  • Andreas Lenz
  • Antonia Wachter-Zeh
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)


Device-specific physical characteristics provide the foundation for Physical Unclonable Functions (PUFs), a hardware primitive for secure storage of cryptographic keys. So far, they have been implemented by either directly evaluating a binary output or by mapping outputs from a higher-order alphabet to a fixed-length bit sequence. However, the latter causes a significant bias in the derived key when combined with an equidistant quantization.

To overcome this limitation, we propose a variable-length bit mapping that reflects the properties of a Gray code in a different metric, namely the Levenshtein metric instead of the classical Hamming metric. Subsequent error-correction is therefore based on a custom insertion/deletion correcting code. This new approach effectively counteracts the bias in the derived key already at the input side.

We present the concept for our scheme and demonstrate its feasibility based on an empirical PUF distribution. As a result, we increase the effective output bit length of the secret by over \(40\%\) compared to state-of-the-art approaches while at the same time obtaining additional advantages, e.g., an improved tamper-sensitivity. This opens up a new direction of Error-Correcting Codes (ECCs) for PUFs that output responses with symbols of higher-order output alphabets.


Physical Unclonable Functions Fuzzy extractor Secrecy leakage Coding theory Quantization Varshamov-Tenengolts (VT) code 



The authors from Fraunhofer AISEC have been supported by the Fraunhofer Internal Programs under Grant No. MAVO 828 432. A. Lenz and A. Wachter-Zeh have been supported by the Technical University of Munich–Institute for Advanced Study, funded by the German Excellence Initiative and European Union Seventh Framework Programme under Grant Agreement No. 291763. Many thanks to Aysun Önalan for preparing the numbers of the RS-based fuzzy commitment scheme.


  1. 1.
    Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: ACM/IEEE Design Automation Conference (DAC) (2007)Google Scholar
  2. 2.
    Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007). CrossRefGoogle Scholar
  3. 3.
    Tuyls, P., Schrijen, G.-J., Škorić, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-proof hardware from protective coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369–383. Springer, Heidelberg (2006). CrossRefGoogle Scholar
  4. 4.
    Immler, V., Hennig, M., Kürzinger, L., Sigl, G.: Practical aspects of quantization and tamper-sensitivity for physically obfuscated keys. In: Workshop on Cryptography and Security in Computing Systems (CS2) (2016)Google Scholar
  5. 5.
    Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: ACM Conference on Computer and Communications Security (CCS) (1999)Google Scholar
  6. 6.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). CrossRefGoogle Scholar
  7. 7.
    Bösch, C., Guajardo, J., Sadeghi, A.-R., Shokrollahi, J., Tuyls, P.: Efficient helper data key extractor on FPGAs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 181–197. Springer, Heidelberg (2008). CrossRefGoogle Scholar
  8. 8.
    Yu, M., Devadas, S.: Secure and robust error correction for physical unclonable functions. IEEE Des. Test Comput. 27(1), 48–65 (2010)CrossRefGoogle Scholar
  9. 9.
    Maes, R.: Physically unclonable functions: constructions, properties and applications. Dissertation (2012)Google Scholar
  10. 10.
    Hiller, M., Merli, D., Stumpf, F., Sigl, G.: Complementary IBS: application specific error correction for PUFs. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 1–6 (2012)Google Scholar
  11. 11.
    Puchinger, S., Müelich, S., Bossert, M., Hiller, M., Sigl, G.: On error correction for physical unclonable functions. In: International ITG Conference on Systems, Communications and Coding (SCC), February 2015Google Scholar
  12. 12.
    Hiller, M., Yu, M., Sigl, G.: Cherry-picking reliable PUF bits with differential sequence coding. IEEE Trans. Inf. Forensics Secur. 11(9), 2065–2076 (2016)CrossRefGoogle Scholar
  13. 13.
    Puchinger, S., Müelich, S., Bossert, M., Wachter-Zeh, A.: Timing attack resilient decoding algorithms for physical unclonable functions. In: International ITG Conference on Systems, Communications and Coding (SCC), February 2017Google Scholar
  14. 14.
    Tenengolts, G.: Nonbinary codes, correcting single deletion or insertion (corresp.). IEEE Trans. Inf. Theory 30(5), 766–769 (1984)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Varshamov, R.R., Tenengolts, G.M.: Codes which correct single asymmetric errors. Automatika i Telemekhanika (1965). (in Russian)Google Scholar
  16. 16.
    Levenshtein, V.: Binary codes capable of correcting deletions, insertions and reversals. Doklady Akademii Nauk SSR 163(4), 845–848 (1965). (in Russian)MathSciNetzbMATHGoogle Scholar
  17. 17.
    Günlü, O., Iscan, O.: DCT based ring oscillator physical unclonable functions. In: IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 8248–8251 (2014)Google Scholar
  18. 18.
    Stanko, T., Andini, F.N., Skoric, B.: Optimized quantization in zero leakage helper data systems. IEEE Trans. Inf. Forensics Secur. (2017)Google Scholar
  19. 19.
    Delvaux, J., Gu, D., Verbauwhede, I., Hiller, M., Yu, M.-D.M.: Efficient fuzzy extraction of PUF-induced secrets: theory and applications. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 412–431. Springer, Heidelberg (2016). Google Scholar
  20. 20.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Standaert, F.-X., Wachsmann, C.: A formalization of the security features of physical functions. In: IEEE Symposium on Security and Privacy (S&P), pp. 397–412 (2011)Google Scholar
  21. 21.
    Colombier, B., Bossuet, L., Fischer, V., Hely, D.: Key reconciliation protocols for error correction of silicon PUF responses. IEEE Trans. Inf. Forensics Secur. 12, 1988–2002 (2017)CrossRefGoogle Scholar
  22. 22.
    Hiller, M., Yu, M.-D.M., Pehl, M.: Systematic low leakage coding for physical unclonable functions. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS) (2015)Google Scholar
  23. 23.
    Ignatenko, T., Willems, F.M.: Information leakage in fuzzy commitment schemes. IEEE Trans. Inf. Forensics Secur. 5(2), 337–348 (2010)CrossRefGoogle Scholar
  24. 24.
    Maes, R., van der Leest, V., van der Sluis, E., Willems, F.: Secure key generation from biased PUFs: extended version. J. Cryptogr. Eng. 6(2), 121–137 (2016)CrossRefGoogle Scholar
  25. 25.
    von Neumann, J.: Various techniques used in connection with random digits. In: Applied Math Series (1951)Google Scholar
  26. 26.
    Suzuki, M., Ueno, R., Homma, N., Aoki, T.: Multiple-valued debiasing for physically unclonable functions and its application to fuzzy extractors. In: Guilley, S. (ed.) COSADE 2017. LNCS, vol. 10348, pp. 248–263. Springer, Cham (2017). CrossRefGoogle Scholar
  27. 27.
    Yu, M., Hiller, M., Devadas, S.: Maximum likelihood decoding of device-specific multi-bit symbols for reliable key generation. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 38–43 (2015)Google Scholar
  28. 28.
    Delvaux, J., Verbauwhede, I.: Key-recovery attacks on various RO PUF constructions via helper data manipulation. In: Design, Automation Test in Europe Conference Exhibition (DATE) (2014)Google Scholar
  29. 29.
    Levenshtein, V.I.: Binary codes capable of correcting deletions, insertions, and reversals. Soviet physics doklady (1966)Google Scholar
  30. 30.
    Sloane, N.J.A.: On single-deletion-correcting codes. In: Codes and Designs, pp. 273–292. de Gruyter (2002)Google Scholar
  31. 31.
    Saowapa, K., Kaneko, H., Fujiwara, E.: Systematic deletion/insertion error correcting codes with random error correction capability. In: Defect and Fault Tolerance in VLSI Systems (1999)Google Scholar
  32. 32.
    Davida, G.I., Frankel, Y., Matt, B.J.: On enabling secure applications through off-line biometric identification. In: IEEE Symposium on Security and Privacy (S&P), pp. 148–157 (1998)Google Scholar
  33. 33.
    Gray, F.: Pulse code communication. US Patent 2,632,058 (1953)Google Scholar
  34. 34.
    Delvaux, J., Gu, D., Verbauwhede, I., Hiller, M., Yu, M.: Secure sketch metamorphosis: tight unified bounds. IACR eprint archive (2015)Google Scholar
  35. 35.
    MacWilliams, F.J., Sloane, N.J.A.: The theory of error-correcting codes. North-Holland, Amsterdam (1977)zbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Vincent Immler
    • 1
    Email author
  • Matthias Hiller
    • 1
  • Qinzhi Liu
    • 1
    • 2
  • Andreas Lenz
    • 3
  • Antonia Wachter-Zeh
    • 3
  1. 1.Fraunhofer Institute for Applied and Integrated Security (AISEC)Garching bei MünchenGermany
  2. 2.RWTH Aachen UniversityAachenGermany
  3. 3.Institute for Communications EngineeringTechnical University of Munich (TUM)MunichGermany

Personalised recommendations