Spanish National Research Council · University of Seville
 HOME
INTRANET
esp    ing
IMSE-CNM in Digital.CSIC


 


In all publications
Author: Eiroa Lorenzo, Susana
Year: Since 2002
All publications
A VLSI Module To Authenticate Unclonable Things
I. Baturone, M.A. Prada-Delgado and S. Eiroa
Conference - International Symposium on Consumer Electronics ISCE 2015
[abstract]
This paper presents a VLSI module that implements a lightweight symmetric authentication protocol based on Keyed-Hash Message Authentication Code (HMAC). The cryptographic key and the random numbers needed by the protocol are generated by a SRAM acting as a Physical Unclonable Function (PUF).

Improved Generation of Identifiers, Secret Keys, and Random Numbers From SRAMs
I. Baturone, M.A. Prada-Delgado and S. Eiroa
Journal Paper - IEEE Transactions on Information Forensics and Security, vol. 10, no. 12, pp 2653-2668, 2015
IEEE    DOI: 10.1109/TIFS.2015.2471279    ISSN: 1556-6013    » doi
[abstract]
This paper presents a method to simultaneously improve the quality of the identifiers, secret keys, and random numbers that can be generated from the start-up values of standard static random access memories (SRAMs). The method is based on classifying memory cells after evaluating their start-up values at multiple measurements in a registration phase. The registration can be done without unplugging the device from its application context, and with no need for a complex laboratory setup. The method has been validated experimentally with standard low-power SRAM modules in two different application specific integrated circuits (ASICs) fabricated with the 90-nm TSMC technology. The results show that with a simple registration the length of the identifiers can be reduced by 45%, the worst case bit error probability (which defines the complexity of the error correcting code needed to recover a secret key) can be reduced by 64%, and the worst case minimum entropy value is improved, thus reducing the number of bits that have to be processed to obtain full entropy by 81%. The method can be applied to standard digital designs by controlling the external power supply to the SRAM using software or by incorporating simple circuitry in the design. In the latter case, a module for implementing the method in an ASIC designed in the 90-nm TSMC technology occupies an active area of 42,025 μm2.

An unclonable token for a secure document management system
I. Baturone, M.A. Prada-Delgado, S. Eiroa and J.A. Prieto
Conference - Intel Workshop on Cyberphysical and Mobile Security: Intelligent Things, Vehicles and Factories, 2014
[abstract]
Abstract not avaliable

Robust Unclonable Identifiers and True Random Numbers from off-the-Shelf SRAMs
M.A. Prada, S. Eiroa and I. Baturone
Conference - Conference on Design and Architectures for Signal and Image Processing DASIP 2014
[abstract]
A demonstrator has been developed that shows how off-the-shelf SRAMs can be identified by their start-up values and how true random numbers can be extracted from them. It contains an FPGA that communicates with off-the-shelf SRAMs and with a USB 2.0 microcontroller which in turn communicates with a computer to show the results to users.

Robust unclonable identifiers and true random numbers from off-the-shelf SRAMs
M.A. Prada-Delgado, S. Eiroa and I. Baturone
Conference - Conference on Design and Architectures for Signal and Image Processing DASIP 2014
[abstract]
A demonstrator has been developed that shows how off-the-shelf SRAMs can be identified by their start-up values and how true random numbers can be extracted from them. It contains an FPGA that communicates with off-the-shelf SRAMs and with a USB 2.0 microcontroller which in turn communicates with a computer to show the results to users.

Secure and Lightweight Hardware Authentication Systems based on Physical Unclonable Functions.
S. Eiroa-Lorenzo
Thesis - Date of defense: 21/03/2014
UNIVERSIDAD DE SEVILLA, IMSE-CNM    
[abstract]
This Dissertation focuses on the authentication of hardware by using Physical Unclonable Functions (PUFs), which avoid device cloning and are able to generate secrets on the fly instead of storing them. Structures based on ring oscillators (ROs) and standard static random access memories (SRAMs) reported in the literature have been analyzed in detail to evaluate their advantages and drawbacks mainly concerning uniqueness and reliability. RO PUFs have been characterized experimentally in FPGAs from Xilinx while SRAM PUFs have been characterized in ASICs fabricated with TSMC 90 nm technology.
A novel real-valued RO PUF is proposed to overcome the problems observed, in particular when the number of ring oscillators is small. It is more robust against surrounding logic and it is less affected by temperature and power supply variations. According to the metrics employed in these real-valued RO PUFs, a new real-valued shielding function is proposed to generate secrets. In addition, real-valued RO PUFs are also exploited to work as true random number generators (TRNGs).
A novel SRAM-based solution is proposed which is under confidentiality. A lightweight authentication system based on a symmetric-key challengeresponse protocol that uses the mixed PUF-TRNG structures analyzed is developed. Although the secret key is not stored but processed on the fly, the hardware blocks leak information about the data that are computed in each instant. Hence, the security of the system is studied not only from a mathematical point of view but also from its resistance to hardware (physical) attacks. In particular, a Differential Power Analysis (DPA) attack is developed and carried out against the system in a real scenario.
Experimental results show how many interchanged messages are needed to extract the secret successfully.

FPGA Implementation and DPA Resistance Analysis of a Lightweight HMAC Construction based on Photon Hash Family
S. Eiroa and I. Baturone
Conference - International Conference on Field Programmable Logic and Applications FPL 2013
[abstract]
Lightweight security is currently a challenge in the field of cryptography. Most of applications designed for embedded scenarios often focus on authentication or on providing some form of anonymity and/or privacy. A well-known cryptographic element employed to provide such security is the HMAC construction. However, reported solutions are not suitable for constrained-resource scenarios due to their heavy approaches optimized for high-speed operations. In order to cover this lack, a lightweight implementation of HMAC based on the Photon family of hash functions is given in this work. Security of the construction against differential power attacks (DPA) is analyzed using a SASEBO-II development board. Implementation and performance results for Xilinx Virtex-5 FPGAs of the HMAC structure is provided.

Reducing bit flipping problems in SRAM physical unclonable functions for chip identification
S. Eiroa, J. Castro, M.C. Martínez-Rodríguez, E. Tena, P. Brox and I. Baturone
Conference - IEEE International Conference on Electronics, Circuits, and Systems ICECS 2012
[abstract]
Physical Unclonable functions (PUFs) have appeared as a promising solution to provide security in hardware. SRAM PUFs offer the advantage, over other PUF constructions, of reusing resources (memories) that already exist in many designs. However, their intrinsic noisy nature produces the so called bit flipping effect, which is a problem in circuit identification and secret key generation. The approaches reported to reduce this effect usually resort to the use of pre- and post-processing steps (such as Fuzzy Extractor structures combined with Error Correcting Codes), which increase the complexity of the system. This paper proposes a pre-processing step that reduces bit flipping problems without increasing the hardware complexity. The proposal has been verified experimentally with 90-nm SRAMs included in digital application specific integrated circuits (ASICs).

Circuit authentication based on ring-oscillator PUFs
S. Eiroa and I. Baturone
Conference - IEEE International Conference on Electronics, Circuits, and Systems ICECS 2011
[abstract]
The use of Ring Oscillator PUFs to provide circuit authentication is analyzed in this paper. The limitations of the previously reported approach in terms of false rejection (due to high intra-die variations) and false acceptance (due to small inter-die variations) are discussed. These limitations are overcome by a new proposal that makes the authentication more robust against noise, temperature and power supply variations, without increasing considerably hardware complexity. All these issues are illustrated with experimental results obtained with FPGAs from Xilinx. © 2011 IEEE.

An analysis of ring oscillator PUF behavior on FPGAs
S. Eiroa and I. Baturone
Conference - International Conference on Field-Programmable Technology FPT 2011
[abstract]
Many studies have been directed to probe ring oscillator PUF's feasibility in the security field, but most of them suffer from the lack of global approach as they analyze the system isolated, giving an uncompleted theory about their behavior. This paper presents how adjacent hardware elements may affect PUF response, modifying their statistical characteristics and even masking the randomness of manufacturing process. This is a factor that should be taken into account when modeling the behavior of the ring oscillators in the PUF. Experimental results from Xilinx Spartan 3 FPGAs illustrate these issues. © 2011 IEEE.

Using physical unclonable functions for hardware authentication: a survey
S. Eiroa, I. Baturone, A.J. Acosta and J. Dávila
Conference - Conference on Design of Circuits and Integrated Systems DCIS 2010
[abstract]
Physical unclonable functions (PUFs) are drawing a crescent interest in hardware oriented security due to their special characteristics of simplicity and safety. However, their nature as well as early stage of study makes them constitute currently a diverse and non-standardized set for designers. This work tries to establish one organization of existing PUF structures, giving guidelines for their choice, conditioning, and adaptation depending on the target application. In particular, it is described how using PUFs adequately could enlighten significantly most of the security primitives, making them very suitable for authenticating constrained resource platforms.

Hardware authentication based on PUFs and SHA-3 2(nd) round candidates
S. Eiroa and I. Baturone
Conference - International Conference on Microelectronics ICM 2010
[abstract]
Security features are getting a growing interest in microelectronics. Not only entities have to authenticate in the context of a high secure communication but also the hardware employed has to be trusted. Silicon Physical Unclonable Functions (PUFs) or Physical Random Functions, which exploits manufacturing process variations in integrated circuits, have been used to authenticate the hardware in which they are included and, based on them, several cryptographic protocols have been reported. This paper describes the hardware implementation of a symmetric-key authentication protocol in which a PUF is one of the relevant blocks. The second relevant block is a SHA-3 2(nd) round candidate, a Secure Hash Algorithm (in particular Keccak), which has been proposed to replace the SHA-2 functions that have been broken no long time ago. Implementation details are discussed in the case of Xilinx FPGAs.

Scopus access Wok access