[Resource Topic] 2020/1284: Entropy Estimation of Physically Unclonable Functions with Offset Error

Welcome to the resource topic for 2020/1284

Entropy Estimation of Physically Unclonable Functions with Offset Error

Authors: Mitsuru Shiozaki, Yohei Hori, Takeshi Fujino


Physically unclonable functions (PUFs) are gaining attention as a promising cryptographic technique, with the main applications including challenge-response authentication and key generation (key storage). When a PUF is applied to these applications, min-entropy estimation is essential. Min-entropy is a measure of the lower bound of the unpredictability of PUF responses. Using the test suite of the National Institute of Standards and Technology (NIST) specification (SP) 800-90B is currently considered the best method for estimating the min-entropy of PUF responses. Several previous studies have estimated the min-entropy of PUFs as well as those of random number generators (RNGs). However, we feel doubtful about some of these estimated results; for example, an evaluator can reorder PUF responses to make the PUF performance appear much better. It is also known that the test suite of NIST SP 800-90B has no suitable estimator. In particular, it has been reported that concatenating PUF responses of two-dimensional PUFs, such as an SRAM PUF, into one-dimensional data may obfuscate spatial correlations. In this paper, we explore the inherent problems in min-entropy estimation by using our static random-access memory (SRAM) PUF and our complementary metal-oxide-semiconductor (CMOS) image sensor with a PUF (CIS PUF). We apply three orderings to the PUF responses of our SRAM PUF and CIS PUF: row-direction ordering, column-direction ordering, and random-shuffle ordering. We show how much the min-entropy estimated by NIST SP 800-90B varies and discuss the estimation results. Next, we discuss the threat of PUFs (i.e., predictability of PUF responses) when a digitizer in a PUF has an offset error. PUF sources are generally defined as circuits and transistors used to extract intrinsic physical properties and generate device-unique responses. Variation in the manufacturing of circuits and transistors other than the PUF sources, especially digitizers, may cause lower entropy. We call these circuits and transistors ``entropy-loss sources.‘’ We investigate the effect of entropy-loss sources on min-entropy theoretically and clarify how much the theoretical results differ from those estimated by NIST SP 800-90B. Finally, we propose an entropy prediction scheme that considers entropy-loss sources (offset error). We show through experiments that the proposed scheme more accurately estimates the min-entropy of PUFs.

ePrint: https://eprint.iacr.org/2020/1284

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .