A physical unclonable function exploits manufacturing variations to derive a digital identifier. The digital identifier is thus tied to a physical medium. Because the physical unclonable function depends on random process variation, it is easy to create a PUF but it is very hard, if not downright impossible, to create a PUF which would give rise to a particular pre-determined identifier. The manufacturing variations lead to different physical characteristics of the memory element. For example, the physical characteristics may include: doping concentrations, oxide thickness, channel lengths, structural width (e.g. of a metal layer), parasitics (e.g. resistance, capacitance). When a digital circuit design is manufactured multiple times, these physical characteristics will vary slightly and together they will cause the behavior of an IC element, e.g., a memory element, to behave differently in some situations. For example, the start-up behavior is determined by manufacturing variations in the physical characteristics.
The fact that PUFs produce device-intrinsic and unpredictable responses make them a very suitable candidate to generate cryptographic keys from. In contrast to traditional non-volatile key storages, a PUF-based key is not stored in digital format, but stems from small random deviations in the PUF's physical structure. Moreover, the generation of the key itself does not depend on externally provided randomness, which may be of low quality, but uses the high-entropy intrinsic randomness of the device itself. The combination of these factors can lead to highly secure solutions for cryptographic key storage.
Using a PUF the need for secure memory to store a key may be circumvented. A PUF furthermore provides natural protection against malicious attempts to obtain the cryptographic key through reverse engineering, since damage which could be inflicted to the PUF during the attempt likely changes the digital identifier. Preferably, the digital identifier is unique for the electronic device wherein the physical unclonable function is embedded.
For example, it has been observed that the startup behavior of some memory elements, demonstrate PUF like behavior. When such memory is powered-up, it tends to contain content, i.e., comprise a sequence of data values, which depends on the at least partially random physical characteristics of the components, e.g., gates or transistors, which make up the memory, e.g., their physical arrangement relative to each other. If the memory is powered-up multiple times, it would contain, up to a large percentage, the same content.
A PUF provides unpredictable and device-unique responses, yet due to their physical origin, these may be subject to measurement noise, and environmental influences. Cryptographic keys on the other hand need to be perfectly reliable and of full entropy. To bridge this gap, some amount of post-processing on the PUF responses is required. One way to address noise is the use of so-called fuzzy extractors. A fuzzy extractor is able to transform a ‘noisy’ random value into a reliable key. An error correction procedure can be used in this process to correct for these fluctuations, and make sure an identical digital identifier is derived, each time the PUF is used. The error correction procedure uses so-called helper data. Helper data is also called noise reduction data.
A fuzzy extractor may comprise two stages. In an initial enrollment stage, a cryptographic key is derived from the PUF response. In the enrollment process, helper data or noise reduction data for the PUF response is produced. Later on in the field, the reconstruction stage reevaluates the PUF response and uses the noise-reduction data from the enrollment stage to reconstruct the same key. The noise-reduction data hence needs to be stored in between the enrollment and reconstruction stages.