The invention relates generally to technology for generating a unique identification number for electronically securing electronic devices and, more particularly, to an identification circuit and a method for generating an identification bit using physically unclonable functions (PUFs). PUFs are known in the art to be implemented by circuits, components, processes or other entities capable of generating an output, such as a digital bit, word or a function that is resistant to cloning. Typically, the PUF can be generated based on inherent physical characteristics of a device such as for example individual physical characteristics of a transistor such as a threshold voltage of the transistor which varies due to local process variations during manufacturing. There is no need to store the PUF within the device, because the PUF can be generated repeatedly. It is nearly impossible to clone a device having a PUF implemented in a manner to generate the same PUF output with another device.
Security in electronic devices has become a major concern of manufacturers and users of such devices. For this it is useful to be able to distinguish each electronic device, especially the integrated circuit within these devices, from each other. This is particularly true for devices such as computers, personal hand held devices, cellular phones, chip cards, RFID-tags and other devices that contain sensitive information. Developers of electronic devices continuously strive to develop systems and methods that make their products impervious to unauthorized access or use.
At the same time, most applications have cost limitations that must be taken into account. For example, if a complicated authentication process requiring storage and computing resources were employed on an integrated circuit, the costs incurred may not justify the cost of security accomplished, particularly if the end product were a low cost and mass produced consumer product.
One approach to solve the above identified problems is to employ a PUF to provide a unique, secure bit, word or function for use in generating security keys. This may eliminate the need for storage of a public or private key on a device.
Conventional approaches have addressed such a configuration in prior art publications. One example, U.S. Pat. No. 6,161,213 discloses an identification device which is based on an array of identification cells and a circuit for measuring the output of each cell and for generating an output data function of the measured characteristics of all the elements of the array. Each cell includes two equally sized MOS transistors which are biased with the same gate-source voltage. Due to local process variations, the two transistors present different threshold voltages and, therefore, the corresponding drain currents are different. The current difference is converted to a voltage difference, amplified and compared using a precise comparator (auto-zeroing comparator).
It has been also known from Y. Su, J. Holleman, B. P. Otis, “A digital 1.6 pJ/bit chip identification circuit using process variations”, IEEE J. Solid-State Circuits, vol. 43, no. 1, January 2008, to use a device based on an array of identification cells comprising a latch composed of cross-coupled inverters. Initially, both sides of the latch are pulled down. As reset is released, each latch evaluates to a state determined by the switching threshold mismatch of the two inverters.
A disadvantage of the identification device described in U.S. Pat. No. 6,161,213 is the additional circuital complexity to derive the binary output data. The identification cell described in the IEEE document from Y. Su, J. Hollemana and B. P. Otis, is less complex but not stable. For example electronic noise or a change in temperature can influence the output from the known circuits and different identification bits can occur.
What is needed is a simple identification circuit which is stable with regard to external influences.