![Page 1: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/1.jpg)
Run-timeAccessibleDRAMPUFsinCommodityDevices
WenjieXiong1,AndréSchaller2,NikolaosA.Anagnostopoulos2,MuhammadUmairSaleem2,SebastianGabmeyer2,
StefanKatzenbeisser2,andJakubSzefer1
1.YaleUniversity,USA2.Technische UniversitätDarmstadtandCASED,Germany
Aug18,2016
![Page 2: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/2.jpg)
PhysicallyUnclonable Functions(PUF)
• Afunction,whichisembeddedintoaphysicalobjectWhenqueriedwithachallengex,thePUFgenerates aresponsey,whichdependson1)Challengexand2)specialphysicalpropertiesoftheobject
• SiliconPUFsusethemanufacturingprocessvariationse.g.ArbiterPUFs,SRAM-PUFsItisalmostimpossibletoclone,evenforthemanufacturer
• Authenticationandidentification
2CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 3: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/3.jpg)
Intrinsic PUF• NoextrachipsneededforPUF• Exploit hardwarewhichison-boardanyway
e.g.startupvaluesofSRAM
IsitpossibletoexploitDRAMasaPUF?• MostcomputingdevicesholdDRAM• ExploitintrinsicDRAMPUFtoderiveaunique
fingerprint&deriveakey• DRAMhaslargercapacitythanSRAM• RuntimePUFratherthanboot-uptime
IntrinsicDRAMPUF
3CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
Experimentalplatforms:PandaBoard(top)andIntelGalileo(bottom).
![Page 4: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/4.jpg)
Outline/Contributions• Extractdecay-basedDRAMPUFinstancesfromunmodifiedcommodity
devices duringrun-timeofthe Linuxsystem• IntroducenewmetricsforevaluatingDRAMPUFs,basedontheJaccard
index• Throughextensiveexperiments,weshowthatDRAMPUFsexhibit
robustness,uniqueness,andstability• Designprotocolsfordeviceauthenticationandsecurechannel
establishmentthatdrawtheirsecurityfromthetime-dependentdecayofDRAMcells
4
SS 2013 | Seminar: Physically Unclonable Functions and its Applications | André Schaller & Prof. Dr. Stefan Katzenbeisser |
CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 5: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/5.jpg)
DRAMCellDecay• ADRAMcellconsistsofa
capacitorandatransistor• Bitisstoredascharge• DRAMaccessprocess• Chargeleakage
– DRAMrefresh– Accessawordwillrefresh
thewholerow• Duetothemanufacturing
variationsamongDRAMcells,somecellsdecayfasterthanothers,whichcanbeexploitedasaPUF
SchematicofaDRAMarray;arrowsindicateleakagepathsfor
dissipationofchargesthatleadtoPUFbehavior.
5CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 6: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/6.jpg)
DRAMPUFAccess
(1)DRAMforordinaryuse
(2)PUFregion(ingrey)isinitializedandtheDRAM
(3)PUFcellsdecayfortimet
(4)ReadouttheDRAMtoextractthePUFmeasurement
(5)DRAMreturntonormalusage
DRAMPUFchallenge:LogicalPUF(addr andsize),initialvalue (0or1),decaytime
OS & App memory
OS & App memory
sizeaddr
LogicalPUF
OS & App memory
OS & App memory
OS & App memory
OS & App memory
OS & App memory
OS & App memory
refreshisdisabled
6
refreshisdisabled
CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 7: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/7.jpg)
• Twoapproaches– Firmware
• DRAMisnotusedbyfirmware,sothewholeDRAMrefreshcanbedisabled
– Kernelmodule• SelectiveDRAMrefresh
– ReadawordineachDRAMrow,andthus,refreshtheDRAMusedbythesystemandapplications
• Twoplatforms– PandaboardESRevisionB3:TIOMAP4460,1GBELPIDADDR2– IntelGalileoGen2:IntelQuarkX1000,two128MBMicronDDR3
Implementations
7CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 8: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/8.jpg)
Outline/Contributions• Extractdecay-basedDRAMPUFinstancesfromunmodifiedcommodity
devicesduringrun-timeoftheLinuxsystem• IntroducenewmetricsforevaluatingDRAMPUFs,basedontheJaccard
index• Throughextensiveexperiments,weshowthatDRAMPUFsexhibit
robustness,uniqueness,andstability• Designprotocolsfordeviceauthenticationandsecurechannel
establishmentthatdrawtheirsecurityfromthetime-dependentdecayofDRAMcells
8CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 9: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/9.jpg)
DRAMPUFCharacteristics
Iftx ≤tx+1andaddrx =addrx+1,sizex =sizex+1,weobservemx⊆mx+1,uptonoise.
Wemeasuredtwo 32KBlogicalPUFson4 PandaBoardsand5 IntelGalileos.EachlogicalPUFwasmeasuredatfive decaytimeswith50measurementseach.
AveragedecayrateofDRAMmodulesof(blue)PandaBoardand(purple)IntelGalileo.
120 180 240 300 3600
0.005
0.01
0.015
0.02
0.025
Decay time (sec)
Decay
rate
t1 t2 t3t0
9CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 10: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/10.jpg)
DRAMPUFCharacteristics• PUFmeasurement:Astringof0’sand1’s
->Asetofbitflips• Hammingdistance->Jaccardindex
• IntraJaccardIndex:– PUFmeasurementsofthesame PUFchallenge.– Ideally,themeasurementsarethesame. Jintra ≈1.
• InterJaccardIndex:– PUFmeasurementsofdifferent PUFchallenges.– Ideally, themeasurementsarecompletelydifferent.Jinter ≈0.
J(v1,v2 ) =v1∩v2v1∪v2
10CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 11: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/11.jpg)
Maxfractionalintra-HD
Minfractionalinter-HD
0.0045 0.0038
0.0003 0.0012
0.0083 0.0139
0.0005 0.0032
0.0101 0.0244
0.0020 0.0057
0.0123 0.0238
0.0013 0.0080
0.0206 0.0279
0.0022 0.0124
DRAMPUFCharacteristicsRobustnessandUniqueness
• Robustness:ForthesamePUF,thesamechallengexshouldalwaysproducealmostthesameresponsey. Jintra ≈1
• Uniqueness:FordifferentPUF,thesamechallengexshouldalwaysproduceverydifferentresponsey. Jinter ≈0
• JaccardindexisbetteratdistinguishingDRAMPUFmeasurements.Decaytime
device MinJintra
MaxJinter
120sPandaBoard 0.4634 0.0102
Galileo 0.7712 0.0038
180sPandaBoard 0.4382 0.0168
Galileo 0.8361 0.0044
240sPandaBoard 0.4087 0.0258
Galileo 0.6261 0.0049
300sPandaBoard 0.4222 0.0405
Galileo 0.7944 0.0055
360sPandaBoard 0.3484 0.0342
Galileo 0.8276 0.0072 11
![Page 12: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/12.jpg)
Jaccard index between pairs of measurements0 0.2 0.4 0.6 0.8 1
Pro
bab
ility
0
0.05
0.1
0.15
Jinter
Jintra
Jaccard index between pairs of measurements0 0.2 0.4 0.6 0.8 1
Pro
bab
ility
0
0.05
0.1
0.15
0.2
0.25
Jinter
Jintra
DRAMPUFCharacteristicsRobustnessandUniqueness
DistributionofJintra and Jinter valuesfor(left)PandaBoardand(right)IntelGalileo.
• Robustness:ForthesamePUF,thesamechallengexshouldalwaysproducealmostthesameresponsey. Jintra ≈1
• Uniqueness:FordifferentPUF,thesamechallengexshouldalwaysproduceverydifferentresponsey. Jinter ≈0
• ThereisacleargapbetweenJintra and Jinter.->Uniqueness
12CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 13: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/13.jpg)
TemperatureDependency• DRAMdecayalsodependsontheambienttemperature.• WeconductedtemperatureexperimentswithaheaterontopoftheDRAM.
Temperature-dependentdecayof(left)PandaBoardand(right)IntelGalileo.
13
40 60 800
0.05
0.1
0.15
0.2
0.25
0.3
Temperature (◦C)
Decay
rate
t1 = 120st2 = 180st3 = 240st4 = 300st5 = 360s
40 60 800
0.05
0.1
0.15
0.2
Temperature (◦C)
Decay
rate
t1 = 120st2 = 180st3 = 240st4 = 300st5 = 360s
CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 14: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/14.jpg)
TemperatureDependency
120 180 240 300 3600
0.005
0.01
0.015
0.02
0.025
Decay time (sec)
Decay
rate
120 180 240 300 3600
0.002
0.004
0.006
0.008
0.01
0.012
Decay time (sec)
Decay
rate
Temperature-dependentdecayof(left)PandaBoardand(right)IntelGalileo.
14
40 60 800
0.05
0.1
0.15
0.2
0.25
0.3
Temperature (◦C)
Decay
rate
t1 = 120st2 = 180st3 = 240st4 = 300st5 = 360s
40 60 800
0.05
0.1
0.15
0.2
Temperature (◦C)
Decay
rate
t1 = 120st2 = 180st3 = 240st4 = 300st5 = 360s
CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 15: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/15.jpg)
• HightemperaturespeedsuptheDRAMcelldecay.t’T’=t*e-0.0662*(T’-T)
• Underdifferenttemperature,withequivalent decaytimethesamedecaycanbeobserved.
• ThetemperaturedependencydoesnotaffecttherobustnessofthePUF.
Jin
tra
0
0.2
0.4
0.6
0.8
1
t1 t 2 t 3 t 4 t 5 t 1 t 2 t 3 t 4 t 5 t 1 t 2 t 3 t 4 t 540/C 50/C 60/C
TemperatureDependency
Jintra (i.e.similarity)ofenrollmentmeasurementstakenat40oCandmeasurementsatT’={40oC,50oC,60oC}onIntelGalileo.
15CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 16: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/16.jpg)
Stability• WetookmeasurementsfromsamePUF4monthsapart.• TheminimumJaccardindexisnoworsethanJintra.
->ThePUFisstableover4months.
Jaccard index between pairs of measurements0.75 0.8 0.85 0.9 0.95
Pro
bab
ility
0
0.02
0.04
0.06
0.08
0.1
0.12
DistributionofJaccardindexofmeasurementstakenfromthesamelogicalPUFonIntelGalileoover4monthswithdecaytime200s.
16CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 17: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/17.jpg)
Outline/Contributions• Extractdecay-basedDRAMPUFinstancesfromunmodifiedcommodity
devicesduringrun-timeoftheLinuxsystem• IntroducenewmetricsforevaluatingDRAMPUFs,basedontheJaccard
index• Throughextensiveexperiments,weshowthatDRAMPUFsexhibit
robustness,uniqueness,andstability.• Designprotocolsfordeviceauthenticationandsecurechannel
establishmentthatdrawtheirsecurityfromthetime-dependentdecayofDRAMcells
17CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 18: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/18.jpg)
ProtocolforAuthentication• Threatmodel:Apassiveattacker,whoisabletoobservethenetworktraffic• Enrollment:A definedsetofdecaytimes
T={t0,t1,...,tn}MeasurementsforeachlogicalPUF
M={mid,0,mid,1,...,mid,n }
• Authentication:Theserverchoosesthesmallestdecaytimetx notpreviouslyusedforthelogicalPUFid.
Client C Server S
D T ,M,W,Kauthreq, id
t
x
, id
m0id,x
m
0id,x
d = J(m0id,x
,mid,x
)
d > ✏
auth
: auth
d ✏
auth
: noauth
8><
>:auth / noauth
18CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 19: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/19.jpg)
SecureChannelEstablishment
Client C Server S
D T ,M,W,Kchannelreq, id
tx
, wid,x
m0id,x
kid,x
kid,x
kid,x
IfthereexistsasecurefuzzyextractorforourDRAMPUF.• EnrollmentAdefinedsetofdecaytimes
T={t0,t1,...,tn}MeasurementsforeachlogicalPUF
M={mid,0,mid,1,...,mid,n }Asetofrandomkeys
K={kid,0,kid,1,...,kid,n }Helperdata
W={wid,0,wid,1,...,wid,n }
19CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 20: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/20.jpg)
Time Dependent Decay• HowtochoosethesetofdecaytimesT={t0,t1,...,tn}?
• Securityisinthenewlyflippedbitsintx+1comparedtotx.• Security parameterεbits :numberofnewlyflippedbits.
Knowingmx,theprobabilityofarandomguessofmx+1 beingsuccessfulissmallerthan2-128.
tx tx+1
120 180 240 300 3600
0.002
0.004
0.006
0.008
0.01
0.012
Decay time (sec)
Decay
rate
120 180 240 300 3600
0.005
0.01
0.015
0.02
0.025
Decay time (sec)
Decay
rate
Redlinesindicatepossibledecaytimechallenges.IntelGalileocanprovide7challenges,andPandaBoardcanprovide2challengeswith32KBlogicalPUFanddecaytimet<360s.
20CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 21: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/21.jpg)
Conclusions• Extractdecay-basedDRAMPUFinstancesfromunmodifiedcommodity
devices.– Twoplatforms:thePandaBoard andtheIntelGalileo– Twoapproaches:acustomizedfirmware,andakernelmodule
• IntroducednewmetricsforevaluatingDRAMPUFs,basedontheJaccardindex.
• ShowedthatDRAMPUFsexhibitrobustness,uniqueness,andstabilitywiththedecaytimeaspartofthePUFchallenge.
• Designedprotocolsfordeviceauthenticationandsecurechannelestablishmentthatdrawtheirsecurityfromthetime-dependentdecayofDRAMcells.
21CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 22: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/22.jpg)
Futurework• Construct fuzzy extractor forDRAMPUF
– Jaccard index– BiasedPUF
• BetterunderstandDRAMPUFcharacteristics– Temperature dependency– Voltagedependency
• Improveread out time– Intheorderofminutes
22CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 23: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/23.jpg)
Acknowledgements
Thisworkhasbeenco-fundedbytheDFGaspartofprojectP3withintheCRC1119CROSSING,andpartlyfundedbyCASED.
ThankstoKevinRyanandEthanWeinbergerfortheirhelpwithbuildingtheheatersetup.
ThankstoIntelfordonatingtheIntelGalileoboardsusedinthiswork.
ThankstoanonymousCHESreviewers,andespeciallyourshepherd,RoelMaes.
23CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 24: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/24.jpg)
Q&A• Extractdecay-basedDRAMPUFinstancesfromunmodifiedcommodity
devices.– Twoplatforms:thePandaBoard andtheIntelGalileo– Twoapproaches:acustomizedfirmware,andakernelmodule
• IntroducednewmetricsforevaluatingDRAMPUFs,basedontheJaccardindex.
• ShowedthatDRAMPUFsexhibitrobustness,uniqueness,andstabilitywiththedecaytimeaspartofthePUFchallenge.
• Designedprotocolsfordeviceauthenticationandsecurechannelestablishmentthatdrawtheirsecurityfromthetime-dependentdecayofDRAMcells.
24CHES2016|Run-timeAccessibleDRAMPUFsinCommodityDevices| W. Xiong, et al.
![Page 25: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/25.jpg)
25
![Page 26: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/26.jpg)
DRAMcelldecay
Figure1:SchematicofaDRAMarray;arrowsindicateleakage
pathsfordissipationofchargesthatleadtoPUFbehavior.
26
tx
tx+1
![Page 27: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/27.jpg)
RobustnessandUniqueness
27
Maxfractionalintra-HD
Minfractionalinter-HD
0.0045 0.0038
0.0003 0.0012
0.0083 0.0139
0.0005 0.0032
0.0101 0.0244
0.0020 0.0057
0.0123 0.0238
0.0013 0.0080
0.0206 0.0279
0.0022 0.0124
Decaytime
device MinJintra
MaxJinter
120sPandaBoard 0.4634 0.0102
Galileo 0.7712 0.0038
180sPandaBoard 0.4382 0.0168
Galileo 0.8361 0.0044
240sPandaBoard 0.4087 0.0258
Galileo 0.6261 0.0049
300sPandaBoard 0.4222 0.0405
Galileo 0.7944 0.0055
360sPandaBoard 0.3484 0.0342
Galileo 0.8276 0.0072
Jaccard index between pairs of measurements0 0.2 0.4 0.6 0.8 1
Pro
bab
ility
0
0.05
0.1
0.15
Jinter
Jintra
Jaccard index between pairs of measurements0 0.2 0.4 0.6 0.8 1
Pro
bab
ility
0
0.05
0.1
0.15
0.2
0.25
Jinter
Jintra
Figure3:DistributionofJintra and Jinter valuesfor(left)Pandaboardand(right)IntelGalileo.
![Page 28: Run-time Accessible DRAM PUFs in Commodity Devices … · Run-time Accessible DRAM PUFs in Commodity Devices Wenjie Xiong 1, André Schaller2, Nikolaos A. Anagnostopoulos2, Muhammad](https://reader030.vdocuments.us/reader030/viewer/2022041106/5f08e0b67e708231d4242899/html5/thumbnails/28.jpg)
• HightemperaturespeedsuptheDRAMcelldecay.t’T’=t*e-0.0662*(T’-T)
• Underdifferenttemperature,withequivalent decaytimethesamedecaycanbeobserved.
• ThetemperaturedependencydoesnotaffecttherobustnessofthePUF.
Jin
tra
0
0.2
0.4
0.6
0.8
1
t1 t 2 t 3 t 4 t 5 t 1 t 2 t 3 t 4 t 5 t 1 t 2 t 3 t 4 t 540/C 50/C 60/C
Temperaturedependency
Figure5:Jintra (i.e.similarity)ofenrollmentmeasurementstakenat40oCandmeasurementsatT’={40oC,50oC,60oC}onIntelGalileo.
28