Aegis: A Single-Chip Secure Processor

Suh, G. Edward; O'Donnell, Charles W; Devadas, Srinivas

doi:10.1109/mdt.2007.179

Cited by 161 publications

(75 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Lightweight ECC has an implementation complexity that is estimated to be 75% smaller than the two-stage scheme published in [21] (secure based on i.i.d. PUF output assumption) and an estimated 98% smaller than the single-stage scheme published in [18] (secure based on Dodis' framework). The results are summarized in Table 1 below.…”

Section: Implementation Complexitymentioning

confidence: 93%

“…It achieves a 75% reduction in ECC complexity compared to [21] and achieves a PUF complexity of 5 (using ten 64-sum PUFs, see Figure 1 for a description of k-sum PUFs) to as little as 1 (using two 64-sum PUFs); this is a 4x to 20x improvement. The PUF complexity reduction derives from a machine-learningbased security argument that each additional syndrome bit does not require a linear increase in the number of PUF elements (e.g., disjoint oscillator pair [18] [21] or a memory cell [1] [12] [7] [17] [8]) but instead relies on assumptions on what cannot be learned about a challengeable physical system.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Lightweight and Secure PUF Key Storage Using Limits of Machine Learning

Yu¹,

M’Raïhi²,

Sowell³

et al. 2011

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract.A lightweight and secure key storage scheme using silicon Physical Unclonable Functions (PUFs) is described. To derive stable PUF bits from chip manufacturing variations, a lightweight error correction code (ECC) encoder / decoder is used. With a register count of 69, this codec core does not use any traditional error correction techniques and is 75% smaller than a previous provably secure implementation, and yet achieves robust environmental performance in 65nm FPGA and 0.13μ ASIC implementations. The security of the syndrome bits uses a new security argument that relies on what cannot be learned from a machine learning perspective. The number of Leaked Bits is determined for each Syndrome Word, reducible using Syndrome Distribution Shaping. The design is secure from a min-entropy standpoint against a machinelearning-equipped adversary that, given a ceiling of leaked bits, has a classification error bounded by . Numerical examples are given using latest machine learning results.

show abstract

Section: Implementation Complexitymentioning

confidence: 93%

Section: Introductionmentioning

confidence: 99%

Lightweight and Secure PUF Key Storage Using Limits of Machine Learning

Yu¹,

M’Raïhi²,

Sowell³

et al. 2011

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…The work employed 2D Hamming codes for error correction. Later, a more realistic use of Bose-Chaudhuri-Hochquenghen (BCH) codes for error correction on PUF responses was proposed [9], [20]; however, the implementation cost and hardware overhead of this code is very high.…”

Section: B Error Correctionmentioning

confidence: 99%

“…In conventional usage of a PUF as a key generator, only a fixed number of secret bits need to be generated from the PUF. These bits can be used as symmetric key bits or used as a random seed to generate a public/private key pair in a secure processor [9]. However, in order for the PUF outputs to be usable in cryptographic applications, the noisy bits need to be error corrected, with the aid of helper bits, commonly referred to as a syndrome.…”

Section: Introductionmentioning

confidence: 99%

Reliable and efficient PUF-based key generation using pattern matching

Paral¹,

Devadas

2011

2011 IEEE International Symposium on Hardware-Oriented Security and Trust

Self Cite

105

View full text Add to dashboard Cite

Abstract-We describe a novel and efficient method to reliably provision and re-generate a finite and exact sequence of bits, for use with cryptographic applications, e.g., as a key, by employing one or more challengeable Physical Unclonable Function (PUF) circuit elements. Our method reverses the conventional paradigm of using public challenges to generate secret PUF responses; it exposes response patterns and keeps secret the particular challenges that generate response patterns.The key is assembled from a series of small (initially chosen or random), secret integers, each being an index into a string of bits produced by the PUF circuit(s); a PUF unique pattern at each respective index is then persistently stored between provisioning and all subsequent key re-generations. To obtain the secret integers again, a newly repeated PUF output string is searched for highest-probability matches with the stored patterns. This means that complex error correction logic such as BCH decoders are not required. The method reveals only relatively short PUF output data in public store, thwarting opportunities for modeling attacks.We provide experimental results using data obtained from PUF ASICs, which show that keys can be efficiently and reliably generated using our scheme under extreme environmental variation.

show abstract

“…This fact leads to the idea of accumulatively changing/evolving the hash function as a part of the device personality and keep tracing its evolution generations. The same identification technique is used for PUF-based identification [1][2][3] with the difference that the secret seed key and the hash mapping are unchangeable as they are physically inherent unknown intrinsic mappings. Identification using PUFs is actually the ultimate solution if the inherent properties are consistently reproducible (i.e.…”

Section: Authentication Using a Secret Hash Functionsmentioning

confidence: 99%