# Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs

Roel Maes<sup>1</sup>, Pim Tuyls<sup>1,2</sup>, Ingrid Verbauwhede<sup>1</sup> 1. COSIC, K.U.Leuven and IBBT 2. Intrinsic-ID, Eindhoven



### 1. Introduction

- 2. Key generation with SRAM PUFs
- 3. Toeplitz-based Universal Hashing
- 4. Implementation Results
- 5. Conclusion

## Introduction

- Tampering attacks threaten secure key storage
- Traditional tampering countermeasures induce large overhead (cost/size/power/...)



 Need for low-overhead physical protection of sensitive data → PUFs



Workshop on Cryptographic Hardware and Embedded Systems, CHES 2009, Lausanne

- 1. Introduction
- 2. Key generation with SRAM PUFs
  - Related Work
  - Soft Decision Helper Data
  - Datapath Design
- 3. Toeplitz-based Universal Hashing
- 4. Implementation Results
- 5. Conclusion

### **Related work: The SRAM PUF**

- Random manufacturing variability in ICs is a fact
- Power-up state of SRAM cells efficiently measures intrinsic device variability
  - > SRAM PUF [GKST-CHES07]
- (SRAM) PUF responses are *noisy* and *non-uniform* > fuzzy secret



### **Related work: Helper Data Algorithms**

HDA or Fuzzy Extractor extracts a secure key from a fuzzy secret





• Efficient implementation possible [BGSST-CHES08]



## **SRAM PUF Response Characteristics**



### **Soft Decision HDA**

- Regular error-correcting algorithms assume fixed bit error probability for every bit
- Additional *reliability information* of every response bit is available
  - enables Soft-Decision error correction (SD)
  - improves efficiency of ECC algorithm



### **Soft Decision Error Correction**

- Reliability information  $\rightarrow$  Log-likelihood ratio
- Soft-Decision Maximum Likelihood Decoding (SDML)
  - exponential complexity in code dimension
  - ok for repetition codes
- Generalized Multiple Concatenated decoding (GMC) of Reed-Muller Codes



#### SDML-decoding:

- SD-Repetition-Decode(L) =  $\sum (L_i)$
- SD-Degenerate-Decode(L) = L



### Soft-decision decoder: Datapath



- 1. Introduction
- 2. Key generation with SRAM PUFs
- 3. Toeplitz-based Universal Hashing
  - Related Work
  - Datapath Design
- 4. Implementation Results
- 5. Conclusion

### **Related Work: Toeplitz Universal Hash**

- (2-)Universal Hash Family H = {h<sub>i</sub>: A → B}<sub>i=1..n</sub>
  ∀ a<sub>1</sub>≠a<sub>2</sub> ∈ A and r ← [1,n]: **Pr**[h<sub>r</sub>(a<sub>1</sub>)=h<sub>r</sub>(a<sub>2</sub>)] ≤ |B|<sup>-1</sup>
- Multiplication with random Toeplitz matrix is Universal Hash → yields efficient LFSR-based implementation [Krawczyk-Crypto94]
  - Straightforward implementation not optimized for FPGA
  - e.g. if |Message| = 64 bit and |Hash| = 128 bit then: 128-bit LFSR + 64-bit SR + 128-bit accumulator = 320 flip-flops = at least 160 FPGA slices



### **Toeplitz Hash: Datapath**

 Optimize for FPGA: use resource-efficient shift registers based on Look-up-tables (LUTs)



Workshop on Cryptographic Hardware and Embedded Systems, CHES 2009, Lausanne

- 1. Introduction
- 2. Key generation with SRAM PUFs
- 3. Toeplitz-based Universal Hashing
- 4. Implementation Results
- 5. Conclusion

### **Implementation Results**

- Implemented on Xilinx Spartan 3E-500 FPGA
- Compare with best results from [BGSST-CHES2008]
  - Setting:

- Average response bit error probability: 15%
- Min-entropy of response bits: 78%
- Extract 128-bit key

- Results:

|                    | Proposed SD-HDA<br>Implementation | [BGSST-CHES2008]<br>PUF-optimized DP | [BGSST-CHES2008]<br>HDA-optimized DP |
|--------------------|-----------------------------------|--------------------------------------|--------------------------------------|
| HDA size (slices)  | 237                               | ≥ 907                                | ≥ 429                                |
| Cycles             | 10298                             | ≥ 24024                              | ≥ 29925                              |
| Performance        | 205µs @ 50.2MHz                   | 159μs @ 151.5MHz                     | 171µs @ 175.4MHz                     |
| SRAM PUF size      | 1536 bit                          | 3696 bit                             | 6160 bit                             |
| Helper Data length | 13952 bit                         | 3824 bit                             | 6288 bit                             |

- 1. Introduction
- 2. Key generation with SRAM PUFs
- 3. Toeplitz-based Universal Hashing
- 4. Implementation Results
- 5. Conclusion

## Conclusion

- PUF-based secret key storage is very appealing, but *implementation overhead* should be small!
- Efficient Soft-Decision Decoder reduces minentropy loss of HDA → *smaller PUF (-58.4%)*
- Using FPGA-optimized shift registers significantly reduces implementation cost of Universal Hash
  → smaller HDA (-44.8%)
- Increased Helper Data length and more effort during enrollment are *trade-offs*

### Thank you!