Secret-key capacity regions for multiple enrollments with an SRAM-PUF

C.J. Kusters; F.M.J. Willems

doi:10.1109/TIFS.2019.2895552

Secret-key capacity regions for multiple enrollments with an SRAM-PUF

C.J. Kusters (Corresponding author), F.M.J. Willems

Research output: Contribution to journal › Article › Academic › peer-review

21 Citations (Scopus)

151 Downloads (Pure)

Abstract

We introduce the multiple enrollment scheme for SRAM-PUFs. During each enrollment the binary power-on values of the SRAM are observed, and a corresponding key and helper data are generated. Each key can later be reconstructed from an additional observation and the helper data. The helper data do not reveal information about the keys to an attacker. It is our goal to use the additional enrollments to consecutively increase the entropy of the generated key material.

We analyze two alternative settings. First, we present a regular setting, where each additional key is independent of all previous keys. Secondly, we introduce a key-replacement setting, where instead of an additional independent key, a new key (of increased length) is generated that replaces the old key.
We characterize the capacity regions for both settings. We show that the total achievable secret-key rate is equal to the mutual information between all enrollment observations and a single (reconstruction) observation.

We derive our results based on a statistical model for SRAM-PUF that has been proposed in the literature. This model implies a \textit{permutation symmetry} property of SRAM-PUF which plays a key role in our proofs.

Original language	English
Article number	8626480
Pages (from-to)	2276-2287
Number of pages	12
Journal	IEEE Transactions on Information Forensics and Security
Volume	14
Issue number	9
DOIs	https://doi.org/10.1109/TIFS.2019.2895552
Publication status	Published - Sept 2019

Keywords

SRAM cell
Security
Internet of Things
Secret-key capacity
Slepian–Wolf coding

Access to Document

10.1109/TIFS.2019.2895552

authorversionFinal author version , 1.75 MB

Cite this

@article{4483cd3109bc43c68b367bea21e6911b,

title = "Secret-key capacity regions for multiple enrollments with an SRAM-PUF",

abstract = "We introduce the multiple enrollment scheme for SRAM-PUFs. During each enrollment the binary power-on values of the SRAM are observed, and a corresponding key and helper data are generated. Each key can later be reconstructed from an additional observation and the helper data. The helper data do not reveal information about the keys to an attacker. It is our goal to use the additional enrollments to consecutively increase the entropy of the generated key material.We analyze two alternative settings. First, we present a regular setting, where each additional key is independent of all previous keys. Secondly, we introduce a key-replacement setting, where instead of an additional independent key, a new key (of increased length) is generated that replaces the old key.We characterize the capacity regions for both settings. We show that the total achievable secret-key rate is equal to the mutual information between all enrollment observations and a single (reconstruction) observation.We derive our results based on a statistical model for SRAM-PUF that has been proposed in the literature. This model implies a \textit{permutation symmetry} property of SRAM-PUF which plays a key role in our proofs.",

keywords = "SRAM cell, Security, Internet of Things, Secret-key capacity, Slepian–Wolf coding",

author = "C.J. Kusters and F.M.J. Willems",

year = "2019",

month = sep,

doi = "10.1109/TIFS.2019.2895552",

language = "English",

volume = "14",

pages = "2276--2287",

journal = "IEEE Transactions on Information Forensics and Security",

issn = "1556-6013",

publisher = "Institute of Electrical and Electronics Engineers",

number = "9",

}

TY - JOUR

T1 - Secret-key capacity regions for multiple enrollments with an SRAM-PUF

AU - Kusters, C.J.

AU - Willems, F.M.J.

PY - 2019/9

Y1 - 2019/9

N2 - We introduce the multiple enrollment scheme for SRAM-PUFs. During each enrollment the binary power-on values of the SRAM are observed, and a corresponding key and helper data are generated. Each key can later be reconstructed from an additional observation and the helper data. The helper data do not reveal information about the keys to an attacker. It is our goal to use the additional enrollments to consecutively increase the entropy of the generated key material.We analyze two alternative settings. First, we present a regular setting, where each additional key is independent of all previous keys. Secondly, we introduce a key-replacement setting, where instead of an additional independent key, a new key (of increased length) is generated that replaces the old key.We characterize the capacity regions for both settings. We show that the total achievable secret-key rate is equal to the mutual information between all enrollment observations and a single (reconstruction) observation.We derive our results based on a statistical model for SRAM-PUF that has been proposed in the literature. This model implies a \textit{permutation symmetry} property of SRAM-PUF which plays a key role in our proofs.

AB - We introduce the multiple enrollment scheme for SRAM-PUFs. During each enrollment the binary power-on values of the SRAM are observed, and a corresponding key and helper data are generated. Each key can later be reconstructed from an additional observation and the helper data. The helper data do not reveal information about the keys to an attacker. It is our goal to use the additional enrollments to consecutively increase the entropy of the generated key material.We analyze two alternative settings. First, we present a regular setting, where each additional key is independent of all previous keys. Secondly, we introduce a key-replacement setting, where instead of an additional independent key, a new key (of increased length) is generated that replaces the old key.We characterize the capacity regions for both settings. We show that the total achievable secret-key rate is equal to the mutual information between all enrollment observations and a single (reconstruction) observation.We derive our results based on a statistical model for SRAM-PUF that has been proposed in the literature. This model implies a \textit{permutation symmetry} property of SRAM-PUF which plays a key role in our proofs.

KW - SRAM cell

KW - Security

KW - Internet of Things

KW - Secret-key capacity

KW - Slepian–Wolf coding

UR - http://www.scopus.com/inward/record.url?scp=85066466828&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2019.2895552

DO - 10.1109/TIFS.2019.2895552

M3 - Article

AN - SCOPUS:85066466828

SN - 1556-6013

VL - 14

SP - 2276

EP - 2287

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

IS - 9

M1 - 8626480

ER -

Secret-key capacity regions for multiple enrollments with an SRAM-PUF

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

RESCURE: Retrofit Security for Critical infrastructures

Cite this

Secret-key capacity regions for multiple enrollments with an SRAM-PUF

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Projects

RESCURE: Retrofit Security for Critical infrastructures

Cite this