Secret-key capacity regions for multiple enrollments with an SRAM-PUF

C.J. Kusters (Corresponding author), F.M.J. Willems

Research output: Contribution to journalArticleAcademicpeer-review

21 Citations (Scopus)
151 Downloads (Pure)


We introduce the multiple enrollment scheme for SRAM-PUFs. During each enrollment the binary power-on values of the SRAM are observed, and a corresponding key and helper data are generated. Each key can later be reconstructed from an additional observation and the helper data. The helper data do not reveal information about the keys to an attacker. It is our goal to use the additional enrollments to consecutively increase the entropy of the generated key material.

We analyze two alternative settings. First, we present a regular setting, where each additional key is independent of all previous keys. Secondly, we introduce a key-replacement setting, where instead of an additional independent key, a new key (of increased length) is generated that replaces the old key.
We characterize the capacity regions for both settings. We show that the total achievable secret-key rate is equal to the mutual information between all enrollment observations and a single (reconstruction) observation.

We derive our results based on a statistical model for SRAM-PUF that has been proposed in the literature. This model implies a \textit{permutation symmetry} property of SRAM-PUF which plays a key role in our proofs.
Original languageEnglish
Article number8626480
Pages (from-to)2276-2287
Number of pages12
JournalIEEE Transactions on Information Forensics and Security
Issue number9
Publication statusPublished - Sept 2019


  • SRAM cell
  • Security
  • Internet of Things
  • Secret-key capacity
  • Slepian–Wolf coding


Dive into the research topics of 'Secret-key capacity regions for multiple enrollments with an SRAM-PUF'. Together they form a unique fingerprint.

Cite this