Q&A PUF Cafe Episode 1
Vincent: Did you ever consider studying or even using other silicon-based PUFs like ring oscillators or arbiters?
Pim: Yes, we did. We did a small study of those and compared them with the properties of the SRAM PUF. What learned from our research is a few things. First of all, the SRAM PUF gives the best combination of reliability and entropy. So, that was one major advantage. But the second one is also that these ring oscillators and arbiters are less scalable. If you have to implement them in another process, in another node, you really have to redesign the circuit. Which always takes a lot of work. You basically would have to build a chip and test it. While with the SRAM, the SRAM is always there. There are usually chips out there that you can immediately evaluate or test on, which makes it much more scalable. Now there are a few other PUFs that we also have worked on, and by the way, that we also implement, like the Butterfly PUF on FPGAs and even a Buskeeper PUF on the usual semiconductor devices.
Vincent: Some of the PUFs you mentioned have multiple challenge-response pairs, like the optical PUF. SRAM PUFs do not have that. Do you see this as a major downside of using SRAM PUFs?
Pim: No, I think in fact it's an advantage. In the beginning quite some people were looking at PUFs with many challenge-response pairs. Now it turns out that this also comes with some additional problems. One being: are all the challenge-response pairs independent or are there correlations? You really have to figure out how to deal with that. But secondly, those challenges that you want to apply have to be stored somewhere. That means you need to reserve storage space for that, which is a practical problem. But also, those challenges can be changed if you don't take additional measures. Meaning an attacker could tamper with them, could change one challenge or two challenges and try to carry out a sensitivity attack. So, you get a number of other problems with that. You would have to implement additional authentication, which again opens a number of security issues. And these are advantages of the SRAM PUF that you don't have to deal with that. That's kind of automatically built in and gives it the basis for stronger security compared to these other PUFs.
Vincent: You mentioned the Butterfly PUF that was not in the presentation, but do you also see other PUFs out there that promise scalability or PUFs that you find interesting besides the ones you've already mentioned?
Pim: From a scalability point of view, I don't think we currently see a lot out there. There are a few other PUFs that certainly are being tested in a number of processes and nodes. But from what we see so far, the scalability is far away, I think, from what the SRAM PUF can offer.
Vincent: When you characterize new SRAM PUF circuits, how many PVT corners do you need to get tested?
Pim: That's a good question. I know that the team is diligently testing all the time, but I'm not deep into that. So I'm not the right person to give a very deep answer to that. But we test all the time in climate chambers that we have on the campus. There we do all these tests with PVT corners and with aging and so on. And the good thing about an SRAM PUF is that we see in all the nodes similar behavior. That's due to the fact that the physics is always very similar, namely a cell that consists of two cross-coupled inverters. That's always the same physics and hence always leads to very similar behavior.
Vincent: So, I have a question here about machine learning attacks. Is that something that you encountered with the PUFs you were working on at Philips Research and was there a way to overcome these machine learning effects?
Pim: No. So the machine learning attacks came later. I think they started probably five years ago and they mainly apply to the challenge-response PUFs. In particular, when the challenge-response PUFs are being used to provide very lightweight authentication. Sending a challenging, measuring the response, and comparing the response to a database. Now, when you have such a system and an attacker can see the responses, then based on machine learning they are good at predicting what the response might be to a new challenge. And that of course is a problem for such a system. That's also why if you want to do a secure implementation with a PUF, like what we do with the SRAM PUF, you create a key that you keep within the crypto boundaries and within the security perimeter of the chip and immediately provide it to the encryption or authentication engines. Do not send this to the outside world such that nobody can start analyzing this.
Vincent: Either during your time at Phillips or at Intrinsic ID have you been working with other companies, universities, or other external parties when doing research on PUFs?
Pim: Yes, there has been a lot of collaboration. We have worked together with many universities, like the University of Leuven in Belgium, the Universities of Eindhoven and Delft in the Netherlands, the Universities of Bochum and Darmstadt in Germany, but also MIT in the United States. We have been participants in various European projects in which all kinds of other companies also participated. So that has been always a very broad collaboration, as well with academia and with other companies in the industry to further push the boundaries of PUF technology.