Design and Analysis of Stability-Guaranteed PUFs

The lack of stability is one of the major limitations that constrains PUF from being put in widespread practical use. In this paper, we propose a weak PUF and a strong PUF that are both completely stable with 0% intra-distance. These PUFs are called Locally Enhanced Defectivity (LED)PUF. The source of randomness of a LEDPUF is extracted from locally enhance defectivity without affecting other parts of the chip. A LEDPUF is a pure functional PUF that does not require any kinds of correction schemes as conventional parametric PUFs do. A weak LEDPUF is constructed by forming arrays of Directed Self Assembly (DSA) random connections is presented, and the strong LEDPUF is implemented by using the weak LEDPUF as the key of a keyed-hash message authentication code (HMAC). Our simulation and statistical results show that the entropy of the weak LEDPUF bits is close to ideal, and the inter-distances of both weak and strong LEDPUFs are about 50%, which means that these LEDPUFs are not only stable but also unique. We develop a new unified framework for evaluating the level of security of PUFs, based on password security, by using information theoretic tools of guesswork. The guesswork model allows to quantitatively compare, with a single unified metric, PUFs with varying levels of stability, bias and available side information. In addition, it generalizes other measures to evaluate the security level such as min-entropy and mutual information. We evaluate guesswork-based security of some measured SRAM and Ring Oscillator PUFs as an example and compare them with LEDPUF to show that stability has a more severe impact on the PUF security than biased responses. Furthermore, we find the guesswork of three new problems: Guesswork under probability of attack failure, the guesswork of idealized version of a message authentication code, and the guesswork of strong PUFs that are used for authentication.