Conference Paper

High-Temperature Stable Physical Unclonable Functions with Error-Free Readout Scheme Based on 28nm SG-MONOS Flash Memory for Security Applications

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... The ability of Flash-memory-based PUFs to provide adequate security under nominal conditions has been examined in a number of relevant works [70,89,161,162,191]. In this work, as already mentioned, we will focus on NAND-Flash-memory-based PUFs that utilise programming disturbances. ...
... A number of works have already assessed the quality of the responses of memory-based PUFs under ambient temperature variations. In particular, SRAM PUFs [3,4,113,145,185,186,192], all types of DRAM-based PUFs [79,80,82,83,85,86,87,88,143,144,147,153,158,192], as well as Flash-memory-based PUFs [89,147,161,162,191,193], have been shown to be mildly or even heavily affected by variations of the relevant ambient temperature. Therefore, we can conclude that most, if not all, memory-based PUFs are somewhat dependent on the ambient temperature and are affected by changes of its value. ...
... As already mentioned, a number of relevant works examine the effects of ambient temperature variations on Flash-memory-based PUFs [89,147,161,162,191,193]. In general, these works observe that ambient temperature variations have a rather minor effect on the quality of the responses of Flashmemory-based PUFs. ...
Thesis
Full-text available
In this work, we examine whether Physical Unclonable Functions (PUFs) can act as lightweight security mechanisms for practical applications in the context of the Internet of Things (IoT). In order to do so, we first discuss what PUFs are, and note that memory-based PUFs seem to fit the best to the framework of the IoT. Then, we consider a number of relevant memory-based PUF designs and their properties, and evaluate their ability to provide security in nominal and adverse conditions. Finally, we present and assess a number of practical PUF-based security protocols for IoT devices and networks, in order to confirm that memory-based PUFs can indeed constitute adequate security mechanisms for the IoT, in a practical and lightweight fashion. More specifically, we first consider what may constitute a PUF, and we redefine PUFs as inanimate physical objects whose characteristics can be exploited in order to obtain a behaviour similar to a highly distinguishable (i.e., “(quite) unique”) mathematical function. We note that PUFs share many characteristics with biometrics, with the main difference being that PUFs are based on the characteristics of inanimate objects, while biometrics are based on the characteristics of humans and other living creatures. We also note that it cannot really be proven that PUFs are unique per instance, but they should be considered to be so, insofar as (human) biometrics are also considered to be unique per instance. We, then, proceed to discuss the role of PUFs as security mechanisms for the IoT, and we determine that memory-based PUFs are particularly suited for this function. We observe that the IoT nowadays consists of heterogeneous devices connected over diverse networks, which include both high-end and resource-constrained devices. Therefore, it is essential that a security solution for the IoT is not only effective, but also highly scalable, flexible, lightweight, and cost-efficient, in order to be considered as practical. To this end, we note that PUFs have been proposed as security mechanisms for the IoT in the related work, but the practicality of the relevant security mechanisms has not been sufficiently studied. We, therefore, examine a number of memory-based PUFs that are implemented using Commercial Off-The-Shelf (COTS) components, and assess their potential to serve as acceptable security mechanisms in the context of the IoT, not only in terms of effectiveness and cost, but also under both nominal and adverse conditions, such as ambient temperature and supply voltage variations, as well as in the presence of (ionising) radiation. In this way, we can determine whether memory-based PUFs are truly suitable to be used in the various application areas of the IoT, which may even involve particularly adverse environments, e.g., in IoT applications involving space modules and operations. Finally, we also explore the potential of memory-based PUFs to serve as adequate security mechanisms for the IoT in practice, by presenting and analysing a number of cryptographic protocols based on these PUFs. In particular, we study how memory-based PUFs can be used for key generation, as well as device identification, and authentication, their role as security mechanisms for current and next-generation IoT devices and networks, and their potential for applications in the space segment of the IoT and in other adverse environments. Additionally, this work also discusses how memory-based PUFs can be utilised for the implementation of lightweight reconfigurable PUFs that allow for advanced security applications. In this way, we are able to confirm that memory-based PUFs can indeed provide flexible, scalable, and efficient security solutions for the IoT, in a practical, lightweight, and inexpensive manner.
... To this end, in this paper, we propose a PUF exploiting the intrinsic variability in the string current of 3-D NAND flash memory. Although several PUF implementations based on the digital program disturb, program latency, read disturb, read latency, erase latency, repeated erase cycling, program/erase wearing of cells, number of partial programing pulses required to adequately program the cell, and program/erase efficiency of the floating gate, and split-gate memory arrays have been proposed [35]- [39], to the best of our knowledge, this paper is the first PUF proposal based on the analog behavior of 3-D charge-trap (CT) Macaroni body NAND flash array. We first characterized the variability in the string current with the aid of the Monte Carlo simulations utilizing the recently developed compact model for 3-D NAND flash memory including the parasitic capacitive coupling [40]. ...
... Considering the values (Table I) utilized in this paper for proof of concept demonstration, the number of possible CRPs is ∼5 × 10 10 or 2 35 . Furthermore, the number of CRPs which may be attained from a commercial 3-D NAND flash memory array [41], [42] (Table I) already exceeds ∼10 31 or 2 103 . ...
... However, the detailed analysis of the PUF performance metrics such as BER in the presence of flicker noise is limited due to the lack of experimental data on the distribution of flicker noise power spectral density among different cells within the bit strings in a 3-D NAND flash array. In addition, since the memory state of the 3-D NAND flash cells is known to drift significantly upon application of high-temperature stress for prolonged durations [32], [34], [35], long-term baking at high temperatures may pose a serious challenge to the reliability of the proposed PUF. However, this analysis is limited due to the unavailability of the experimental results for the drift in the memory state with time for different cells within the bit string of 3-D NAND flash array. ...
Article
The 3-D nand flash memory has become an integral part of the cyber-physical systems to cope with the huge data explosion in this era of Internet of Things (IoT). Moreover, hardware security primitives such as physical unclonable function (PUF) have become indispensable in the functional circuits of these cyber-physical systems for protection against security vulnerabilities and adversary attacks. Therefore, in this paper, for the first time, we propose a PUF exploiting the intrinsic variability in the string current of the ubiquitous 3-D nand flash memory owing to the process variations and the inherent material imperfections such as grain boundaries and the associated traps. With the aid of the Monte Carlo simulations utilizing a calibrated compact model for 3-D nand flash memory, we demonstrate that the proposed PUF exhibits excellent performance metrics such as uniformity (UF) (50%), diffuseness (DF) (50%), and uniqueness (UQ) (50.08%) and is resilient to the machine learning attacks. The ultradense 3-D nand flash memory array also enables a significantly large set of challenge-response pairs (CRPs) for a strong PUF action.
... In 2012, Wang et al. used unmodified COTS Flash memory to create both true random number generators and PUFs [6]. In general, the ability of Flash-memory-based PUFs to provide adequate security under nominal conditions has been examined in a number of relevant works [5]- [9]. More specifically, a number of previous works have examined NAND-Flash-memory-based PUFs that utilise programming disturbances [2], [3], [5], [7], [8]. ...
... Additionally, a number of relevant works have examined the effects of ambient temperature variations on Flash-memorybased PUFs [2], [3], [6]- [9], [11], [12]. In general, these works observe that ambient temperature variations have a rather minor effect on the quality of the responses of Flashmemory-based PUFs. ...
Conference Paper
Full-text available
In this work, we present a Physical Unclonable Function (PUF) implemented on a Commercial Off-The-Shelf (COTS) NAND Flash memory module using programming disturbances, and examine the robustness of its responses to environmental variations. In particular, we test a removable Flash memory module serving as a PUF, under nominal conditions, as well as under temperature and voltage variations. To determine its resilience to environmental variations, we utilise well-known PUF metrics, such as the Hamming weight and the intra-device Hamming distance. Our results prove that, in general, the tested Samsung K9F1G08U0E NAND Flash memory can be used to realise a lightweight, scalable, and flexible hardware security primitive, namely a PUF, that can be utilised in the context of smart homes, smart vehicles, and other smart applications, as well as to protect commercial devices and networks in general. However, voltage variations seem to pose a substantial threat to the adoption of this PUF in practice. This threat may be addressed by small-scale design improvements that should be implemented and tested in practice as part of future works.
... Flash-memory-based Physical Unclonable Functions (PUFs) have recently been proposed in the relevant literature [1]- [5] as a lightweight and sustainable security primitive, because their implementation and operation are rather cost-efficient. More specifically, only lightweight software is required for their operation, and they either may not require any hardware addition, as Flash memories are often inherent parts of computing systems, e.g., Internet-of-Things (IoT) devices, or may be reusable in different systems, as they are also often found in removable modules. ...
Preprint
Full-text available
p>In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and examine the current shortcomings of existing NAND-Flash-memory PUFs that are based on programming disturbances as well as how these could potentially be addressed in order to provide more robust and more sustainable security solutions. This work was accepted for and presented at the Workshop on Sustainability in Security, Security for Sustainability, which took place on 18 March 2022 and was co-located with the 25th Design, Automation and Test in Europe Conference & Exhibition (DATE 2022).</p
... Flash-memory-based Physical Unclonable Functions (PUFs) have recently been proposed in the relevant literature [1]- [5] as a lightweight and sustainable security primitive, because their implementation and operation are rather cost-efficient. More specifically, only lightweight software is required for their operation, and they either may not require any hardware addition, as Flash memories are often inherent parts of computing systems, e.g., Internet-of-Things (IoT) devices, or may be reusable in different systems, as they are also often found in removable modules. ...
Preprint
Full-text available
In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and examine the current shortcomings of existing NAND-Flash-memory PUFs that are based on programming disturbances as well as how these could potentially be addressed in order to provide more robust and more sustainable security solutions.
... Flash-memory-based Physical Unclonable Functions (PUFs) have recently been proposed in the relevant literature [1]- [5] as a lightweight and sustainable security primitive, because their implementation and operation are rather cost-efficient. More specifically, only lightweight software is required for their operation, and they either may not require any hardware addition, as Flash memories are often inherent parts of computing systems, e.g., Internet-of-Things (IoT) devices, or may be reusable in different systems, as they are also often found in removable modules. ...
Preprint
Full-text available
p>In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and examine the current shortcomings of existing NAND-Flash-memory PUFs that are based on programming disturbances as well as how these could potentially be addressed in order to provide more robust and more sustainable security solutions. This work was accepted for and presented at the Workshop on Sustainability in Security, Security for Sustainability, which took place on 18 March 2022 and was co-located with the 25th Design, Automation and Test in Europe Conference & Exhibition (DATE 2022).</p
... When looking at the development of different Flash PUFs, there are several important trends to recognize. The first Flash PUFs were created from 2012-2017[23,24,25,26]. These seminal works were predominately focused on showing how Flash memory was a viable candidate for memory-based PUFs. ...
Preprint
Full-text available
In this paper, we propose flash-based hardware security primitives as a viable solution to meet the security challenges of the IoT and specifically telehealth markets. We have created a novel solution, called the High and Low (HaLo) method, that generates physical unclonable function (PUF) signatures based on process variations within flash memory in order to uniquely identify and authenticate remote sensors. The HaLo method consumes 60% less power than conventional authentication schemes, has an average latency of only 39ms for signature generation, and can be readily implemented through firmware on ONFI 2.2 compliant off-the-shelf NAND flash memory chips. The HaLo method generates 512 bit signatures with an average error rate of 5.9 * 10^-4, while also adapting for flash chip aging. Due to its low latency, low error rate, and high power efficiency, the HaLo method could help progress the field of remote patient monitoring by accurately and efficiently authenticating remote health sensors.
... Given the impor- tance of these information from the viewpoints of chip level security, they are stored in the dedicated areas of eFlash HMs or in the dedicated eFlash HM, which is accessible only by security unit. SG-MONOS based physical unclonable function (PUF) was proposed for implementation of unique device ID [14]. ...
Article
Embedded system approaches to edge computing in IoT implementations are proposed and discussed. Rationales of edge computing and essential core capabilities for IoT data supply innovation are identified. Then, innovative roles and development of MCU and embedded flash memory are illustrated by technology and applications, expanding from CPS to big-data and nomadic/autonomous elements of IoT requirements. Conclusively, a technology roadmap construction specific to IoT is proposed.
Article
Full-text available
Since the inception of encrypted messages thousands of years ago, mathematicians and scientists have continued to improve encryption algorithms in order to create more secure means of communication. These improvements came by means of more complex encryption algorithms that have stronger security features such as larger keys and trusted third parties. While many new processors can handle these more complex encryption algorithms, IoT devices on the edge often struggle to keep up with resource intensive encryption standards. In order to meet this demand for lightweight, secure encryption on the edge, this paper proposes a novel solution, called the High and Low (HaLo) method, that generates Physical Unclonable Function (PUF) signatures based on process variations within flash memory. These PUF signatures can be used to uniquely identify and authenticate remote sensors, and help ensure that messages being sent from remote sensors are encrypted adequately without requiring computationally expensive methods. The HaLo method consumes 20x less power than conventional authentication schemes commonly used with IoT devices, it has an average latency of only 39ms for 512 bit signature generation, and the average error rate is below 0.06%. Due to its low latency, low error rate, and high power efficiency, the HaLo method can progress the field of IoT encryption standards by accurately and efficiently authenticating remote sensors without sacrificing encryption integrity.
Preprint
Full-text available
p>This article reviews complementary metal-oxide-semiconductor (CMOS) based physically unclonable functions (PUFs) in terms of types, structures, metrics, and challenges. The article reviews and classifies the most basic PUF types. The article reviews the basic variations originated during a metal–oxide–semiconductor field-effect transistor (MOSFET) fabrication process. Random variations at transistor level lead to acquiring unique properties for electronic chips. These variations help a PUF system to generate a unique response. This article discusses various concepts which allow for more variations at CMOS technology, layout, masking, and design levels. It also discusses various PUF related topics.</p
Article
This paper demonstrates the total ionizing dose (TID) impact on a NAND flash memory-based physical unclonable function (PUF). We used commercial-off-the-shelf flash memory chips to generate PUF. The flash chip is irradiated with Co-60 gamma rays up to 10 krad(Si). The irradiated chip shows significant accuracy degradation (bit error 12%) of the flash-PUF. We show that TID-induced trapped charges in the oxide alters the intrinsic cell properties causing accuracy degradation of flash-PUF. We propose two independent techniques to improve PUF accuracy under the radiation environment. The first technique relies on electrical annealing which compensates the trapped charges by program stressing. The second technique uses radiation compensation method by adaptive PUF generation process. Our experimental results show that the accuracy degradation can be as low as 1.5% for TID upto 10 krad(Si) with these radiation mitigation techniques.
Article
Full-text available
Over the last two decades, hardware security has gained increasing attention in academia and industry. Flash memory has been given a spotlight in recent years, with the question of whether or not it can prove useful in a security role. Because of inherent process variation in the characteristics of flash memory modules, they can provide a unique fingerprint for a device and have thus been proposed as locations for hardware security primitives. These primitives include physical unclonable functions (PUFs), true random number generators (TRNGs), and integrated circuit (IC) counterfeit detection. In this paper, we evaluate the efficacy of flash memory-based security primitives and categorize them based on the process variations they exploit, as well as other features. We also compare and evaluate flash-based security primitives in order to identify drawbacks and essential design considerations. Finally, we describe new directions, challenges of research, and possible security vulnerabilities for flash-based security primitives that we believe would benefit from further exploration.
Article
Emerging physical unclonable function (PUF) circuit designs in the IC supply chain pose not only a challenge to security threats but also a serious concern about hardware efficiency. The existing conventional PUF methods extract intrinsic random physical variation to generate two-valued secret key bits, which lack logical complexity and have poor efficiency in interconnect lines. This paper proposes a multiple-valued logic PUF circuit (MPUF), which focuses on adding logical complexity and minimizing hardware cost by processing on multilevel-cell and interconnect lines. The twins' cell is selected as the MPUF cell to source the multiple-valued physical variation, and the bit-line sharing strategy was integrated to implement the four-valued PUF data. After full-custom designing, the MPUF with 512 cells only needs 16 transmit bit lines. The proposed MPUF chip is fabricated under 65-nm CMOS technology and the core area occupies approximately 0.016 mm <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">2</sup> with a 4.9-μm <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">2</sup> bitcell size. The measured results show that the MPUF data passed National Institute of Standards and Technology randomness tests, and that it operates 0.1-pJ/b energy efficiency at 1.2 V, ensures randomness and uniqueness with 50.42% hamming distance, and less than 0.04 autocorrelation at 95% confidence level. Compared with other state of the arts, logical complexity improves 50% for resisting power attacks.