Content uploaded by Kaiyuan Yang
Author content
All content in this area was uploaded by Kaiyuan Yang on Jul 05, 2021
Content may be subject to copyright.
1
Exploring PUF-Controlled PA Spectral Regrowth for Physical-Layer
Identification of IoT Nodes
Qiang Zhou*, Yan He*, Kaiyuan Yang, Taiyun Chi
Rice University, Houston TX 77006
2021 IEEE International Solid- State Circuits Conference - (ISSCC)
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be
obtained for all other uses, in any current or future media, including
reprinting/republishing this material for advertising or promotional purposes,
creating new collective works, for resale or redistribution to servers or lists, or reuse of
any copyrighted component of this work in other works.
2
Exploring PUF-Controlled PA Spectral Regrowth for Physical-Layer Identification of IoT Nodes
It is projected that 75 billion IoT devices will be deployed for applications such as wearable electronics
and smart home by 2025. Securing IoT devices is one of the most significant barriers we need to overcome
for large-scale IoT adoption. Conventional wireless security has been implemented solely using upper-layer
cryptography [1]. Unfortunately, IoT nodes are often energy-constrained and may not have enough
computational resources to implement advanced asymmetric cryptographic algorithms [2-3]. To overcome
this challenge, there has been growing interest in leveraging the physical impairments of the radios that are
bonded to specific TX for secure identification [4-6], a.k.a. RF fingerprinting. If Bob (the RX) has sufficient
sensitivity, it can identify Alice (the legitimate TX) and the malicious impersonator during demodulation based
on their inherent radio signatures, similar to how we distinguish different people based on their unique voice
signatures (Fig. 12.3.1). As the device-dependent radio impairments come from process variation, it is
challenging for impersonators to forge in practice. In addition, unlike cryptographic approaches that device
IDs are inserted in preambles and checked only once a while, RF fingerprinting enables continuous
identification at any moment during communication, leading to a tighter bond between the data packet and
device.
A few RF physical-layer identification prototypes have been demonstrated using off-the-shelf radios. In
[4], carrier frequency offset (CFO) is used as the RF fingerprint. However, the measured CFO difference is
only 1.2kHz with a 2.4GHz carrier, resulting in merely 0.5ppm variation across all devices to be identified.
Such a subtle inter-device variation requires highly sensitive benchtop instruments (spectrum analyzers or
oscilloscopes) for feature extraction, far beyond the processing capability of IoT nodes.
To maximize the dynamic range of the RF fingerprint and facilitate low-overhead feature extraction, we
propose to redesign the TX frontend of IoT nodes hardened with a digital security engine (Fig. 12.3.1). Here
we assume the IoT network is asymmetric including a single RX hub and multiple energy-constrained TX
distributed in the field. First, we choose to integrate the TX spectral regrowth over a narrow frequency window
3
in which the power spectral density (PSD) presents the most significant inter-device variability and leverage
such out-of-band leakage power (OOBLP) as the fingerprint. This is because wireless standards typically
impose stringent in-band requirements such as I/Q mismatch, EVM, etc., but the specification for spectral
regrowth is fairly relaxed for low-power IoT standards such as BLE and Zigbee. As long as the spectral mask
is satisfied, exploring OOBLP will not compromise the in-band signal quality, but rather guarantee a large
identification space. Second, we implement a digital PUF (Physically Unclonable Function) to amplify the
intrinsic device variation and manipulate the probability distribution of the spectral regrowth across all the
devices. This further enhances the uniqueness of the fingerprint and relaxes the resolution requirement of
the RX feature extraction.
As proof of concept, we report an integrated physical-layer identification chip for IoT applications at
2.4GHz. It consists of a PA with 0.5V VDD, a PUF and DAC with 1V VDD, and a built-in spectral regrowth and
in-band power (IBP) monitoring circuit (Fig. 12.3.1). The power cell of the PA is based on the multi-gate
transistor (MGTR) technique [7]. The biasing of the main path (VBM) is slightly lower than the Gm3 “sweet spot”
while the biasing of the auxiliary path (VBA) is higher than that. Tuning VBA changes the shape of spectral
regrowth with minimal effect on the in-band PA output. A harmonic-rejection output network (Fig. 12.3.1) is
implemented on-chip to filter out 2nd and 3rd harmonic contents. In particular, C3p and two symmetrically
embedded branches inside the transformer forms a 3rd harmonic open. Together with the parallel resonators
at 2f0 and 3f0 on the secondary side, the measured 2nd and 3rd harmonic suppression are >48.5dBc at 0dBm
Pout.
VBA is generated by a digital PUF and a DAC to randomize the inter-device spectral regrowth. The
probability density function (PDF) of the raw PUF output is uniform, but the transfer function between OOBLP
and VBA is nonlinear, resulting in an excessively high probability when OOBLP is low (Fig. 12.3.2). To alleviate
this problem, we insert a lookup table (LUT) before the DAC to pre-distort the probability distribution of the
PUF output. Combining the measured OOBLP – VBA transfer function and LUT weighting, the proposed PUF
4
engineering scheme realizes a uniform distribution for OOBLP and minimizes the chance that two devices
present very similar fingerprints (Fig. 12.3.2). A inverter-chain-based PUF cell design [8] is employed as the
entropy source (Fig. 12.3.3). Conventionally, PUFs are tested through external IOs for enrollment. But the
digital PUF values are not necessary for identification and thus are not exposed to IOs for better security. To
guarantee the reproducibility, four independent cells are implemented for each bit and a self-screening circuit
is designed to find the bit cell that does not show a single error during enrollment.
To simplify the testing, we implement a built-in feature extraction circuit that is capacitively coupled to the
PA output. It consists of a power detector (PD), a down-conversion mixer, and a low-pass filter (Fig. 12.3.3).
IBP can be directly monitored using the PD and its measured output voltage against PA output is shown in
Fig. 12.3.3. In the PA measurement, we first disable the PUF and feed VBA off-chip. A 2Mb/s π/4-DQPSK
signal with a RRC pulse shaping (roll-off factor = 0.4) is used at 2.5GHz, which has the same modulation
parameters as the payload in the Bluetooth Enhanced Data Rate (EDR) mode. When VBA is changed from
220mV to 320mV, integrating the spectral regrowth from 1.2 to 1.3MHz away from the carrier introduces a
11.9dB OOBLP variation at the PA output and a 10.7dB variation at the down-converted output (Fig. 12.3.4).
The IBP varies from 3.4 to 4.8dBm, resulting in only 1.4dB difference, and the measured EVM varies from
2.8% to 4.7%. Nine chips are tested and a consistent >11.5dB OOBLP variation and <1.5dB IBP variation is
achieved (Fig. 12.3.4). Then we turn on the PUF, program it with 16 different settings for each chip, and
record IBP and OOBLP with 16×9=144 data points in total. The histogram is plotted in Fig. 12.3.4, which
presents a slight difference compared to the uniform distribution in Fig. 12.3.2 due to limited number of
samples.
To benchmark the identification performance using the measured 144 data points, we first assign a
decision threshold assuming a certain ENOB of the RX feature extraction and then calculate the false
identification rate (FIR). 5% FIR is achieved with 10-bit ENOB (Fig. 12.3.5), which is limited by the worst-
case inter-device distance of OOBLP. We also perform an over-the-air identification demonstration in a lab
5
environment by connecting six PAs to antennas (Fig. 12.3.5). We fix the location of the PAs, and move the
RX (a spectrum analyzer with an antenna) to a new location whenever we switch the PA in the setup. After
de-embedding the path loss, the measured OOBLP is compared to the 144 reference fingerprints. Tested
under three PUF settings at each location, the FIR reaches 0 with 6-bit ENOB of the RX feature extraction.
The maximum intra-device distance of OOBLP is ~2LSB, which is introduced by noise and fading of the
wireless channel. A performance comparison is summarized in Fig. 12.3.6. This work is the first
demonstration of an integrated RF fingerprinting chip. By exploring PUF-controlled spectral regrowth, the
proposed identification mechanism features a large fingerprint variability and incurs minimal
power/area/redesign overhead.
References:
[1] A. Pathan, H.-W. Lee and C. Hong, “Security in wireless sensor networks: issues and challenges,” 2006
8th International Conference Advanced Communication Technology, Phoenix Park, 2006.
[2] N. Potlapally et al., “A study of the energy consumption characteristics of cryptographic algorithms and
security protocols,” IEEE Trans. Mobile Comput., vol. 5, no. 2, pp. 128-143, Feb. 2006.
[3] M. Mahmoud and X. Shen, “ESIP: Secure Incentive Protocol with limited use of public-key cryptography
for multihop wireless networks,” IEEE Trans. Mobile Comput., vol. 10, no. 7, pp. 997-1010, Jul. 2011.
[4] W. Hou, X. Wang, J. Chouinard and A. Refaey, “Physical Layer Authentication for Mobile Systems with
Time-Varying Carrier Frequency Offsets,” IEEE Transactions on Communications, vol. 62, no. 5, pp. 1658-
1667, May 2014.
[5] B. Chatterjee, D. Das and S. Sen, “RF-PUF: IoT security enhancement through authentication of wireless
nodes using in-situ machine learning,” IEEE International Symposium on Hardware Oriented Security and
Trust (HOST), Washington, DC, 2018.
[6] Z. Li, W. Xu, R. Miller, and W. Trappe, “Securing wireless systems via lower layer enforcements,” in Proc.
5th ACM Workshop Wireless Secur., pp. 34-42, 2006.
6
[7] T. Joo, B. Koo and S. Hong, “A WLAN RF CMOS PA With Large-Signal MGTR Method,” IEEE TMTT, vol.
61, no. 3, pp. 1272-1279, March 2013.
[8] D. Li and K. Yang, “25.1 A 562F2 Physically Unclonable Function with a Zero-Overhead Stabilization
Scheme,” IEEE ISSCC, pp. 400-402, Feb. 2019.
[9] M. Babaie et al., “A Fully Integrated Bluetooth Low-Energy Transmitter in 28 nm CMOS With 36% System
Efficiency at 3 dBm,” IEEE JSSC, vol. 51, no. 7, pp. 1547-1565, July 2016.
[10] S. Yang, J. Yin, H. Yi, W. Yu, P. Mak and R. P. Martins, “A 0.2-V Energy-Harvesting BLE Transmitter
With a Micropower Manager Achieving 25% System Efficiency at 0-dBm Output and 5.2-nW Sleep Power in
28-nm CMOS,” IEEE JSSC, vol. 54, no. 5, pp. 1351-1362, May 2019
7
Fig. 12.3.1. Exploring device-dependent spectral regrowth as the RF fingerprint for identification of IoT nodes.
The spectral regrowth is controlled by the PA auxiliary biasing (VBA) which is generated by a digital PUF.
2:6
4:3 PA
Output
Output Network with
Harmonic Rejection
VBM 3f0
fC
Same Message but Unique
Voice Signatures
Similar In-Band Signal but Distinctive Spectral
Regrowth due to Unique TX Nonlinearity
Device-Dependent
Leakage as Fingerprint
PUF+LUT+
DAC
MGTR
RF In Output
Balun
LO
IF Out
PD Out
Digital
Security
Engine
2.4GHz IoT PA
Spectral Regrowth and In-
Band Power Sensing
VBM
VBA
Aux
Main
VBA from
PUF+DAC
VDD C3p
C3p
3f0
2f0Spectral
Regrowth
Sensing
Input
PA Schematic
Aux
Main
BobAlice
Impersonator
I am Alice
Input
Balun
Alice (TX)Bob (RX)
Impersonator
8
Fig. 12.3.2. Probability distribution of the out-of-band leakage power (OOBLP) with and without the LUT. A
uniform distribution is achieved for OOBLP using the proposed PUF engineering scheme.
VBA (V)
OOBLP (μW)
VBA (V)
PDF (V-1)
Raw PUF Output
0.22 0.24 0.26
Pre-Distort PUF
Output Using LUT
Meas. OOBLP – VBA
Transfer Function
VBA (V)
0
0.2
0.4
0.6
0.32
VBA (V)
PDF (V-1)
7
8
9
10
11
12
5
10
15
20
25
Probability Distribution of
OOBLP with LUT
00.2 0.4 0.6 0.8 1.0
0
1000
2000
3000
4000
Counts
1M Samples
256 Bins
OOBLP (μW)
OOBLP (μW)
Uniform Distribution with LUT
fc
fc
fcfc
fc
PUF
VBA1
Node #1
DAC
8PA LUT
PUF
VBA1
Node #1
DAC PA
8
PUF
VBA2
Node #2
DAC
8PA
PUF
VBAN
Node #N
DAC
8PA
LUT
PUF
VBA2
Node #2
DAC PA
8
LUT
PUF
VBAN
Node #N
DAC PA
8
fc
0.28 0.30 0
0.22 0.24 0.26 0.320.28 0.30 0.22 0.24 0.26 0.320.28 0.30
0.8
1.0
Meas. OOBLP – VBA
Transfer Function
0
0.2
0.4
0.6
0.22 0.24 0.26 0.320.28 0.30
0.8
1.0
Probability Distribution of
OOBLP without LUT
00.2 0.4 0.6 0.8 1.0
0
10000
20000
30000
40000
Counts
1M Samples
256 Bins
OOBLP (μW)
9
Fig. 12.3.3. Schematic of PUF, LUT, DAC, and the spectral regrowth and in-band power monitoring circuit.
Measured power detector output voltage and system efficiency vs. in-band power.
8:256
DEC
VDACMIN
×
8
OUT
Weak Pseudo-
nMOS Pullups
LUT
Inverter Chain-Based PUF
4 to 1 MUX
8-Bit DAC
Digital Security Engine A0
A1
A2
A3
A4
A5
A6
A7 1
0
VDACMIN
VDACMAX
IF
Out
+
-
+
-
+
-+
-
LO
Mixer
Instrumentation
Amplifier
LO VREF
VREF
Low-Pass Filter
VREF
Down-Convert
to IF = 3MHz
Differential to Single-
Ended Conversion
VBN
Power Detector (PD)
PD
Out
VBP
PA
fC = 10MHz
In-Band Pout (dBm)
PD Vout (mV)
System Efficiency
2 3 4 5
200
400
600
0%
20%
40%
...
×8
...
×256
word0
word1
word2
word3
A0 A1 A2 A3
10
Fig. 12.3.4. Measured PA output spectra, down-converted output spectra, EVM, and a summary of the
measured IBP and OOBLP variations of nine chips when PUF is disabled. Measured histogram of OOBLP
from nine chips each with 16 different PUF settings.
-90
-80
-70
-60
-50
-40
-30
-20
-10
0
-90
-80
-70
-60
-50
-40
-30
-20
-10
0
-80
-70
-60
-50
-40
-30
-20
-10
0
-80
-70
-60
-50
-40
-30
-20
-10
0
Min. VBA = 220mV
IBP = 3.4dBmOOBLP = -40.3dBm
Max. VBA = 320mV
2.5GHz
2.5GHz
LO
Down-Converted Output
3MHz
3MHz
LO
Span = 10M
Span = 10M
OOBLP = -40.8dBm
OOBLP = -30.1dBm
Span = 6M
Span = 6M
IBP = 1.7dBm
EVM = 2.8%
EVM = 4.7%
9
8
7
6
5
4
3
2
1
0
0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 1.1 1.2
OOBLP (μW)
Counts
OOBLP Distribution for
9 Devices × 16 PUF
IBP and OOBLP (dBm)
Chip #
5
-30
-35
-40
-45
2
13
-25
4 5 6 7 89
0IBP Variation < 1.5dB
OOBLP Variation > 11.5dB
IBP = 3dBm
PA Output
Tuning VBA from Min. to Max. for 9 Chips
IBP = 4.8dBmOOBLP = -28.4dBm
11
Fig. 12.3.5. Calculated false identification rate (FIR) vs. ENOB of the RX feature extraction based on 144
measured data points and an identification demonstration with over-the-air testing in a lab environment.
0
0.2
0.4
0.6
0.8
1
1 2 3 4 5 6
Data Base
Measured
0
10
20
30
40
50
60
70
80
90
100
1 2 3 4 5 6 7 8 9 10
Location
OOBLP (µW)
12 3 4 5 6 78 9 10
0
20%
RX
ENOB
False Identification Rate (FIR)
RX Locations in OTA Testing
1
2
3
4
5
6
RX
Chips
3.5m
Data Base
Measured
40%
60%
80%
100%
Minimum Inter-Device
Distance ~1LSB
Maximum Intra-Device
Distance ~2LSB
FIR = 0 when
ENOB = 6 bit
1 2 3 4 5 6
0
0.2
0.4
0.6
0.8
1.0
PA Chips
Variation
Variation
12
Fig. 12.3.6. Performance summary and comparison.
This Work [9] [10]
Peak Pout
(dBm) 4.7 3 0
Peak PA
Efficiency
32%* min V
BA
36%* max V
BA
41% 30%
Modulation
Type
2Mb/s π/4-
DQPSK
1Mb/s
GFSK
1Mb/s
GFSK
Modulation
Error
2.8%-4.7%
EVM
2.7% FSK
Error
2.84% FSK
Error
Strongest
Harmonic
(dBm)
HD2/-48.5 at
0dBm
HD3/-
47
at 0dBm
HD3/-
47.4
at 0dBm
Active Area
(mm2)0.6 0.65†0.53†
Technology
45nm CMOS
SOI
28nm
CMOS
28nm
CMOS
This Work [4] [5]
RF
Fingerprint Spectral Regrowth CFO CFO + I/Q +
Channel
Fingerprint
Variability
1.4µW
/100kHz
OOBLP,
124µW/100kHz IBP,
11300ppm
1.2kHz CFO,
2.4GHz Carrier,
0.5ppm
23kHz CFO,
2.4GHz Carrier,
9.6ppm
Fingerprint
Dynamic
Range
>11.5dB for all 9
Devices N/A N/A
Fingerprint
Probability
Distribution
Uniform
Gaussian,
σ=10kHz for
CFO
Gaussian,
σ
=20.1kHz for
CFO
Number of
Devices
Measured
9 PA × 16 PUF
Settings Per PA = 144 2 2
False
Identification
Rate
5% with 144 Devices
(meas.)
5% with 20K
Devices (sim.)
1% with 8K
Devices (sim.)
Platform Integrated USRP USRP
* Including dc power of PUF and DAC
†Including PLL
Comparison with 2.4GHz Low-Power PA Comparison with Physical-Layer Identification TX
13
Fig. 12.3.7. Die micrograph.
1.4mm
0.9mm
Input Balun MGTR
Cell
PUF + DAC Output Network
Spectral Regrowth
Monitoring
PD
14
Fig. 12.3.S1. Measurement setup. The chips are wire-bonded to FR4 PCBs for testing. In the over-the-air
test, we connect the spectrum analyzer to an antenna and move it to six different locations in the lab. At each
location, we test one PA chip and record the IBP and OOBLP under three unique PUF settings.
RX AWG to Generate
Input Modulated
Signal
SPI
Programming
Signal Analyzer
for Debugging
Oscilloscope
for Debugging
Function Generator to
Generate PUF CLK Voltage Meter to
Detect PD Out
Chip on
Board w/ Ant
Ant
15
Fig. 12.3.S2. Measured spectra of the PA output and down-converted output using a two-tone signal and
measured fundamental power and IM3 from nine chips each with 16 different PUF settings. A good correlation
is achieved when comparing the two-tone measurement with the π/4-DQPSK-based measurement in Fig. 4.
In the design phase, the VBA tuning range is determined from the two-tone IM3 simulation, instead of
modulated-signal-based envelope simulation, to speed up simulation time.
Power/dBm
Chip
5
-20
-25
-30
-35
2
13
-15
4 5 6 789
0
-5
-100
-80
-60
-40
-20
0
-100
-80
-60
-40
-20
0
Fundamental Variation < 1.5dB
IM3 Variation > 13.4dB
Tuning VBA from Min. to Max. for 9 Chips
2.5GHz Span = 8M
-30.7dBm
-1.2dBm
-16.6dBm
0.4dBm
2.5GHz Span = 8M
Min. VBA = 220mV Max. VBA = 320mV
PA Output PA Output