Paper 2020/1284

Entropy Estimation of Physically Unclonable Functions with Offset Error

Mitsuru Shiozaki, Yohei Hori, and Takeshi Fujino

Abstract

Physically unclonable functions (PUFs) are gaining attention as a promising cryptographic technique, with the main applications including challenge-response authentication and key generation (key storage). When a PUF is applied to these applications, min-entropy estimation is essential. Min-entropy is a measure of the lower bound of the unpredictability of PUF responses. Using the test suite of the National Institute of Standards and Technology (NIST) specification (SP) 800-90B is currently considered the best method for estimating the min-entropy of PUF responses. Several previous studies have estimated the min-entropy of PUFs as well as those of random number generators (RNGs). However, we feel doubtful about some of these estimated results; for example, an evaluator can reorder PUF responses to make the PUF performance appear much better. It is also known that the test suite of NIST SP 800-90B has no suitable estimator. In particular, it has been reported that concatenating PUF responses of two-dimensional PUFs, such as an SRAM PUF, into one-dimensional data may obfuscate spatial correlations. In this paper, we explore the inherent problems in min-entropy estimation by using our static random-access memory (SRAM) PUF and our complementary metal-oxide-semiconductor (CMOS) image sensor with a PUF (CIS PUF). We apply three orderings to the PUF responses of our SRAM PUF and CIS PUF: row-direction ordering, column-direction ordering, and random-shuffle ordering. We show how much the min-entropy estimated by NIST SP 800-90B varies and discuss the estimation results. Next, we discuss the threat of PUFs (i.e., predictability of PUF responses) when a digitizer in a PUF has an offset error. PUF sources are generally defined as circuits and transistors used to extract intrinsic physical properties and generate device-unique responses. Variation in the manufacturing of circuits and transistors other than the PUF sources, especially digitizers, may cause lower entropy. We call these circuits and transistors ``entropy-loss sources.'' We investigate the effect of entropy-loss sources on min-entropy theoretically and clarify how much the theoretical results differ from those estimated by NIST SP 800-90B. Finally, we propose an entropy prediction scheme that considers entropy-loss sources (offset error). We show through experiments that the proposed scheme more accurately estimates the min-entropy of PUFs.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
Physically unclonable function (PUF)Min-entropyNIST SP 800-90BSRAM PUFCMOS image sensor with a PUF (CIS PUF)
Contact author(s)
msalt @ ieee org
hori y @ aist go jp
fujino @ se ritsumei ac jp
History
2021-04-20: revised
2020-10-16: received
See all versions
Short URL
https://ia.cr/2020/1284
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/1284,
      author = {Mitsuru Shiozaki and Yohei Hori and Takeshi Fujino},
      title = {Entropy Estimation of Physically Unclonable Functions with Offset Error},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1284},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1284}},
      url = {https://eprint.iacr.org/2020/1284}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.