Identifying and Authenticating Integrated Circuits Using Physical Unclonable Functions

Applications

This novel authentication and identification technique directly improves the security measures embedded in integrated circuits. Because of the individual delay characteristics inherent to each integrated circuit, they each can be specifically identified by an input sequence and the resultant unique response. These inputs and response are the secret signature individual to the circuit, known to some authentication authority, and essentially impossible to replicate. Such unique and identifiable hardware chips offer many advantages across software security applications. The identification and authentication techniques can be used for improved smartcards, unclonable with each integrated circuit’s unique secret signature key. Another application of these uniquely identifiable chips enables processor authentication so that large and distributed computations may be carried out across multiple secure chips with proof of the specific chip used and a certificate for lack of tampering. Further, for embedded intellectual property protection, a piece of code could be engineered to specifically run on a chip with the necessary secret key limiting the use of a software product or hardware intellectual property.

Problem Addressed

Integrated circuits are typically fabricated using the same lithography masks, and are often identified by embedding a unique identifier in the chip, such as a serial number. The main issue with this current security technology is its replicability. It is possible to clone these chips and their key information if another party gains possession for even a short period of time. Thus, when the original user regains possession, there could exist an exact copy of the chip. 

With the novel identification and authentication techniques enabled by secret signatures, a hardware chip virtually cannot be replicated with the same delay characteristic, and therefore ensures the safety of the potential smartcard, software IP, or processor. An opposing party would require prolonged physical access to the hardware chip along with highly specific and expensive technology to replicate the minute fabrication variations unique to the chip. To totally prevent any opposing party from creating an exact copy of an integrated circuit, detection depends on a complete and precise timing characterization of the original circuit, an intractable task. 

Technology

Though the mass manufacture of integrated circuits is known to produce identical logical functionality, variability inherent to the manufacturing processes creates delay characteristics unique to each integrated circuit produced. To identify a unique integrated circuit, a sequence of input stimuli exercising a large number of paths is applied to prompt an output response which is dependent on the delays of a large number of gates and wires. This input sequence and response are the secret signature of the integrated circuit to be documented for identification and authentication. The signature or any key that can be extracted from this signature is known only to the organization recording the input and response, and is nearly impossible to guess given the exponential number of input stimuli sequences and responses possible. The secret signature of the integrated circuit is interpretable as the silicon realization of a Physical Unclonable Function (PUF) resultant from the variation in manufacturing and like a thumbprint for each silicon chip. 

By designing the paths chosen and input stimuli creating the signature, the computational barrier can be raised to render the unique delay virtually impossible to recreate. Additionally, package barriers and control barriers can be used to further bar counterfeit fabrication. A potential package barrier could be achieved by inserting a scattering of conducting particles into the packaging so that delays measured after the packaging is removed are completely different. A control barrier would prevent a counterfeiter from controlling applied inputs by using a hash function on the stimulus presented at the package inputs. 

Beyond its irreproducibility, these integrated circuits signatures offer durability and environmental variability resistance. The most significant issues affecting chip performance are variable ambient temperature and circuit aging. In an authentication application, environmental variations can result in change of signatures, but small changes can be “forgiven” during the verification step. If the signature is to be used as a secret cryptographic key, error correction techniques can ensure that the same secret key is (re)generated by the chip repeatedly even under extreme environmental variation.

Advantages

  • Uses inherent variability in the integrated circuit manufacturing process
  • Integrated circuit identification and authentication with unclonable secret signatures
  • Durable and temperature variation resistant secret signatures
  • Enhanced security for smartcards, software IP, and processors 
  • Efficient, cost-effective, reliable, and almost immune to reverse engineering
  • Keys are not embedded into the device but rather are generated from the device itself

Intellectual Property

IP Type: Granted US Patent

Application Title: Authentication of Integrated Circuits

IP Number: US7840803

 

IP Type: Granted US Patent

Application Title: Reliable Generation of a Device Specific Value

IP Number: US7681103

 

 

IP Type: Granted US Patent

Application Title: Integrated Circuit that uses a Dynamic Characteristic of the Circuit

IP Number: US7757083

 

IP Type: Granted US Patent

Application Title: Data Protection and Cryptographic Functions using a Device-Specific Value

IP Number: US7818569

 

IP Type: Granted US Patent

Application Title: Continuation: Integrated Circuit that uses a Dynamic Characteristic of the Circuit

IP Number: US7904731

 

 

IP Type: Granted US Patent

Application Title: Continuation: Authentication of Integrated Circuits

IP Number: US8386801