extracting robust keys from nand flash physical unclonable functions shijie jia, luning xia, zhan...
TRANSCRIPT
Extracting Robust Keys from NAND Flash
Physical Unclonable Functions
Shijie Jia, Luning Xia, Zhan Wang, Jingqiang Lin, Guozhu Zhang and Yafei Ji
Institute of Information Engineering, CAS, Beijing, China
ISC 2015
11th September,2015
1
Outline
Motivation
NAND Flash memory basics
Robust key generation
Experiments and Evaluation
Conclusion2
Outline
Motivation
NAND Flash memory basics
Robust key generation
Experiments and Evaluation
Conclusion3
NAND Flash memory is ubiquitous
Smart phones, SD cards, USB memory stick, etc.
The keys used by electronic devices need be protected
contain many confidential information many applications need to identify and authenticate users
Motivation
4
Motivation
Physically uncloable function (PUF)
PUFs are hardware primitives which produce unpredictable and instantiation dependent outcomes.
Noises exist in the PUFs
PUF responses are generally not perfectly reproducible. In general, fuzzy extractors (ECC and hash function )are used
to ensure the reliability of the responses. As the error rate increases, the cost of fuzzy extractor is
rather high for devices with limited hardware resources.
5
Motivation
Physically uncloable function (PUF)
PUFs are hardware primitives which produce unpredictable and instantiation dependent outcomes.
Noises exist in the PUFs
PUF responses are generally not perfectly reproducible. In general, fuzzy extractors (ECC and hash function )are used
to ensure the reliability of the responses. As the error rate increases, the cost of fuzzy extractor is
rather high for devices with limited hardware resources.
6
We focus on
NAND Flash Physical Unclonable Function (NFPUF) Error reduction techniques
First, we present three methods to extract raw NFPUF numbers.
partial erasure partial programming program disturbance
Second, we introduce two methods to select the cells. bit-map position-map
Motivation
7
Outline
Motivation
NAND Flash memory basics
Robust key generation
Experiments and Evaluation
Conclusion8
NAND Flash memory basics
Uncertain States of Cells
on account of variations in manufacturing processes, the threshold voltages vary from cell to cell. When the threshold voltage is not shifted sufficiently from the
programmed state to the erased state, and vice versa, the cell will be in an uncertain state. 9
NAND Flash memory basics
Uncertain States of Cells
on account of variations in manufacturing processes, the threshold voltages vary from cell to cell. When the threshold voltage is not shifted sufficiently from the
programmed state to the erased state, and vice versa, the cell will be in an uncertain state. 10
NAND Flash memory basics
Disturbance Related to Array Organization
During the programming operations ,there exists noises between the adjacent cells.
After many repeating operations, it makes the adjacent cells flip
11
NAND Flash memory basics
Disturbance Related to Array Organization
During the programming operations ,there exists noises between the adjacent cells.
After many repeating operations, it makes the adjacent cells flip 12
Outline
Motivation
NAND Flash memory basics
Robust key generation
Experiments and Evaluation
Conclusion13
Partial Erasure
Erase a block
program a page to “0”
perform fixed number (PENum) of
partial erasure operations (Te)
to the selected page
record the number of partial
erasure operations that the
selected cells need to flip
14
Robust key generation ----Extracting Raw NFPUF Numbers
1 1 1 1 1 1 1 1
0 0 0 0 0 0 0 0
0 1 0 0 1 0 0 0
0
1
1 1 0 0 1 0 1 0 2
1 1 0 1 1 1 1 0 3Raw NFPUF Numbers: 2 1 4 3 1 3 2 4
Partial Erasure
Erase a block
program a page to “0”
perform fixed number (PENum) of
partial erasure operations (Te)
to the selected page
record the number of partial
erasure operations that the
selected cells need to flip
15
Robust key generation ----Extracting Raw NFPUF Numbers
1 1 1 1 1 1 1 1
0 0 0 0 0 0 0 0
0 1 0 0 1 0 0 0
0
1
1 1 0 0 1 0 1 0 2
1 1 0 1 1 1 1 0 3Raw NFPUF Numbers: 2 1 4 3 1 3 2 4
Partial Programming
Erase a block
perform fixed number (PPNum) of
partial programming operations (Tp)
to the selected page
record the number of partial
programming operations that the
selected cells need to flip
16
Robust key generation ----Extracting Raw NFPUF Numbers
1 1 1 1 1 1 1 1
1 0 1 1 0 1 1 1
0
1
0 0 1 1 0 1 0 1 2
0 0 1 0 0 0 0 1 3Raw NFPUF Numbers: 2 1 4 3 1 3 2 4
Partial Programming
Erase a block
perform fixed number (PPNum) of
partial programming operations (Tp)
to the selected page
record the number of partial
programming operations that the
selected cells need to flip
17
Robust key generation ----Extracting Raw NFPUF Numbers
1 1 1 1 1 1 1 1
1 0 1 1 0 1 1 1
0
1
0 0 1 1 0 1 0 1 2
0 0 1 0 0 0 0 1 3Raw NFPUF Numbers: 2 1 4 3 1 3 2 4
Program Disturbance
Erase a block
perform fixed number (PDNum) of
programming operations to the
selected page
record the number of programming
operations that the selected cells
in its physically adjacent page
need to flip
18
Robust key generation ----Extracting Raw NFPUF Numbers
1 1 1 1 1 1 1 1
1 0 1 1 0 1 1 1
0
1
0 0 1 1 0 1 0 1 2
0 0 1 0 0 0 0 1 3Raw NFPUF Numbers: 2 1 4 3 1 3 2 4
Program Disturbance
Erase a block
perform fixed number (PDNum) of
programming operations to the
selected page
record the number of programming
operations that the selected cells
in its physically adjacent page
need to flip
19
Robust key generation ----Extracting Raw NFPUF Numbers
1 1 1 1 1 1 1 1
1 0 1 1 0 1 1 1
0
1
0 0 1 1 0 1 0 1 2
0 0 1 0 0 0 0 1 3Raw NFPUF Numbers: 2 1 4 3 1 3 2 4
20
Robust key generation ----Extracting Robust Keys from Raw NFPUF Numbers
Fluctuations of raw NFPUF numbers from four cells of a MLC type NAND Flash memory chip
Outline
Motivation
NAND Flash memory basics
Robust key generation
Experiments and Evaluation
Conclusion24
25
Experiments
Setup Platform: a Flash test board with an ARM Cortex-M3 controller
Tested NAND Flash memory chips
26
Evaluation
The security and reliability of the keys
speed (for performance)
reproducibility (for reliability)
uniqueness (for security)
randomness (for high-entropy)
27
Evaluation ——speed
The average throughput of the raw NFPUF numbers (Kbits/second)
Parameters setting of the raw NFPUF numbers extraction methods
28
Evaluation ——speed
The average throughput of the raw NFPUF numbers (Kbits/second)
Parameters setting of the raw NFPUF numbers extraction methods
30
Evaluation ——Uniqueness (Inter-chip variations)
The inter-chip variations of the three proposed extraction methods
Outline
Motivation
NAND Flash memory basics
Robust key generation
Experiments and Evaluation
Conclusion32
33
First, we proposed three methods to extract raw NFPUF numbers from NAND Flash memory chips.
Second, we utilized the bit-map or position-map method to select the cells with the most reliable relationship of the size between raw NFPUF numbers.
At last, we evaluated the primary characteristics of the key under various temperature and aging conditions.
Our key generator eschews the costly ECC overheads to generate robust and error-free keys.