INTEGRATED CIRCUIT WITH PHYSICALLY UNCLONABLE FUNCTION ROBUST TO MACHINE LEARNING ATTACKS

20230224172 · 2023-07-13

Assignee

INDUSTRY-ACADEMIC COOPERATION FOUNDATION, YONSEI UNIVERSITY (Seoul, KR)

Inventors

Joon-Sung YANG (Seoul, KR)

Cpc classification

International classification

Abstract

An integrated circuit is provided which includes a physically unclonable function (PUF). The integrated circuit comprises a PUF block including a plurality of physically unclonable function (PUF) cells configured to output a cell signal having a unique value according to an input, a conversion unit is configured to receive the cell signal as input, convert the cell signal, and output a conversion signal. A select signal generator provides a first selection signal to the conversion unit. A key generator is configured to receive the conversion signal from the conversion unit and generate a security key therefrom, wherein the conversion unit includes a first layer which outputs a second signal obtained by converting a provided first signal on the basis of a bit value of the first selection signal.

Claims

1. An integrated circuit comprising: a PUF block including a plurality of physically unclonable function (PUF) cells configured to output a cell signal having a unique value according to an input challenge; a conversion unit configured to receive the cell signal from the PUF block, convert the cell signal into a conversion signal, and output the conversion signal; a select signal generator configured to provide a first selection signal to the conversion unit; and a key generator configured to receive the conversion signal from the conversion unit, and generate a security key; wherein the conversion unit includes a first layer configured to output a second signal, by converting a provided first signal, on the basis of a bit value of the first selection signal provided from the select signal generator; and wherein the integrated circuit is configured to change its internal connection structure according to the input challenge.

2. The integrated circuit of claim 1, wherein the conversion unit further includes a second layer configured to receive a third signal obtained by converting the second signal, output a fourth signal by converting the third signal on the basis of a bit value of a second selection signal provided from the select signal generator.

3. The integrated circuit of claim 2, wherein the first layer of the conversion unit and the second layer of the conversion unit include at least one multiplexer (MUX), and wherein the number of multiplexers included in the first layer is the same as the number of multiplexers included in the second layer.

4. The integrated circuit of claim 2, wherein the bit value of the first selection signal is different from the bit value of the second selection signal.

5. The integrated circuit of claim 1, wherein the conversion unit further comprises: a first stage including a plurality of first logical gates configured to receive a plurality of corresponding inputs comprising the cell signal, perform a logical operation on the cell signal and output the first signal, and a second stage including ta plurality of second logical gates, configured to receive the second signal, perform a logical operation on the second signal output a third signal.

6. The integrated circuit of claim 5, wherein the number of the first logical gates included in the first stage is the same as the number of the second logical gates included in the second stage.

7. The integrated circuit of claim 5, wherein the conversion unit is configured to receive from the signal generator, a second selection signal different from the first selection signal, wherein the conversion unit deactivates the first logical gate of at least a part of the first stage on the basis of the second selection signal, and wherein the conversion unit deactivates the second logical gate of at least a part of the second stage on the basis of the second selection signal.

8. The integrated circuit of claim 7, wherein the number of deactivated first logical gates of the first stage is the same as the number of deactivated second logical gates of the second stage.

9. The integrated circuit of claim 5, wherein the logical operation is an XOR operation.

10. An integrated circuit comprising: a PUF block including a plurality of physically unclonable function (PUF) cells configured to output a cell signal having a unique value responsive to an input; a conversion unit configured to receive inputs comprising the cell signal from the PUF block as input, convert the cell signal into a conversion signal, and output the conversion signal; a select signal generator configured to generate a first selection signal to the conversion unit; and a key generator configured to receive a conversion signal from the conversion unit, generate a security key, wherein the conversion unit includes a first stage including a plurality of first logical gates, the first stage configured to receive the cell signal from the PUF block, perform a logical operation on the cell signal, and output a first signal, and a second stage including a plurality of second logical gates, the second stage configured to receive a second signal generated on the basis of the first signal, perform a logical operation on the second signal, output a third signal, wherein the conversion unit deactivates a first logical gate of at least a part of the first stage on the basis of the first selection signal, and wherein the conversion unit deactivates a second logical gate of at least a part of the second stage on the basis of the first selection signal.

11. The integrated circuit of claim 10, wherein the number of the first logical gates included in the first stage is the same as the number of the second logical gates included in the second stage.

12. The integrated circuit of claim 10, wherein the number of deactivated first logical gates as part of the first stage is the same as the number of deactivated second logical gates as part of the second stage.

13. The integrated circuit of claim 10, wherein the conversion unit further comprises a first layer configured to receive and convert the first signal, output the second signal using the converted first signal.

14. The integrated circuit of claim 13, wherein the first layer receives from the select signal generator, a second selection signal different from the first selection signal, and wherein the first layer is configured to convert the first signal on the basis of a bit value of the second selection signal.

15. The integrated circuit of claim 14, wherein the conversion unit further comprises a second layer configured to receive a third signal by converting the second signal, output a fourth signal by converting the third signal on the basis of a bit value of a third selection signal provided from the select signal generator.

16. The integrated circuit of claim 15, wherein the first layer and the second layer include a multiplexer (MUX), and wherein the number of multiplexers included in the first layer is the same as the number of multiplexers included in the second layer.

17. The integrated circuit of claim 15, wherein the bit value of the first selection signal is different from the bit value of the third selection signal.

18. The integrated circuit of claim 10, wherein the logical operation is an XOR operation.

19. An integrated circuit comprising: a first XOR gate configured to receive first and second cell signals, the first cell signal having a unique value according to an input from a first PUF cell, the second cell signal having a unique value according to a second PUF cell, the first XOR gate being further configured to output a first signal; a second XOR gate configured to receive third and fourth cell signals the third cell signal having a unique value according to an input from a third PUF cell, the fourth cell signal having a unique value according to an input from PUF cells different from the first and second PUF cells, and outputs a second signal different from the first signal; a first multiplexer (MUX) configured to receive the first signal from the first XOR gate, receive the second signal from the second XOR gate, and output the first signal among the first and second signals; and a second multiplexer configured to receive the first signal from the first XOR gate, receive the second signal from the second XOR gate, and output the second signal among the first and second signals, wherein the first signal output from the first multiplexer is determined by a first selection signal provided from the select signal generator, wherein the second signal output from the second multiplexer is determined by a second selection signal provided from the select signal generator, and wherein the first selection signal is different from the second selection signal.

20. The integrated circuit of claim 19, further comprising: a third XOR gate configured to receive as an input, the output of the first multiplexer; a fourth XOR gate configured to receive as an input, the output of the second multiplexer; and a fifth XOR gate configured to receive the output of the first multiplexer as a first input and the output of the second multiplexers as a second input.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0016] The above and other aspects and features of the present disclosure will become more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:

[0017] FIG. 1 is an exemplary block diagram for explaining an integrated circuit according to an embodiment.

[0018] FIG. 2 is an exemplary diagram for explaining the operation of an integrated circuit according to an embodiment.

[0019] FIG. 3 is an exemplary circuit diagram for explaining the conversion unit included in the integrated circuit according to an embodiment.

[0020] FIGS. 4 and 5 are exemplary circuit diagrams for showing the operation of the conversion unit according to an embodiment.

[0021] FIG. 6 is an exemplary circuit diagram for explaining the operation of the conversion unit according to an embodiment.

[0022] FIG. 7 is an exemplary table for explaining the operation of the conversion unit according to an embodiment.

[0023] FIG. 8 is an exemplary block diagram of an apparatus including the integrated circuit of physically unclonable function according to an embodiment.

[0024] FIG. 9 is an exemplary block diagram of an apparatus including the integrated circuit of physically unclonable function according to an embodiment.

[0025] FIG. 10 is an exemplary block diagram of an apparatus including the integrated circuit of physically unclonable function according to an embodiment.

[0026] FIG. 11 is an exemplary block diagram for explaining a server system between the apparatus device including the integrated circuit according to an embodiment.

[0027] FIG. 12 is an exemplary flowchart for explaining the operation of a server system between the apparatus including the integrated circuit according to an embodiment.

DETAILED DESCRIPTION OF THE EMBODIMENTS

[0028] Hereinafter, embodiments according to the inventive concept will be described referring to the accompanying drawings. Like reference numerals may refer to like elements throughout the accompanying drawings.

[0029] It will be understood that the terms “first,” “second,” “third,” etc. are used herein to distinguish one element from another, and the elements are not limited by these terms. Thus, a “first” element in an embodiment may be described as a “second” element in another embodiment.

[0030] It should be understood that descriptions of features or aspects within each embodiment should typically be considered as available for other similar features or aspects in other embodiments, unless the context clearly indicates otherwise.

[0031] As used herein, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise.

[0032] FIG. 1 is an exemplary block diagram depicting an integrated circuit according to an embodiment.

[0033] Referring to FIG. 1, an integrated circuit 1 (IC) may include a PUF (physically unclonable function) block 10, a conversion unit 20, a key generator 30, and a select signal generator 40.

[0034] The PUF block 10 may include a plurality of PUF cells 10_1 to 10_n. Each of the plurality of PUF cells 10_1 to 10_n may output cell signals OUT1 to OUTn and provide them to the conversion unit 20.

[0035] Here, the plurality of cell signals OUT1 to OUTn output from the PUF block 10 comprise unique values that are output according to outputs of each of the plurality of PUF cells 10_1 to 10_n. For example, the plurality of PUF cells 10_1 to 10_n may output the respective unique values to the cell signals OUT1 to OUTn due to various process variations generated during the manufacturing process.

[0036] Specifically, elements or patterns such as transistors included in a plurality of PUF cells 10_1 to 10_n may have unique characteristics that are different from other PUF cells manufactured during the same semiconductor process, due to process variations such as a height, a width, a length, and a doping concentration. Therefore, the cell signals OUT1 to OUTn may each have a unique value, and the security key KEY may be generated using the same unique process.

[0037] In an embodiment, each of the cell signals OUT1 to OUTn may have a bit length of one, i.e., i.e., 1-bit signals. Therefore, in the case of the PUF block 10 shown in FIG. 1, n-bit cell signals OUT1 to OUTn of bit length 1 may be provided to the conversion unit 20. However, in other embodiments, the size of the cell signal may have bit lengths of different values, (n-bit length signals where n>1).

[0038] The conversion unit 20 may include a plurality of stages 21_1 to 21_m and a corresponding plurality of layers 22_1 to 22_m-1.

[0039] Each of the plurality of stages 21_1 to 21_m may include a plurality of logical gates that perform a logical operation. For example, each of the plurality of stages 21_1 to 21_m may include a plurality of XOR gates. However, embodiments of the inventive concept are not limited thereto. For example, in various embodiments, each of the plurality of stages 21_1 to 21_m may include different types of logical gates.

[0040] The plurality of layers 22_1 to 22_m-1 may convert the input signal. Specifically, each of the plurality of layers 22_1 to 22_m-1 may receive an input from a previously located stage and provide different outputs to the next stage on the basis of the selection signal SEL.

[0041] Each of the plurality of layers 22_1 to 22_m-1 may include a plurality of multiplexers (MUX), where each layer has the same number of multiplexers (MUX). However, the embodiment is not limited thereto. In other embodiments, the plurality of layers 22_1 to 22_m-1 may include a different number of multiplexers. (MUX) In yet other embodiments, the plurality of layers 22_1 to 22_m-1 may include other configurations for converting an input signal, such as a switch.

[0042] The plurality of stages 21_1 to 21_m and the plurality of layers 22_1 to 22_m-1 may be placed alternately. That is, as shown in FIG. 1, a first layer 22_1 may be configured between a first stage 21_1 and a second stage 21_2, and a second stage 21_2 may be configured between a first layer 22_1 and a second layer 22_2. However, embodiments are not limited thereto. For example, an arrangement relationship between the plurality of stages 21_1 to 21_m and the plurality of layers 22_1 to 22_m-1 may vary according to the embodiment.

[0043] The first stage 21_1 of the conversion unit 20 may receive cell signals OUT1 to OUTn from the PUF block 10. The first stage 21_1 may perform a logical operation on the provided cell signals OUT1 to OUTn and provide n output signals from the first stage 21_1 to the first layer 22_1. The logical operation performed by the first stage 21_1 may be, for example, an XOR operation.

[0044] Alternatively, the first stage 21_1 may perform the logical operation by activating only some of a plurality of logical gates, where certain logical gates are included on the basis of a first selection signal SEL1 provided from the select signal generator 40. The details of which will be described more fully below.

[0045] The first layer 22_1 may receive as input, the output provided from the first stage 21_1 and may generate outputs of various combinations with respect to the output provided from the first stage 21_1, on the basis of a second selection signal SEL2 provided from the select signal generator 40. For example, the first layer 22_1 may output a signal on the basis of the bit value of the second selection signal SEL2. The first layer 22_1 may provide the output to the second stage 21_2.

[0046] The key generator 30 may receive the conversion signal PUF from the conversion unit 20. Here, the conversion signal PUF may be a signal that is output in response to an arbitrary input that is input to the PUF block 10. The arbitrary input may generate cell signals OUT1 to OUTn which are provided as inputs to the conversion unit 20. The cell signals OUT1 to OUTn are then converted according to the internal connection structure of the conversion unit. Notably, the process of applying an arbitrary input as input to the PUF block 10 and outputting a conversion signal PUF in a single cycle may be defined herein as a challenge.

[0047] The key generator 30 may receive and collect the conversion signal PUF from the conversion unit 20 to generate a security key KEY. For example, the key generator 30 may collect the conversion signal PUF for L challenges to generate the security key KEY. In this case of L challenges, the security key KEY may have a size of n*L bits. However, the embodiment is not limited thereto, and it should be apparent that the size of the security key KEY may vary depending on the respective sizes of the cell signals OUT1 to OUTn provided by PUF block 10, the internal connection structure of the conversion unit 20, and the like.

[0048] The select signal generator 40 may generate a selection signal for changing the internal connection structure of the conversion unit 20. Specifically, the select signal generator 40 may generate the first selection signal SEL1 and the second selection signal SEL2 and provide them to the conversion unit 20.

[0049] The select signal generator 40 may include information about all internal connection structures of the converter 20 that may be generated. Specifically, the select signal generator 40 may store in advance the values of the selection signals that need to be provided to each of the plurality of layers 22_1 to 22_m-1 to form the specific internal connection structure of the conversion unit 20.

[0050] The first selection signal SEL1 is used to determine the logical gate to be activated among the plurality of logical gates included in the plurality of stages 21_1 to 21_m. The second selection signal SEL2 may be used to determine which of the provided inputs the plurality of multiplexers included in the plurality of layers 22_1 to 22_m-1 output. The details of which will be described more fully below.

[0051] FIG. 2 is an exemplary diagram depicting the operation of an integrated circuit according to an embodiment

[0052] Referring to FIG. 2, as described above and shown in FIG. 1, a plurality of PUF signals 10_1 to 10_n may be collected to generate the security key KEY. Specifically FIG. 2 illustrates that one challenge is performed to generate one PUF signal (PUF[1] to PUF[1]). The PUF signals (PUF[1] to PUF[1]) may be collected to generate the security key KEY. Here, the PUF signal (PUF[1] to PUF[1]) equates to the conversion signal (PUF) of FIG. 1.

[0053] In a conventional design, at each challenge, the existing integrated circuit of the physically unclonable function was able to output PUF signals of different inputs, using the same circuit structure. This is problematic because the integrated circuit is vulnerable to attacks of machine learning, even in the case where the PUF signals are collected over multiple challenges to generate the security key KEY.

[0054] For example, assuming that each PUF signal is 10 bits and the number of challenges to be performed is 10 in an existing integrated circuit. In such a case, the number of security keys KEY generated may be a value corresponding to 100 * square of2 or (100*2*2).

[0055] To overcome the potential vulnerability described above, according to an embodiment, the integrated circuit of according to some embodiments of the present disclosure may be configured to change its internal connection structure for each challenge to be more robust against machine learning attacks and may therefore provide improved security performance.

[0056] For example, as shown in FIG. 2, in a first challenge, the integrated circuit 1 may have an internal connection structure of a third configuration (Config[3]), and thus output a first PUF signal (PUF[1]) to the input.

[0057] In a second challenge, the integrated circuit may have an internal connection structure of a fifth configuration (Config[5]), and thus output a second PUF signal (PUF[2]) to the input.

[0058] In a third challenge, the integrated circuit may have an internal connection structure of a second configuration (Config[2]), and thus output a third PUF signal (PUF[3]) to the input.

[0059] In this way, by changing the internal connection structure of the integrated circuit for each challenge, PUF signals may be diversely combined, and security performance may be improved accordingly.

[0060] FIG. 3 is an exemplary circuit diagram illustrating the conversion unit 20 included in the integrated circuit 1 according to an example embodiment. FIGS. 4 and 5 are exemplary circuit diagrams for illustrating the operation of the conversion unit 20 according to example embodiments.

[0061] Referring now to FIG. 3, there is depicted a circuit diagram which shows an i.sup.th stage 21_i, an (i+1).sup.th stage 21_i+1, and an i.sup.th layer configured between the i.sup.th stage 21_i and the (i+ 1).sup.th stage 21_i+1, from among the different layers of the conversion unit included in the integrated circuit.

[0062] Referring to FIG. 3, the i.sup.th stage 21_i may include a plurality of logical gates as illustrated in FIG. 1, and the (i+1).sup.th stage 21_i+1 may also include a plurality of logical gates. Specifically, the number of logical gates included in the i.sup.th stage 21_i may be the same as the number of logical gates included in the (i+1).sup.th stage 21_i+1.

[0063] The i.sup.th stage 21_i and the (i+1).sup.th stage 21_i+1 may be formed by XOR gates, and may include, for example, ten XOR gates. In other embodiments, the number of XOR gates may be other than ten .

[0064] The i.sup.th layer 22_i may include a plurality of multiplexers. For example, the i.sup.th layer 22_i may include ten multiplexers as shown in FIG. 3, and each multiplexer may be configured to output one input from among the two applied inputs. However, the embodiment is not limited thereto. That is, the number of inputs that are input to each of the multiplexers may vary according to the embodiment.

[0065] Further, the number of multiplexers included in the i.sup.th layer 22_i and the number of logical gates included in the i.sup.th stage 21_i and the (i+1).sup.th stage 21_i+1 do not necessarily need to be the same and may vary according to the embodiment.

[0066] Further, the number of multiplexers may be organized according to groupings. Specifically, in the present example, five groups (Groups) may be defined in relation to the i.sup.th stage 21_i and the i.sup.th layer 22_i.

[0067] Specifically, as shown in FIG. 3, a first group (Group 1) may include an A XOR gate and a B XOR gate of the i.sup.th stage 21_i, and two multiplexers which receive the outputs of the two gates as inputs.

[0068] A second group (Group 2) may include a C XOR gate and a D XOR gate of the i.sup.th stage 21_i, and two multiplexers which receive the outputs of the two gates as inputs.

[0069] A third group (Group 3) may include an E XOR gate and an F XOR gate of the i.sup.th stage 21_i, and two multiplexers which receive the outputs of the two gates as inputs.

[0070] A fourth group (Group 4) may include a G XOR gate and an H XOR gate of the i.sup.th stage 21_i, and two multiplexers which receive the outputs of the two gates as inputs.

[0071] A fifth group (Group 5) may include an I XOR gate and a J XOR gate of the i.sup.th stage 21_i, and two multiplexers which receive the outputs of the two gates as inputs.

[0072] As an example, the i.sup.th layer 22_i may receive the second selection signal SEL2 and determine the output on the basis of the second selection signal SEL2. Specifically, each of the multiplexers included in the i.sup.th layer 22_i receives any one of the different signals included in the second selection signal SEL2 and may determine the output provided to the (i+ 1).sup.th stage 21_i+l on the basis of the signal.

[0073] More specifically, for ease of explanation referring to FIGS. 4 and 5, the second group (Group2) will be described by way of example. The C multiplexer MUX_C and D multiplexer MUX_D included in the second group (Group2) may each receive the second selection signal SEL2. Each of the C multiplexer MUX_C and the D multiplexer MUX_D may receive one of a plurality of signals included in the second selection signal SEL2, and the signal provided to the C multiplexer MUX_C and the signal provided to the D multiplexer MUX_D may be different from each other.

[0074] Each of the C multiplexer MUX_C and the D multiplexer MUX_D may receive the output of the C XOR gate and the D XOR gate as input, and each of the C multiplexer MUX_C and the D multiplexer MUX_D may output different outputs from among the output of the C XOR gate and the output of the D XOR gate.

[0075] For example, in FIG. 4, the C multiplexer MUX_C may receive the output of the C XOR gate and the output of the D XOR gate and output the output (indicated by a thick line) of the C XOR gate from among the C XOR and the D XOR outputs. Conversely, the D multiplexer MUX_D may receive the output of the C XOR gate and the output of the D XOR gate and output the output (indicated by a dotted line) of the D XOR gate from among the C XOR and the D XOR outputs.

[0076] In contrast to the FIG. 4 example, in FIG. 5, the C multiplexer MUX_C receives the output of the C XOR gate and the output of the D XOR gate and may output the output (shown by a dotted line) of the D XOR gate from among the C XOR and the D XOR outputs. Conversely, the D multiplexer MUX_D receives the output of the C XOR gate and the output of the D XOR gate and may output the output (indicated by a thick line) of the C XOR gate from among the C XOR and the D XOR outputs.

[0077] That is, the output values of each multiplexer is determined by the second selection signal SEL2, thus allowing the internal connection structure of the integrated circuit to be changed accordingly.

[0078] Referring again to FIG. 3n, i.sup.th layer 22_i is shown to include ten multiplexers, and as described in FIGS. 4 and 5, each group may set two paths independently of each other, on the basis of the second selection signal SEL2. Therefore, the number of outputs generated by the i.sup.th layer 22_i may correspond to 32, which is 5 * the square of 2.

[0079] Alternatively, the input provided to the (i+1).sup.th stage 21_i+l may be independent of a relationship between the i.sup.th layer 22_i and the i.sup.th stage 22_i.

[0080] For example, the value output from the C multiplexer MUX_C of the second group (Group 2) is input to the L XOR gate and the M XOR gate of the first (i+ 1).sup.th stage 21_i+1, and the other input of the L XOR gate may correspond to the output of the first group (Group 1). Therefore, the more layers there are, the more conversion signals there may be.

[0081] FIG. 6 is an exemplary circuit diagram illustrating the operation of the conversion unit according to an example embodiment.

[0082] Referring to FIG. 6, the conversion unit 20 may receive the first selection signal SEL1. The conversion unit 20 may activate at least a part of the plurality of logical gates included in the i.sup.th stage 21_i and the (i+1).sup.th stage 21_i+1 on the basis of the first selection signal SEL1 and deactivate the rest.

[0083] For example, the conversion unit 20 may activate all gates beginning with the A XOR gate and ending with the F XOR gate and deactivate all gates beginning with the G XOR gate and ending with the J XOR gate from among the gates included in the i.sup.th stage 21_i. Similarly, the conversion unit 20 may activate all of the gates beginning with the K XOR gate and ending with the P XOR gate and deactivate all of the gates beginning with the Q XOR gate and ending with the T XOR gate from among the gates included in the (i+1).sup.th stage 21_i+1.

[0084] The conversion unit 20 may convert the signal through the activated first set (Set 1) from among the first set (Set 1) and the second set (Set 2). As an example, the number of bits input to the activated set may be defined as the Width. That is, using FIG. 6 as an example, the value of Width may correspond to 6 because gates A through F have been activated.

[0085] As described above, the integrated circuit according to embodiments of the present disclosure may change the output of the multiplexer included in the plurality of layers on the basis of the selection signal and may also change the number of logical gates that are activated, among the logical gates included in the plurality of stages. As a result, there may be a larger number of conversion signals resulting in an improvement in security performance.

[0086] FIG. 7 is an exemplary table illustrating the operation of the conversion unit according to an example embodiment.

[0087] Referring to FIG. 7, a configuration label may be equated to an index number that is defined for all of the cases that may be generated according to changes in the internal connection structure in the integrated circuit.

[0088] As described in FIGS. 3 to 6, there may be a number of cases corresponding to a value of (Width/2 * square of 2) for one layer. Further, when there are multiple “m” layers, because the outputs of each layer are independent of each other, the total number of cases of the internal connection structures that the integrated circuit may have may correspond to a value of (m*Wide) /2 * square of 2).

[0089] A plurality of layer selection signals may be provided for each number of cases. Specifically, if the configuration labels are different, that is, if the structure of the integrated circuit is changed, at least one of the selection signals provided to each of the plurality of layers may have different values.

[0090] Conversely, selection signals that are different from each other may be provided to each layer. For example, if the configuration label is 0, the value of the selection signal provided to the first layer may correspond to 000...0.sub.2, the value of the selection signal provided to the second layer may correspond to 001...0.sub.2, and the value of the selection signal provided to the m.sup.th layer may correspond to 011...0.sub.2.

[0091] Further, as described above, the plurality of multiplexers included in each layer may receive any one of a plurality of different signals included in the selection signal received by the layer.

[0092] FIG. 8 is an exemplary block diagram of an apparatus including the integrated circuit of a physically unclonable function according to an example embodiment.

[0093] Referring to FIG. 8, an identification device 100a may include a PUF integrated circuit 100a (PUF IC) and a communication interface 102a.

[0094] The identification device 100a may transmit a response RES including the identification information of the identification device 100a to outside of the identification device 100a in response to the request RQ received from outside of the identification device 100a. The identification device 100a may be, for example, radio frequency identification (RFID).

[0095] The identification information included in the response RES transmitted by the identification device 100a may be used to identify the user of the identification device 100a. The identification information included in the response RES may be generated on the basis of the security key KEY generated by the PUF integrated circuit 101a.

[0096] FIG. 9 is an exemplary block diagram of an apparatus including the integrated circuit of physically unclonable function according to an example embodiment.

[0097] Referring to FIG. 9, a storage device 100b may include a PUF integrated circuit 101b, an encryption engine 102b, and a memory 103b.

[0098] The storage device 100b may store the data DATA received from outside of the storage device 100b and transmit the stored data DATA to outside of the storage device 100b. For the security of the stored data, the storage device 100b may encrypt the data DATA received from outside of the storage device 100b using the security key KEY and store the encrypted data ENC in the memory 103b. The storage device 100b may be, for example, a portable storage device or a storage device of a storage server.

[0099] The encryption engine 102b may decrypt the encrypted data DEC that is read from the memory 103b, using the security key KEY, and may transmit the decrypted data DATA to outside of the storage device 100b.

[0100] FIG. 10 is an exemplary block diagram of an apparatus including the integrated circuit of a physically unclonable function according to an example embodiment.

[0101] Referring to FIG. 10, a communication device 100c may include a PUF integrated circuit 101c, a public key generator 102c, and a modem 103c.

[0102] The communication device 100c may communicate with another communication device, by receiving the signal RX from the other communication device or transmitting the signal TX to the other communication device. The communication device 100c may be, for example, a portable wireless communication device.

[0103] The public key generator 102c may generate the public key P_KEY on the basis of the security key KEY generated by the PUF integrated circuit 101c.

[0104] The modem 103c may transmit the encrypted signal TX and decode the signal RX on the basis of the public key P_KEY.

[0105] That is, the communication device 100c may perform secured communications with another communication device on the basis of the security key KEY.

[0106] FIG. 11 is an exemplary block diagram of a server system between the apparatus device including the integrated circuit according to an example embodiment.

[0107] Referring to FIG. 11, the server system 1000 may include a server 1100 and an IoT (Internet of Things) device 1200.

[0108] The server 1100 may include a simulation module 1100. The simulation module 1100 may generate a server secret key sKeys_s, using a server public key pKeys_s and configuration information Inf_conf.

[0109] Here, the server public key pKeys_s specify information required to generate the server secret key sKeys_s. For example, the server public key pKeys_s may include information such as the initial value and the time.

[0110] Here, the configuration information Inf_conf may include information about the internal connection structure of the conversion unit according to each configuration label described in FIG. 7.

[0111] The server 1100 may provide the server public key pKeys_s and the configuration information Inf_conf to the IoT device 1200.

[0112] The IoT device 1200 may include a PUF integrated circuit 1210. Here, the PUF integrated circuit 1210 may correspond to the integrated circuit described in FIGS. 1 to 7 and may further correspond to be substantially the same as the PUF integrated circuit described in FIGS. 8 to 10.

[0113] The IoT device 1200 may receive the server public key pKeys_s and the configuration information Inf_conf from the server 1100. Accordingly, the PUF integrated circuit 1210 may generate an IoT secret key sKeys_IOT, using the received server public key pKeys_s and the configuration information Inf_conf. The server 1100 and the IoT device 1200 may be in an advanced state of information sharing regarding the internal connection structure of the PUF integrated circuit 1210 where the information shared corresponds to the configuration information Inf_conf provided by the server 1100. The IoT device 1200 may provide the generated IoT secret key sKeys_IoT to the server 1100.

[0114] FIG. 12 is an exemplary state diagram describing the operation of a server system between the apparatus including the integrated circuit according to an example embodiment.

[0115] Referring to FIG. 12, the IoT device may initially provide an access command CAMD to the server to access the server (S10). The access command CAMD may be a command provided by the IoT device to be authenticated through the server.

[0116] The server may perform a simulation operation of the key generation in response to the reception of the access command CAMD from the IoT device (S20). That is, the server may perform a simulation which generates a key using the simulation module 1110 of FIG. 11. Specifically, step S20 is a step in which the PUF circuit of the IoT device is virtually used to generate a key thereof. As described in FIG. 11, the server may generate the server secret key, using the server public key and the configuration information.

[0117] The server may provide the server public key and the configuration information to the IoT device (S30). Here, the configuration information may include information about the internal connection structure of the PUF circuit in which the server is included in the IoT device.

[0118] The IoT device may recover the IoT secret key, using the received server public key and configuration information (S40). Specifically, the IoT device may recover the IoT secret key, using the received server public key and configuration information on the basis of the internal PUF circuit.

[0119] The IoT device may provide the IoT secret key to the server (S50).

[0120] The server may perform an authentication process (S60). Specifically, the server may check whether the generated server secret key is the same as the received IoT secret key.

[0121] The server may provide a response (RES) to the IoT device as the output of the authentication process (S70). For example, the server may provide an accessible response (RES) to the IoT device, when the server secret key is the same as the IoT secret key. Conversely, the server may provide an inaccessible response (RES) to the IoT device, when the server secret key is not the same as the IoT secret key.

[0122] As stated above, the server system may provide additional configuration information to the IoT device as compared to previous configurations of the server system. The IoT device may generate the secret key, only when using the configuration information. This makes it possible to further improve the security performance in the server system.

[0123] In conclusion, those skilled in the art will appreciate that many variations and modifications may be made to the preferred embodiments without substantially departing from the principles of the inventive concept. Therefore, the disclosed preferred embodiments of the disclosure are used in a generic and descriptive sense only and not for purposes of limitation.

INTEGRATED CIRCUIT WITH PHYSICALLY UNCLONABLE FUNCTION ROBUST TO MACHINE LEARNING ATTACKS

Assignee

Inventors

Cpc classification

Classification Explorer

H04L9/0866

ELECTRICITY

Classification Explorer

H04L9/3278

ELECTRICITY

International classification

Classification Explorer

H04L9/32

ELECTRICITY

Classification Explorer

H04L9/08

ELECTRICITY

Abstract

Claims

Description