SRAM based physically unclonable function (PUF) More...
SRAM based physically unclonable function (PUF)
Transistor variations of SRAM memory cells lead to different states after device power-on. The startup state of multiple memory blocks form a device-unique pattern plus additional noise ("weak PUF"). The noise is used to generate random numbers for PRNG seeding.
High entropy numbers can only be generated when the device starts from power-off (including low-power modes that turn of the RAM partly) and before the memory has been used. That's why the SRAM PUF procedure is implemented even before kernel initialization. Memory properties are hardware specific and can depend on environmental conditions. Thus, they should be evaluated for each individual deployment. A basic testing tool is provided in /RIOT/tests/sys/puf_sram.
In order to detect a software reboot without preceding power-off phase, a soft-reset detection mechanism writes a marker memory PUF_SRAM_MARKER
into SRAM. If the marker is still present after a restart, a soft-reset is expected and the PUF procedure is skipped.
Uninitialized memory pattern are compressed by the lightweight DEK hash function to generate a high entropy 32-bit integer which can be used to seed a PRNG. This hash function is not cryptographically secure and as such, adversaries might be able to track parts of the initial SRAM response by analyzing PRNG sequences.
Files | |
file | puf_sram.h |
Macros | |
#define | SEED_RAM_LEN (2048 / sizeof(uint32_t)) |
SRAM length considered for seeding. | |
#define | PUF_SRAM_MARKER (0xad3021ff) |
SRAM marker to detect reboot without power-off. | |
Functions | |
void | puf_sram_init (const uint8_t *ram, size_t len) |
checks source of reboot by puf_sram_softreset and conditionally calls puf_sram_generate | |
void | puf_sram_generate (const uint8_t *ram, size_t len) |
builds hash from SEED_RAM_LEN bytes uninitialized SRAM, writes it to the global variable puf_sram_seed and returns the value | |
bool | puf_sram_softreset (void) |
checks for a memory marker to determine whether memory contains old data. | |
Variables | |
uint32_t | puf_sram_seed |
Global seed variable, allocated in puf_sram.c. | |
uint32_t | puf_sram_state |
Global seed state, allocated in puf_sram.c 0 means seed was generated from SRAM pattern, 1 means missing power cycle detected, 2 means power cycle detected. | |
uint32_t | puf_sram_softreset_cnt |
Counter variable allocated in puf_sram.c. | |
#define PUF_SRAM_MARKER (0xad3021ff) |
SRAM marker to detect reboot without power-off.
Source: https://www.random.org/bytes/
Definition at line 77 of file puf_sram.h.
#define SEED_RAM_LEN (2048 / sizeof(uint32_t)) |
SRAM length considered for seeding.
Definition at line 69 of file puf_sram.h.
void puf_sram_generate | ( | const uint8_t * | ram, |
size_t | len | ||
) |
builds hash from SEED_RAM_LEN
bytes uninitialized SRAM, writes it to the global variable puf_sram_seed
and returns the value
[in] | ram | pointer to SRAM memory |
[in] | len | length of the memory to consider |
void puf_sram_init | ( | const uint8_t * | ram, |
size_t | len | ||
) |
checks source of reboot by puf_sram_softreset
and conditionally calls puf_sram_generate
[in] | ram | pointer to SRAM memory |
[in] | len | length of the memory to consider |
bool puf_sram_softreset | ( | void | ) |
checks for a memory marker to determine whether memory contains old data.
Otherwise it assumes a reboot from power down mode
|
extern |
Counter variable allocated in puf_sram.c.
It is incremented during each soft reset when no new PUF measurement was taken and it gets reset to zero after a power cycle was detected.
|
extern |
Global seed state, allocated in puf_sram.c 0 means seed was generated from SRAM pattern, 1 means missing power cycle detected, 2 means power cycle detected.
The state will most likely be overwritten with 0 in the next steps