A method for extracting and recovering SRAM PUF values
By distinguishing between stable and unstable bits, using error-correcting codes to generate auxiliary data, and extracting and recovering SRAM PUF values, the problem of hackers recovering PUF values is solved, thus realizing a highly secure encryption system.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- NANJING PAFU INFORMATION TECH CO LTD
- Filing Date
- 2022-05-07
- Publication Date
- 2026-06-30
AI Technical Summary
In existing technologies, hackers can find the PUF value groups of SRAM chips by traversing the address sequence, which reduces the security of the encryption system. How to improve the extraction methods of SRAM PUF values and feature values to prevent hackers from recovering the PUF values has become an urgent problem to be solved.
By extracting SRAM PUF values and feature values through complex methods, employing a method to distinguish between stable and unstable bits, generating auxiliary data using error correction codes, and generating and recovering SRAM feature values, hackers are prevented from searching by traversing the address sequence.
This greatly improves security, as hackers cannot recover the original PUF value. The private key does not need to be stored and is susceptible to environmental factors, further ensuring the security of the key.
Smart Images

Figure CN116436592B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of SRAM technology, and in particular to a method for extracting and recovering SRAM PUF values. Background Technology
[0002] PUF stands for Physically Unclonable Function, reflecting the changes in physical properties caused by deep submicron structural deviations during chip manufacturing, exhibiting a random distribution characteristic. Because these deviations are uncontrollable, even chip circuits with identical circuit structures and operating environments will show different random deviations in their physical characteristics, making it impossible for hackers to copy or clone the chips. SRAM PUF refers to the PUF characteristics of SRAM (Static Random Access Memory), reflecting the bit distribution of the chip's initial state upon power-up. The initial state means that after SRAM power-up, due to random differences in the threshold voltage, before any data is written, each bit cell in the SRAM has an initial state of either 1 or 0. This initial state is related to subtle structural deviations generated during the manufacturing process.
[0003] Since the original state of each bit in SRAM is random, the distribution of "0" and "1" bits is also random across the entire SRAM chip. Each SRAM chip has a specific and unique bit distribution. This random distribution can be used as an encryption method for data encryption and identity verification.
[0004] Existing technologies utilize address-order reading of SRAM PUF values, or grouping by address order, to read the PUF values of one or more groups. These PUF values are then processed using algorithms to create encryption material; for example, the PUF value processed by the SHA-256 algorithm outputs a 256-bit value as the private key for an elliptic function signature. However, hackers can also find these groups by searching by address order. Since the combinations of address-order groups are limited—for example, a 2KB SRAM can be divided into 8 groups of 256 bytes each—a hacker can find the group by searching 8 times, thus reducing security.
[0005] Therefore, based on existing SRAM encryption technology, how to improve the extraction methods of SRAM PUF value and SRAM feature value, and how to recover the SRAM PUF value through the extracted SRAM feature value to improve its security and prevent hackers from recovering the SRAM PUF value by traversing the SRAM chip address order, has become an urgent problem to be solved by those skilled in the art. Summary of the Invention
[0006] In view of the above problems, the present invention proposes a method for extracting and recovering SRAMPUF values that at least solves some of the above technical problems. The method can extract SRAM PUF values and SRAM feature values in a complex manner, and can recover the previously extracted SRAM PUF values used as private keys through the extracted SRAM feature values.
[0007] This invention provides a method for extracting and recovering SRAM PUF values, comprising the following steps:
[0008] S1. Obtain the bit address of the SRAM from which the SRAM PUF value is to be extracted; starting from a preset starting address, group the bit address of the SRAM from which the SRAM PUF value is to be extracted into a first preset number of bits from low to high to generate a first type of group; the first type of group includes multiple units;
[0009] S2. Generate a digital sequence based on the number of stable bits and unstable bits of each unit in the first grouping; encode the digital sequence using a first error correction code to generate first auxiliary data;
[0010] S3. Using the decimal number of the digital sequence as the starting address, the bit address of the SRAM from low to high is grouped into a second preset number of bits to generate a second group.
[0011] S4. The group with the most stable bits in the second grouping is taken as the most stable group; from the most stable group, SRAM feature values and SRAM PUF values are extracted; each SRAM feature value is composed of a third preset number of consecutive stable bits; the SRAM PUF values are encoded by a second error correction code to generate second auxiliary data;
[0012] S5. Obtain the bit address of the SRAM whose SRAM PUF value is to be recovered; starting from the preset start address, group the bit address of the SRAM whose SRAM PUF value is to be recovered from low to high in units of the first preset number of bits to generate a new first type of group; the new first type of group includes multiple units;
[0013] S6. Generate a new digital sequence based on the number of stable bits and unstable bits of each unit in the new first grouping; use the first auxiliary data to encode and correct the new digital sequence to recover the original digital array;
[0014] S7. Using the decimal number of the original digital array as the starting address, the bit address of the SRAM to be recovered PUF value is grouped from low to high in units of the second preset number of bits to generate a new second type of group.
[0015] S8. Based on the SRAM feature value, extract the new most stable group from the new second grouping; use the second auxiliary data to encode and correct the error of the new most stable group to recover the original most stable group; recover the original SRAM PUF value from the original most stable group.
[0016] Furthermore, stable bits and unstable bits in the SRAM are distinguished as follows:
[0017] Power on the SRAM and read the value of each bit in the SRAM and its corresponding address;
[0018] The power-on operation is repeatedly performed on the SRAM a preset number of times, and the value of each bit in the SRAM and the corresponding address are read after each power-on operation; the power-on operation includes: powering on again after power failure;
[0019] For each bit at the same address, if the value of the bit is the same after each power-on operation, then the bit is a stable bit; otherwise, it is an unstable bit.
[0020] Further, step S2 includes:
[0021] Identifying each unit in the first grouping by a binary value includes: setting a preset ratio; if the number of stable bits in each unit of the first grouping exceeds the number of unstable bits by more than the preset ratio, then the unit is identified as 1; otherwise, the unit is identified as 0.
[0022] Based on the binary values of each unit identifier, a number sequence consisting of a string of binary values is formed;
[0023] The digital sequence is encoded using a first error-correcting code to generate first auxiliary data.
[0024] Further, in step S2, the digital sequence is encoded using a first error-correcting code to generate first auxiliary data, including:
[0025] A first random code is obtained by encoding a random number using a first error correction code;
[0026] The first random code is XORed with the digital sequence to generate the first auxiliary data.
[0027] Furthermore, step S3 also includes:
[0028] The digital sequence is input into the M-sequence linear shift register to generate pseudo-random numbers;
[0029] Scrambling the SRAM PUF includes: XORing the SRAM PUF with the pseudo-random number in ascending or descending order of address; the SRAM PUF is the bit distribution of the initial state of the SRAM from which the SRAM PUF value is to be extracted;
[0030] The second type of grouping is based on the scrambled SRAM PUF.
[0031] Further, in step S4, the SRAM PUF value is encoded using a second error correction code to generate second auxiliary data, including:
[0032] A second random code is obtained by encoding a random number using a second error-correcting code;
[0033] The second random code is XORed with the SRAM PUF value to generate the second auxiliary data.
[0034] Further, in step S6, encoding and correcting the new digital sequence using the first auxiliary data to recover the original digital array includes:
[0035] The first auxiliary data is XORed with the new digital sequence to obtain a new first random code; the new first random code is corrected to recover the original first random code; the original digital array is recovered based on the original first random code.
[0036] Further, the step of recovering the original number array based on the original first random code includes:
[0037] The original digital array is recovered by XORing the original first random code with the first auxiliary data.
[0038] Further, in step S8, the new most stable group is encoded and error-corrected using the second auxiliary data to recover the original most stable group, including:
[0039] The second auxiliary data is XORed with the new most stable group to obtain a new second random code; the new second random code is corrected to restore the original second random code; the original most stable group is restored based on the original second random code.
[0040] Further, the step of recovering the original most stable group based on the original second random code includes:
[0041] The original most stable group is recovered by XORing the original second random code with the second auxiliary data.
[0042] The beneficial effects of the above-described technical solutions provided in the embodiments of the present invention include at least the following:
[0043] (1) Hackers cannot obtain the original block position of SRAM by a limited number of traversals, so they cannot find the original most stable block, and further cannot recover the original most stable block PUF value. Therefore, they cannot generate the correct private key, which greatly improves security.
[0044] (2) The private key formed by the most stable PUF value group does not need to be stored and is deleted after use, so it cannot be stolen by hackers, thus fundamentally ensuring the security of the key. However, users can recover the original private key using SRAM feature values.
[0045] (3) Since the initial state of SRAM is easily affected by environmental factors such as working voltage, temperature, and aging, the initial state of SRAM will change every time it is powered on. Therefore, hackers cannot copy or clone the original initial state of SRAM, which further ensures security.
[0046] Other features and advantages of the invention will be set forth in the following description, and will be apparent in part from the description, or may be learned by practicing the invention. The objects and other advantages of the invention may be realized and obtained by means of the structures particularly pointed out in the written description, claims, and drawings.
[0047] The technical solution of the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. Attached Figure Description
[0048] The accompanying drawings are provided to further illustrate the invention and form part of the specification. They are used in conjunction with embodiments of the invention to explain the invention and do not constitute a limitation thereof. In the drawings:
[0049] Figure 1 This is a flowchart of a method for extracting and recovering SRAM PUF values provided in an embodiment of the present invention;
[0050] Figure 2 A hardware schematic diagram provided for an embodiment of the present invention;
[0051] Figure 3 This is a process diagram illustrating the generation of the first random code u1 and the first auxiliary data provided in an embodiment of the present invention;
[0052] Figure 4 A process diagram for generating the second random code u2 and the second auxiliary data provided in an embodiment of the present invention;
[0053] Figure 5 This is a diagram illustrating the recovery process of the digital sequence R1 provided in an embodiment of the present invention.
[0054] Figure 6 This diagram illustrates the recovery process of the SRAM feature value R2 provided in an embodiment of the present invention. Detailed Implementation
[0055] Exemplary embodiments of the present disclosure will now be described in more detail with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be implemented in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
[0056] This invention provides a method for extracting and recovering SRAM PUF values, referring to... Figure 1 As shown, it includes the following steps:
[0057] S1. Obtain the bit address of the SRAM from which the SRAM PUF value is to be extracted; starting from a preset starting address, group the bit address of the SRAM from which the SRAM PUF value is to be extracted into a first preset number of bits from low to high to generate a first type of group; the first type of group includes multiple units;
[0058] S2. Generate a digital sequence based on the number of stable bits and unstable bits of each unit in the first grouping; encode the digital sequence using a first error correction code to generate first auxiliary data;
[0059] S3. Using the decimal number of the digital sequence as the starting address, the bit address of the SRAM from which the feature value is to be extracted is grouped from low to high in units of a second preset number of bits to generate a second type of grouping.
[0060] S4. The group with the most stable bits in the second grouping is taken as the most stable group; from the most stable group, SRAM feature values and SRAM PUF values are extracted; each SRAM feature value is composed of a third preset number of consecutive stable bits; the SRAM PUF values are encoded by the second error correction code to generate the second auxiliary data;
[0061] S5. Obtain the bit address of the SRAM whose SRAM PUF value is to be recovered; starting from a preset starting address, group the bit address of the SRAM whose SRAM PUF value is to be recovered from low to high in units of a first preset number of bits to generate a new first type of group; the new first type of group includes multiple units;
[0062] S6. Generate a new digital sequence based on the number of stable bits and unstable bits of each unit in the new first grouping; encode and correct the new digital sequence using the first auxiliary data to recover the original digital array;
[0063] S7. Using the decimal number of the original digital array obtained from the recovery as the starting address, the bit address of the SRAM to be recovered PUF value is grouped from low to high in units of a second preset number of bits to generate a new second type of group.
[0064] S8. Based on the SRAM feature values, extract the new most stable group from the new second grouping; use the second auxiliary data to encode and correct the error of the new most stable group to recover the original most stable group; recover the original SRAM PUF value from the original most stable group.
[0065] This embodiment addresses the shortcomings of existing technologies by employing a different method. Instead of extracting SRAM PUF values and SRAM feature values sequentially by address, it uses a sophisticated and intelligent method to extract these values. The private key can then be determined based on the PUF distribution characteristics of the SRAM chip. The previously extracted SRAM PUF value is then recovered from the SRAM feature values. This effectively improves security, preventing hackers from decrypting the generated private key simply by traversing the address sequence. Furthermore, hackers cannot copy or clone the original SRAM PUF. Because SRAM is highly sensitive and susceptible to environmental factors such as operating voltage, temperature, and aging, the original state of the same SRAM differs from the previous state after each power-on. Hackers cannot find the original PUF and therefore cannot obtain the private key generated from the SRAM PUF value. Since the private key is not stored, the purpose of recovering the SRAM PUF value is to generate the original private key from the recovered PUF value, i.e., to recover the private key.
[0066] The term "originally" refers to the process of extracting SRAM feature values. Simultaneously, a private key is generated using the PUF value. This private key is not stored and is deleted after use, preventing hackers from stealing it and fundamentally ensuring the security of the key.
[0067] The term "recovery" refers to the process of recovering the PUF value of the most stable group of the SRAM when a user needs a private key for verification and decryption. This is achieved by using the SRAM feature value to recover the original PUF value of the most stable group of the SRAM and then using the original PUF value of the most stable group to generate the original private key.
[0068] The following section provides a detailed explanation of the part of this embodiment that extracts SRAM PUF values:
[0069] Reference Figure 2As shown, the hardware includes SRAM (Static Random Access Memory), a microcontroller, and a power supply. The SRAM contains SRAM PUF information (the bit distribution of the SRAM in its initial state after power-on). The SRAM can be built into the microcontroller or external to the microcontroller. If the SRAM is external, it is connected to the microcontroller, and the microcontroller is connected to the outside.
[0070] Step 1: Identify stable and unstable bits in the SRAM PUF (bit distribution of the SRAM in its initial state after power-on, including the value of each bit and its corresponding address).
[0071] A typical SRAM bit is composed of a six-transistor storage cell. A drawback of the SRAM PUF (Power-On-Factory) is its high sensitivity; it is easily affected by environmental factors such as operating voltage, temperature, and aging. Due to these subtle influences, the initial state of the same SRAM differs each time it is powered on; in other words, the SRAM PUF is different after each power-on. However, the six-transistor storage cell of SRAM exhibits "skewness." Skewness means that the same bit value is likely to appear multiple times after power-on. Neutral skew means that the probability of a bit value being 0 or 1 is close to 1 / 2 across multiple power-on cycles. This is because subtle differences in the manufacturing process affect the initial state of each bit (storage cell) of the SRAM. Although the differences are subtle, they are objectively present. Bits with a clear skew of 0 or 1 can be defined as stable bits, while bits with neutral skew can be defined as unstable bits.
[0072] In order to distinguish between stable and unstable bits, the SRAM PUF reading program reads the value of each bit and its corresponding address of the SRAM (the SRAM from which the feature value to be extracted) after power-on, records and stores them. The value and address of each bit of the SRAM are recorded, forming the bit distribution of the original state of the SRAM.
[0073] After the SRAM is powered off and then powered on again, the SRAM PUF read program reads the bit distribution of the original SRAM state in the same way as described above. The value and address of each bit of the SRAM are recorded and stored.
[0074] For each identical address, the SRAM PUF read program compares the values bit by bit in the bit distribution stored after multiple power-ups.
[0075] To simplify, we will use the second power-on as an example:
[0076] The SRAM PUF read program reads the bit distribution of 128K bytes of SRAM, with an address range of 00001 to 1F400. Bits with an address range of 00001 to 00080 are selected as an example.
[0077] The 128 bytes of values read after the first power-on, with an address range of 00001-00080, are as follows:
[0078] 38 F0 50 F3 28 A9 D9 0F ED A5 37 45 AE 55 B5 D7 D1 7A 07 92 B8 6E 82 B3 FA 32 B0 77 B6 63 31 ED D8 1A D7 B8 98 3E 57 25 A0 AB FE E1 42 30 47 20 A8A8 32 14 8C D4 B6 53 E1 D2 9B 90 A4 0A B2 twenty one FC AB A2 1F 5D F1 E2 96 BB 44 F18A C9 64 EB 52 78 0A 2A D4 76 9A CD 24 47 63 C5 AA F4 0A EC A6 BC E3 38 12 D42B 71 B4 53 BE 78 84 DA 2E B0 54 96 3F A2 95 2A 3E FA 66 93B5 A8 15 4A 64 9C6F
[0079] After the second power-on, 128 bytes of the same address range (00001-00080) are read, as follows:
[0080] 38 F0 50 F3 28 A9 D9 1F AD A5 37 45 AE 55 B5 D7 D1 7A 07 8A B8 6E 83 B3 FA 33 F0 77 B6 61 31 ED50 1A D7 B8 18 3A 5F A5 A0 8B 76 E1 42 30 C5 24 A8A8 BA 34 8C D4 16 D1 E1 DA DB 90 A4 0A 90 twenty one 74 AA A2 1F 5D 91 E2 16 BA 44 F18A C9 64 EB 72 68 0A 1A D4 76 9A CD 24 47 63 C5 AA D4 0A EC A6 BC E3 29 30 D42B 51 B4 53 3E 70 94 CB 2E B0 54 96 3E A2 84 EA 3E EA 67 93 B5 AC 1D 4B 24 9C6F FF
[0081] For each identical address, the SRAM PUF read program compares the values of the bits stored after the second power-on. For the same address, if the bit values are the same and unchanged after both power-ons, these are considered stable bits, marked with an underscore. Bits whose values differ after the second power-on are considered unstable bits.
[0082] Step 2: Perform the first grouping according to the order of SRAM addresses.
[0083] The cell size for the first group is determined, and the SRAM cells are grouped in ascending order of address. An address refers to the number of a memory cell. Since there are many memory cells, each cell needs to be assigned a memory address for addressing and reading. Addresses are usually arranged from smallest to largest, i.e., from lowest to highest. For example, an SRAM with a storage capacity of 128Kbyte corresponds to a hexadecimal address range of 00001 to 1F400, which is the address of each bit contained in the SRAM.
[0084] For example, SRAM has a storage capacity of 128Kbyte, and the corresponding hexadecimal address range is 00001 to 1F400. It is grouped in units of 64 bytes. 128Kbyte = 2000 * 64 bytes, which means that 128Kbyte has 2000 units in basic units of 64 bytes (the first preset number of bits). The address range of the first unit is 00000 to 0007F, the address range of the second unit is 00080 to 000FF, the address range of the third unit is 00100 to 0017F, the address range of the fourth unit is 00180 to 001FF, and so on, totaling 2000 units. These 2000 units together form the first type of grouping.
[0085] Step 3: Obtain the digital sequence based on the stable bit distribution characteristics of the PUF in the first grouping.
[0086] For each unit, count the number of stable bits and unstable bits within that unit, and set a ratio. If the number of stable bits exceeds the number of unstable bits by more than this ratio, mark the unit as 1; otherwise, mark it as 0. The number of each group of marks (1 or 0) together constitutes the digital sequence R1.
[0087] For example, taking the first unit (containing 64 bytes) as an example, with a set ratio of 20%, if the number of stable bits exceeds 20% of the number of unstable bits, the unit is marked as 1; otherwise, it is marked as 0. Assuming there are 300 stable bits and 212 unstable bits in the 64 bytes, based on the principle that a stable bit count exceeding 20% of the unstable bits is marked as 1, and the rest as 0, the first unit is marked as 1. Next, counting the second 64-byte unit, assuming there are 232 stable bits and 280 unstable bits, based on the principle that a stable bit count exceeding 20% of the unstable bits is marked as 1, and the rest as 0, the second unit is 0; the third unit is 1; the fourth unit is 1; the fifth unit is 1; the sixth unit is 0; the seventh unit is 0…
[0088] Following the above method, the number of stable and unstable bits in each cell is counted and compared to obtain the identifier number (0 or 1) for each cell. This process is repeated, generating a binary value for each cell, and multiple binary values form a binary number sequence. The result of counting 2000 cells is a 2000-bit number sequence R1, where each cell generates a binary value, and multiple binary values form a binary number sequence. For example, the final number sequence obtained above would be 1011100… This number sequence R1 reflects the PUF distribution characteristics of the SRAM (the distribution characteristics of stable bits in the SRAM PUF), and is a statistical result of comparing the number of stable and unstable bits in each cell of the first group. The number sequence determines the starting address of the second group; because it is a truly random number, the starting address can appear at any bit position in the SRAM 128Kbyte address. Because the hacker does not know the starting position of the second group, if the hacker adopts a traversal search method, for example, for 128K bytes of SRAM, it would need to traverse 128K*8=1024K times to find the original second group. At the same time, the program can identify such malicious traversal search, thereby greatly improving security.
[0089] Step 4: Encode the digital sequence using error correction codes to generate the first auxiliary data.
[0090] The process can be referred to Figure 3 As shown, a random number w1 is first encoded using an error-correcting code (such as BCH encoding) to obtain a first random code u1. The first auxiliary data is obtained by XORing the first random code u1 with the digital sequence R1.
[0091] Step 5: Perform the second grouping based on the number sequence R1.
[0092] The digital sequence R1 is a statistical result comparing the number of stable bits and unstable bits in each unit of the first grouping. It is a string of binary true random numbers. The rules for the second grouping are formulated using the digital sequence R1 to group the SRAM PUF.
[0093] For example, the second type of grouping is performed starting with the number sequence R1 and following the address order from low to high (or from high to low). In practice, the starting position is ordered modulo 128Kbytes from low to high, meaning it goes from low to high to the last position, and the next position after the last position cycles back to the first position. Continuing with the example of the 2000-bit number sequence mentioned above, 2000 bits are converted to decimal numbers. For example, assuming the number sequence is 1011100..., the decimal number is 347642. Therefore, the starting bit of the second type of grouping is the 347642nd bit of the 128KB SRAM. Grouping is done in units of 128 bytes (the second preset number of bits). 128 bytes is 1024 bits. So, the starting address of the first unit is the 347642nd bit, and the ending address is 347642+1024, which is the 348666th bit. The starting address of the second unit is the 348667th bit, and the ending address is the 349690th bit. The starting address of the third unit is the 349691st bit, and the ending address is the 350714th bit... There are a total of 1000 second-type groups in 128KB.
[0094] Alternatively, a second grouping rule can be established using a digital sequence. For example, a digital sequence is input into an M-sequence linear shift register to generate pseudo-random numbers. The SRAM PUF (initial bit distribution of the SRAM) is then XORed with these pseudo-random numbers in ascending order of address, scrambling the SRAM PUF. The second grouping is based on the scrambled SRAM PUF, and the grouping addresses are generated by grouping the SRAM from the first bit address in ascending (or descending) order of a second preset number of bits. This further enhances security.
[0095] For a truly random PUF (bit distribution of the initial state of SRAM), a hacker cannot copy or clone it, and therefore cannot discover the distribution characteristics of the stable bits in the PUF. At the same time, the hacker does not know the rules for finding the distribution characteristics of the PUF, and therefore cannot formulate the rules for the second grouping, and thus cannot copy the second grouping.
[0096] Step 6: Extract SRAM feature values from the second group of data.
[0097] As shown above, based on dividing 128K bytes into 1000 groups, the number of stable bits within each group is counted. The group with the most stable bits is the most stable group. For example, if we count the 128 bytes in the 70th group out of 1000 groups, there are 71 stable bits in this group. Since 71 stable bits is the number of stable bits in all groups, the 70th group is determined to be the most stable bit group.
[0098] After identifying the most stable group, SRAM eigenvalues are searched and determined for this group. The rule for determining SRAM eigenvalues is that a certain number (a third preset number) of consecutive stable bits constitute one SRAM eigenvalue. Assuming that three consecutive stable bytes constitute one SRAM eigenvalue, then there are a total of 17 instances of three consecutive stable bits satisfying the conditions for SRAM eigenvalues in the above 128 bytes. Therefore, there are a total of 17 SRAM eigenvalues (SRAM eigenvalue R2), which are identified as follows using double underscores (underscores represent stable bits):
[0099]
[0100] Therefore, 17 SRAM eigenvalues were obtained:
[0101] 38 F0 50 F3 28 A9 A5 37 45 AE 55 B5 D7 D1 7A F0 77 B6 1A D7 B8
[0102] E1 42 30 90 A4 0A A2 1F 5D 44 F1 8A C9 64 EB D4 76 9A
[0103] CD 24 47 63 C5 AA 0A EC A6 2E B0 54
[0104] Furthermore, the SRAM feature value can be used as an activation code, sent to the other party or a third party such as a certification center for registration.
[0105] Step 7: Encode the second grouped data using error correction codes to obtain the second auxiliary data.
[0106] Reference Figure 4 As shown, a random number W2 is first encoded using an encoding algorithm (such as BCH encoding) to obtain a second random code u2. The second auxiliary data is obtained by XORing the second random code u2 with the most stable group PUF value R2 (SRAM PUF value) of the second type of group generated above.
[0107] The following section provides a detailed explanation of the SRAM PUF value recovery process provided in this embodiment:
[0108] Step 1: Identify the chip based on its feature values.
[0109] Since the initial state (PUF) of the SRAM differs from the previous state upon each power-on, the extracted SRAM PUF feature value is the result of comparisons after one or more previous power-ons. Therefore, the PUF of the SRAM after power-on differs from the PUF at the time of previous reads. Consequently, even for the same SRAM chip, the PUF feature values will often differ when compared against the registered SRAM PUF feature values. Based on this, and through experiments with various types of SRAM chips under different environments, rules for SRAM PUF feature values were determined, and a threshold was set to ensure accurate identification without misjudgment.
[0110] For example, if the threshold is set to 4, and more than 4 (the fourth preset number) SRAM PUF feature values in the original state of an SRAM chip to be authenticated match, then the SRAM chip to be authenticated passes authentication; otherwise, if 4 or fewer match, authentication fails. The SRAM feature values sent to the user or registered are compared with the original state of the SRAM to be authenticated. If 6 SRAM feature values match (according to the example provided in Example 1), and the number of matching feature values (6) in the original state of the SRAM PUF of the SRAM chip to be authenticated is greater than the set threshold of 4, then the chip's identity is confirmed. Conversely, if no group in the 1000 groups has a SRAM PUF number greater than the set threshold, then the chip's identity is not confirmed and authentication fails. Here, "matching" means that the consecutive bits have the same order, bit value, number of bits, and feature value.
[0111] Step 2: Compare stable distributions to obtain new number sequences.
[0112] After the SRAM chip is identified, its address is grouped in ascending order according to the first grouping unit size (in units of a first preset number of bits). Grouping is also done in 64-byte units; a 128KB chip has 2000 units in 64-byte units.
[0113] Taking the first 64-byte unit as an example, with a ratio set at 20%, if the number of stable bits exceeds 20% of the number of unstable bits, the unit is marked as 1; otherwise, it is marked as 0. Assuming there are 310 stable bits and 216 unstable bits in the 64 bytes, based on the principle that stable bits exceeding 20% of unstable bits are marked as 1, and the rest as 0, the first unit is 1. Next, counting the second 64-byte unit, assuming there are 230 stable bits and 278 unstable bits, based on the principle that stable bits exceeding 20% of unstable bits are marked as 1, and the rest as 0, the second unit is 0; the third unit is 1…
[0114] By comparing the stable bits of each unit, the identifiers form a new sequence of numbers.
[0115] Step 3: Use the first auxiliary data and the new number sequence to recover the original number sequence.
[0116] Reference Figure 5 The diagram illustrates the process of recovering the original digital sequence R1. First, the first auxiliary data is XORed with the current (i.e., the new) digital sequence R1' in the PUF to obtain a new first random code u1'. Compared to the first random code u1, u1' has some different bits. This is then corrected using a decoding algorithm (such as BCH) to recover the first random code u1. Finally, XORing the first random code u1 with the first auxiliary data recovers the previous digital sequence R1. The specific process of obtaining the first auxiliary data is detailed in Example 1; repeated details will not be elaborated upon.
[0117] Taking a 2000-bit digital sequence as an example, the original digital sequence can be recovered by using error correction code and new digital sequence, which is the original 347642 when converted to decimal.
[0118] Step 4: Perform a second grouping based on the recovered number sequence.
[0119] Using the recovered digital sequence R1, the current SRAM PUF is regrouped according to the second grouping rule.
[0120] For example, starting with the recovered number 347642, the second type of grouping is performed in ascending order of address, in units of 128 bytes (in units of a second preset number of bits). The first unit starts at bit 347642 and ends at bit 348666 (347642+1024). The second unit starts at bit 348667 and ends at bit 349690. The third unit starts at bit 349691 and ends at bit 350714, and so on. There are a total of 1000 second-type groups in 128KB, generating a new second-type group.
[0121] Step 5: Recover the original SRAM PUF value based on the current new second grouping and second auxiliary data.
[0122] In the current second grouping, select the group that meets the SRAM feature value and the number of groups that meet the SRAM feature value is greater than the fourth preset number as the new most stable group. That is, extract the new most stable group PUF value R2' and restore the original most stable group PUF value (SRAM PUF value).
[0123] For details, please refer to... Figure 6As shown, the second auxiliary data is XORed with the current new most stable group PUF value R2' to obtain a new second random code u2'. Compared with the second random code u2, u2' has some different bits. Through a decoding algorithm (such as BCH), i.e., error correction, the second random code u2 is recovered. Then, the second random code u2 is XORed with the second auxiliary data to recover the previous, i.e., the original most stable group PUF value (SRAM PUF value). The purpose of re-grouping the two types of data is to recover the most stable group PUF value after a certain power-on, and to regenerate the same key as before. Since the original state of SRAM, i.e., the PUF value, is different each time it is powered on, the PUF of SRAM after power-on is different from the PUF when it was read before. Since the private key is not stored, it is necessary to recover the original PUF value, and then recover the original private key. For the specific process of obtaining the second auxiliary data, please refer to Example 1. Repeated parts will not be described again.
[0124] This embodiment utilizes a method for extracting and recovering SRAM PUF values using two block combinations, which offers high security and can be widely applied in encryption systems. This method enables the identification, authentication, encryption, and decryption of SRAM and the associated device, achieving high security. Using SRAM feature values as the key in the encryption system provides high security. For example, processing the SRAM feature values using the SHA-256 algorithm outputs a private key for elliptic function signatures, which hackers cannot copy or clone. Furthermore, the two block combinations allow for the recovery of the SRAM PUF value; therefore, the private key does not need to be stored after generation, is deleted after use, and is generated immediately when needed, preventing hackers from stealing it and fundamentally ensuring key security.
[0125] The methods provided in Embodiments 1 and 2 for extracting SRAM PUF values and SRAM feature values using two grouping combinations, and for recovering SRAM PUF values, obtain the distribution characteristics of stable bits by comparing stable and unstable bits, group them according to the distribution characteristics, obtain SRAM feature values, and recover SRAM PUF values. This method offers high security, is cloning-resistant, and has a strong root trust, enhancing the security of encryption systems. It is suitable for applications such as secure key generation and storage, device authentication, flexible key supply, and chip asset management. Furthermore, it can be used for payment protection, highly sensitive data protection, anti-counterfeiting and anti-cloning, identity theft prevention, prevention of media content and software application piracy, and software reverse engineering.
[0126] The various embodiments in this specification are described in a progressive manner, with each embodiment focusing on the differences from other embodiments. The same or similar parts between the various embodiments can be referred to each other.
[0127] Obviously, those skilled in the art can make various modifications and variations to this invention without departing from its spirit and scope. Therefore, if these modifications and variations fall within the scope of the claims of this invention and their equivalents, this invention also intends to include these modifications and variations.
Claims
1. A method for extracting and recovering SRAM PUF values, characterized in that, Includes the following steps: S1. Obtain the bit address of the SRAM from which the SRAM PUF value is to be extracted; starting from a preset starting address, group the bit address of the SRAM from which the SRAM PUF value is to be extracted into a first preset number of bits from low to high to generate a first type of group; the first type of group includes multiple units; S2. Generate a digital sequence based on the number of stable bits and unstable bits of each unit in the first grouping; encode the digital sequence using a first error correction code to generate first auxiliary data; S3. Using the decimal number of the digital sequence as the starting address, the bit address of the SRAM from which the feature value is to be extracted is grouped from low to high in units of a second preset number of bits to generate a second type of grouping. S4. The group with the most stable bits in the second grouping is taken as the most stable group; from the most stable group, SRAM feature values and SRAM PUF values are extracted; each SRAM feature value is composed of a third preset number of consecutive stable bits; the SRAM PUF values are encoded by a second error correction code to generate second auxiliary data; S5. Obtain the bit address of the SRAM whose SRAM PUF value is to be recovered; starting from the preset start address, group the bit address of the SRAM whose SRAM PUF value is to be recovered from low to high in units of the first preset number of bits to generate a new first type of group; the new first type of group includes multiple units; S6. Generate a new digital sequence based on the number of stable bits and unstable bits of each unit in the new first grouping; use the first auxiliary data to encode and correct the new digital sequence to recover the original digital array; S7. Using the decimal number of the original digital array as the starting address, the bit address of the SRAM to be recovered PUF value is grouped from low to high in units of the second preset number of bits to generate a new second type of group. S8. Based on the SRAM feature values, extract the new most stable group from the new second grouping; use the second auxiliary data to encode and correct the error of the new most stable group to recover the original most stable group; The original SRAM PUF value is recovered from the original most stable group; Step S2 includes: Identifying each unit in the first grouping by a binary value includes: setting a preset ratio; if the number of stable bits in each unit of the first grouping exceeds the number of unstable bits by more than the preset ratio, then the unit is identified as 1; otherwise, the unit is identified as 0. Based on the binary values of each unit identifier, a number sequence consisting of a string of binary values is formed; The digital sequence is encoded using a first error-correcting code to generate first auxiliary data; In step S2, the digital sequence is encoded using a first error-correcting code to generate first auxiliary data, including: A first random code is obtained by encoding a random number using a first error correction code; XOR the first random code with the digital sequence to generate the first auxiliary data; Step S3 further includes: The digital sequence is input into the M-sequence linear shift register to generate pseudo-random numbers; Scrambling the SRAM PUF includes: XORing the SRAM PUF with the pseudo-random number in ascending or descending order of address; the SRAM PUF is the bit distribution of the initial state of the SRAM from which the SRAM PUF value is to be extracted; The second grouping method is based on scrambled SRAM PUF. In step S4, the SRAM PUF value is encoded using a second error correction code to generate second auxiliary data, including: A second random code is obtained by encoding a random number using a second error-correcting code; The second random code is XORed with the SRAM PUF value to generate the second auxiliary data; In step S6, encoding and correcting the new digital sequence using the first auxiliary data to recover the original digital array includes: The first auxiliary data is XORed with the new digital sequence to obtain a new first random code; the new first random code is corrected to recover the original first random code; the original digital array is recovered based on the original first random code. The step of recovering the original number array based on the original first random code includes: The original digital array is recovered by XORing the original first random code with the first auxiliary data; In step S8, the new most stable group is encoded and error-corrected using the second auxiliary data to recover the original most stable group, including: The second auxiliary data is XORed with the new most stable group to obtain a new second random code; the new second random code is corrected to restore the original second random code; the original most stable group is restored based on the original second random code. The step of recovering the original most stable group based on the original second random code includes: The original most stable group is recovered by XORing the original second random code with the second auxiliary data.