Implementation and characterization of flash‐based hardware security primitives for cryptographic key generation

• Published in: ETRI journal Vol. 45; no. 2; pp. 346 - 357
• Main Authors: Oh, Mi‐Kyung, Lee, Sangjae, Kang, Yousung, Choi, Dooho
• Format: Journal Article
• Language: English
• Published: Electronics and Telecommunications Research Institute (ETRI) 01.04.2023; 한국전자통신연구원
• Subjects: cryptographic key; entropy; flash memory; hardware security primitive; physical unclonable function (PUF); 전자/정보통신공학
• ISSN: 1225-6463; 2233-7326
• DOI: 10.4218/etrij.2021-0455

Hardware security primitives, also known as physical unclonable functions (PUFs), perform innovative roles to extract the randomness unique to specific hardware. This paper proposes a novel hardware security primitive using a commercial off‐the‐shelf flash memory chip that is an intrinsic part of most commercial Internet of Things (IoT) devices. First, we define a hardware security source model to describe a hardware‐based fixed random bit generator for use in security applications, such as cryptographic key generation. Then, we propose a hardware security primitive with flash memory by exploiting the variability of tunneling electrons in the floating gate. In accordance with the requirements for robustness against the environment, timing variations, and random errors, we developed an adaptive extraction algorithm for the flash PUF. Experimental results show that the proposed flash PUF successfully generates a fixed random response, where the uniqueness is 49.1%, steadiness is 3.8%, uniformity is 50.2%, and min‐entropy per bit is 0.87. Thus, our approach can be applied to security applications with reliability and satisfy high‐entropy requirements, such as cryptographic key generation for IoT devices.