Statistical Quality Comparison of the Bitstrings Generated by a Physical Unclonable Function across Xilinx, Altera and Microsemi Devices
Jenilee Jao, Kristi Hoffman, Cheryl Reid, Ryan Thomson, Michael Thompson, Jim Plusquellic
TL;DR
This study evaluates the entropy quality of the SiRF PUF across Xilinx, Altera, and Microsemi low-end FPGA-SoCs by measuring path delays with a high-resolution TDC and post-processing to isolate within-die variations. It introduces an entropy-to-TV-noise ratio ($SNR$) to compare the statistical quality of PUF bitstrings across devices and uses multiple reliability enhancements (Thresholding, XMR) alongside NIST randomness tests. The results show near-maximal entropy and very low TV-noise for all device classes, with Zynq generally outperforming CycloneV and PolarFire on several metrics; CycloneV exhibits the highest TV-noise among the three. The work demonstrates that high-quality, cryptographic-grade PUF keys are feasible across diverse FPGA fabrics, enabling robust key generation for IoT and related security applications, while also highlighting cross-foundry variations and avenues for further performance improvements.
Abstract
Entropy or randomness represents a foundational security property in security-related operations, such as key generation. Key generation in turn is central to security protocols such as authentication and encryption. Physical unclonable functions (PUF) are hardware-based primitives that can serve as key generation engines in modern microelectronic devices and applications. PUFs derive entropy from manufacturing variations that exist naturally within and across otherwise identical copies of a device. However, the levels of random variations that represent entropy, which are strongly correlated to the quality of the PUF-generated bitstrings, vary from one manufacturer to another. In this paper, we evaluate entropy across a set of devices manufactured by three mainstream FPGA vendors, Xilinx, Altera and Microsemi. The devices selected for evaluation are considered low-end commercial devices to make the analysis relevant to IoT applications. The SiRF PUF is used in the evaluation, and is constructed nearly identically across the three vendor devices, setting aside minor differences that exist in certain logic element primitives used within the PUF architecture, and which have only a minor impact on our comparative analysis. The SiRF PUF uses a high-resolution time-to-digital converter (TDC) crafted from high-speed carry-chain logic embedded within each device to measure path delays in an engineered netlist of logic gates as a source of entropy. Therefore, our analysis includes an evaluation of actual path delay variation as it exists across the three device classes, as well as a statistical evaluation of the PUF-generated bitstrings. A reliablity analysis is also provided using data collected in industrial-standard temperature experiments to round out the evaluation of important statistical properties of the PUF.