Design and Implementation of a Physically Unclonable Function on FPGA

One of the challenges in the hardware security is withstanding cloning and hardware duplication. In fact this attack aims hardware originality so the defense mechanism should be different from common system security and algorithm protection. Applying Physically Unclonable Functions (PUFs) is one of the most effective protection methods.
Physically Unclonable Functions (PUFs) are functions that generate a set of random responses when stimulated by a set of pre-defined requests or challenges. Since these challenge-response schemes extract hidden parameters of complex physical unpredictable properties of substrate materials, such as delay of interconnections and wiring in the CMOS process and devices, they are called physically unclonable    functions. They are mainly used for electronic security purposes such as hardware verification and/or    device authentication mechanisms, protection of sensitive intellectual property (IP) on devices and         protection against insecure hardware connections and communications. PUF-based security mechanisms have some obvious advantages compared to traditional cryptography-based techniques, including more resistance against physical and side channel attacks and suitability for lightweight devices such as RFIDs.
In FPGA devices, PUFs are instantiated by exploiting the propagation delay differences of signals caused by manufacturing process variations. However, real implementation of PUFs on FPGAs is a big challenge given the fact that the resources inside FPGAs are limited, and that it is not easy to simulate the behavior of PUF using existing software tools. In addition, there are a few articles that explain details of the implementation of PUFs on FPGAs. In practice, it usually takes a long time to get a simple PUF to work both in simulations and on board.
In this work, we describe a practical realization of a ring-oscillator based PUF on Xilinx FPGAs and illustrate how such architecture is mapped into some FPGAs from this device family. Using this              architecture, we obtain a unique 10-bit code which can be used to identify a chip between many similar  devices of the same family in order to provide a reliable access control and authentication mechanism.  Simulations are carried out using a dual core computer with 2 GHz clock frequency and 4 GBytes RAM memory.