The U.S. Department of Commerce and the National Institute of Standards and Technology (NIST) have partnered to grant Professor Gang Qu (ECE/ISR/MC2) approximately $100,000 to study the use of Silicon Physical Unclonable Functions (PUFs) as an entropy source.
Cryptographic keys play a vital role in modern cryptography and almost all security applications. A short key is easy to break, but a longer key does not guarantee better security. For a key to be strong, it must be random and unpredictable, which can be measured by entropy. In this project, Dr. Qu will investigate whether the randomness in silicon fabrication variation can be captured and used as a source to generate entropy and to enhance the quality of other entropy sources.
"This is the first time that the NIST Computer Security Division awards a research grant specifically focused on randomness extraction in hardware security research," said Dr. Apostol Vassilev, the technical director of NIST's Cryptographic Module Validation Program, "It will be very interesting to investigate how hardware can generate entropy and we are excited about the opportunity to work with Dr. Qu and his group."
Ring Oscillator (RO) PUF captures the timing difference of a pair ROs introduced during the fabrication process and defines one bit of information based on which RO is faster. Since 2008, Dr. Qu and his group have published a series of research papers on how to improve the security, robustness, and hardware efficiency of RO PUF. In this one-year project, the research team proposes to conduct both a theoretical analysis on the entropy provided by different implementations of RO PUF and hardware simulation and prototyping to collect empirical evidence. In addition, the team will exploit how silicon PUF can be integrated with other entropy sources. The researchers anticipate that successful completion of this project will also directly impact hardware related design for trustworthy computing, which is critically important for cybersecurity.
Dr. Qu, a leader in hardware security research, is known for his work on hardware design intellectual property protection (by watermarking, fingerprinting, and obfuscation), ring oscillator physical unclonable functions (PUF), trusted integrated circuit design, and their applications in the Internet of Things (IoT). He is currently leading the Maryland Embedded Systems and Hardware Security (MeshSec) lab and the Wireless Sensor Laboratory.
January 5, 2016