Browse Prior Art Database

METHOD TO INSTANTIATE SRAM BASED PUF ON COMMODITY SILICON CPUS AND THEIR USE TO PREVENT PART REPLACEMENT ATTACK

IP.com Disclosure Number: IPCOM000242966D
Publication Date: 2015-Sep-03
Document File: 4 page(s) / 64K

Publishing Venue

The IP.com Prior Art Database

Related People

Chirag Shroff: AUTHOR [+3]

Abstract

Use of uninitialized values of on-chip cache available in commodity Central Processing Units (CPUs) allows the creation of a CPU signature which can be used to thwart CPU replacement attacks and enhance system security.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 44% of the total text.

Page 01 of 4

METHOD TO INSTANTIATE SRAM BASED PUF ON COMMODITY SILICON CPUS AND THEIR USE TO PREVENT PART REPLACEMENT ATTACK

AUTHORS:

Chirag Shroff

Anthony Grieco
Bob Bell

CISCO SYSTEMS, INC.

ABSTRACT

    Use of uninitialized values of on-chip cache available in commodity Central Processing Units (CPUs) allows the creation of a CPU signature which can be used to thwart CPU replacement attacks and enhance system security.

DETAILED DESCRIPTION

     Commodity Central Processing Unit (CPU)-based systems, which supply security functionality in the CPU, are susceptible to parts replacement attacks which replace the special security functionality with generic or replacement functionality. Detecting a replaced CPU thus becomes critical to assure that the expected security functionality is in fact present. Although ideas around using Physically Unclonable Functions (PUFs) to uniquely identify electronic circuits/chips exist, CPU vendors have not made the functionality available to system builders. If a method is developed to instantiate a PUF within commodity CPUs, such a methodology would provide a cryptographically strong CPU signature to detect such attack. An entity validating the CPU signature could use either the presence of a valid CPU signature or the detection of a failed CPU signature as a criteria for allowing the system to come into a functional state.

    Techniques exist in using Static Read Only Memory (SRAM) initialization values to create a Physically Unclonable Function (PUF). Since the actual initialization state of a set of SRAM cells is not totally predictable, simply reading these cells is not sufficient. A

Copyright 2015 Cisco Systems, Inc.

1


Page 02 of 4

post process to error correct the values read must be implemented as well. This structure is well established in both literature on PUF construction and in US Patents. Techniques also exist in using such a PUF to either produce entropy OR derive unique symmetric or asymmetric keys. Commodity CPUs all contain large cache memories implemented using SRAM cells.

    The solution presented herein involves booting such commodity CPUs using a small piece of code referred to as Microloader. The Microloader can be housed in a Read Only Memory (ROM) inside the CPU or served up by a companion flash chip/FPGA/ASIC or other methods. Within a first few instructions, the Microloader would configure a portion of the on-chip cache of CPU as SRAM and read the uninitialized values of SRAM cells. The Microloader then would call a PUF function which would derive a keying material from these values. Because the SRAM is contained within the target CPU itself, this allows for the detection of a CPU substitution. Characteristics of such a PUF function dictate that, every boot, the same unique value results. The reproducibility of this unique value is important for the successful functioning of this solution. The security and reliability of SRAM PUFs has been well established within the literature and in actual implement...