Statistic-Based Security Analysis of Ring Oscillator PUFs

TL;DR

This paper analyzes the security of ring oscillator PUFs using statistical methods, revealing that spatial patterns and correlation affect predictability and that non-adjacent ROs provide more reliable bit estimation.

Contribution

It introduces a statistical framework for analyzing ring oscillator PUF security, emphasizing the importance of spatial patterns and correlation in predictability.

Findings

Adjacent ROs have correlated frequencies affecting security.

Covariance is too small for reliable bit estimation between ROs.

Normality assumption for device distribution is validated.

Abstract

Ring oscillators (ROs) are a robust way to implement a physical unclonable function (PUF) into ASICs or FPGAs, but claims of predictability arose recently. We describe why this likely results from not using adjacent ROs for pairwise comparison because of spatial patterns in mean frequency and correlation coefficients found by principal component analysis. We show that the covariance is too small for our approach to estimate bits if adjacent ROs are compared. Our assumption of normality for the inter-device distribution passes an Anderson-Darling test and we outline that devices with proximate serial numbers are not more similar than other devices.