Secure Authentication in Wireless IoT: Hamming Code Assisted SRAM PUF as Device Fingerprint

TL;DR

This paper presents a resource-efficient SRAM PUF-based device fingerprinting scheme for secure authentication in constrained IIoT devices, achieving low error rates through Hamming code error correction and threshold calibration.

Contribution

It introduces a novel, resource-aware calibration method for SRAM PUFs that balances reliability, security, and resource constraints in IIoT device authentication.

Findings

Reliable post-authentication bit error rate below 1% achieved.

Hamming code redundancy and TMV count reduce BER with diminishing returns.

Design space analysis guides resource-aware PUF implementation.

Abstract

Static Random Access Memory (SRAM) Physically Unclonable Functions (PUFs) make use of intrinsic manufacturing variations in memory cells to derive device-unique responses. Employing such hardware-rooted fingerprints for authentication, this work demonstrates a threshold-based authentication proof of concept for constrained Industrial Internet of Things (IIoT) devices. The proposed scheme can reliably cap the the post-authentication bit error rate (BER) below 1 %. Inherent SRAM PUF unreliability is addressed by a resource-efficient combination of Hamming code (HC) Error Correction (EC) and Temporal Majority Voting (TMV). Increasing HC redundancy or TMV count significantly reduces the BER, albeit with diminishing returns and increasingly prohibitive computational overhead. Furthermore, this work quantifies the threshold gap between strict reliability and security constraints. This gap is reframed as a design budget which enables the resource-aware calibration of the acceptance threshold, PUF response length, and stabilization technique, without violating designed-for error limits. Larger responses make reliability optimizations increasingly obsolete. This comparative analysis establishes a comprehensive design space for PUF EC, guiding future implementations in balancing EC quality against resource constraints such as computational demand, power consumption, and implementation complexity.