2022 2nd Asian Conference on Innovation in Technology (ASIANCON)
Pune, India. Aug 26-28, 2022
PUF Based Cryptographic Key Generation
Samra S S 1 , Sreehari K N
Department of Electronics and Communication Engineering
Amrita Vishwa Vidyapeetham
2022 2nd Asian Conference on Innovation in Technology (ASIANCON) | 978-1-6654-6851-0/22/$31.00 ©2022 IEEE | DOI: 10.1109/ASIANCON55314.2022.9908649
Amritapuri, India
samrass1997@gmail.com1 , sreeharikn@am.amrita.edu2 ,rameshb@am.amrita.edu3
Abstract—For data storage and protection, encryption is an
important standard. A secret key is required in order to encrypt
or decrypt data. This key is typically located in memory, where
it can potentially be stolen. In order to avoid this, new methods
of generating secret keys have been developed.To safeguard the
generation of the secret key, one of these techniques is to utilise
a Physically Unclonable Function (PUF). In order to generate
secret keys or simple authentication protocols, secrets can be
extracted from the physical structure of the device. A stable
PUF output is essential for generating cryptographic keys with
greater uniqueness, randomness, and uniformity. The goal is to
offer device identification methods that are inexpensive, efficient,
and safe, as well as secure cryptographic key creation using PUFs.
This paper propose a design that combines ring oscillator puf
(ROPUF), Arbiter puf (APUF) and Exclusive OR gate. Verilog
simulation is performed using VIVADO software. AES algorithm
is implemented for encryption and decryption for cryptographic
key generation. The experimental results shows the uniqueness,
reliability, uniformity and aliasing has improved.
Index Terms—PUF, secret key,ROPUF, APUF, cryptographic
key generation,FPGA, Xilinx Vivado
I. I NTRODUCTION
Since last few years, people have been increasingly using
smart objects for storing confidential information. Digitization
has made it possible for people to save information on their
mobile devices and laptops. Not only must a device be
authenticated via secret keys, passwords, and other methods,
but it must also be authenticated with the device itself. As a
result, both the software and the hardware must be verified.
There is a significant issue with traditional security methods
that store digital keys.
The goal of this study is to define Physically Unclonable
Functions (PUFs), which are unique challenge-response enti-
ties embedded in physical devices. A physically unclonable
function (PUF) is commonly used in cryptography to generate
random numbers, generate secret keys, and verify identities.
PUFs are devices that are easy to make, but are virtually im-
possible to duplicate. PUFs are unclonable due to the random
components they contain due to manufacturing variation.[1]. In
comparison to existing cryptographic systems, a big advantage
of the method is that there are never any digital copies of secret
keys involved. Security is maintained by the device itself,
which makes PUFs resistant to intrusions. Another benefit
of PUF-based cryptographic primitives is that they are cost
effective, so they are suited to large-scale production.
Physical Unclonable Functions (PUFs) are a key generation
alternative to TRNGs. PUFs calculate a unique signature for
978-1-6654-6851-0/22/$31.00 ©2022 IEEE
Authorized licensed use limited to: Northeastern University. Downloaded on February 12,2024 at 17:25:48 UTC from IEEE Xplore. Restrictions apply.
2 and Ramesh Bhakthavatchalu3
each IC by using randomness throughout the manufacturing
process. [2]. Device-dependent keys or device identification
codes can be generated from this signature This method has
the main advantage of requiring no key to be stored in the
device, which makes it harder to disclose[3].
The following is how the rest of the paper is divided: section
II explains details about pufs,classification,structures,quality
features,application. Section III discusses on
APUF,ROPUF.Section IV describes about cryptography
and AES in detail. Proposed design is explained in section
V. The final results and schematic comes under section VI .
Finally comes the conclusion and future scope in the section
VII and VIII.
II. PHYSICALLY UNCLONABLE FUNCTIONS -
PUF S
Physical Uncloble Functions or PUFs is a new technology
emerging in the current world and one that widely used
primitive hardware. Using differences in physical properties
or performance provide a unique digital signature [4]. This
unique ID or the key is like a human fingerprint that there
are no two devices can have the same key. It works based
on responding to a challenge pair. Challenges the input we
offer in puf as well the answers are the results produced
by puf. As PUF uses a variety of body structures all PUF
structures it will differ internally and respond in the same
way the challenge thus provided a unique answer. This is the
outfit PUF can be used for simple verification [5] as well as
generating secret keys. PUFs appeared on the scene just when
classical cryptography had failed to protect against physical
attacks, side channel attacks, and other threats. One of the
most significant advantages of PUF over key cryptographic-
based keywords systems [6] is that it does not require the
storage of secrecy keys in fixed memory e.g. the secret key
is hidden inside the device itself. The device itself is the key
to action PUF is secure and is a promising and economical
method for cryptographic primitives.
PUFs (Physically Unclonable Functions) are a new type of
authentication device that protects against a wide range of
production as well as cryptographic key creation. Security
in integrated circuits (ICs) have become a major problem
due to high security information requirements. To ensure
authenticity and confidentiality, cryptographic keys are used
to encrypt information. Several solutions have been suggested
to be key each generation, each with its own advantages and
1
disadvantages.We generally call the PUF input as challenges D. Applications of PUFs
and output as responses. During the PUF Registration Phase PUFs can be distributed across multiple systems depending
provides a challenging response set pairs (CRP) are measured on their properties. Physical Security solution is one of the
and stored. most popular applications. This can be achieved by placing
PUF suitable for system and other software or hardware to
A. Classification of PUF
improve its features. The most widely used PUF-based use has
There are two types of Physical Unclonable Functions: weak been suggested in the past considered applications that require
PUFs and strong PUFs. some form of random such as random number generators.
1) Weak PUFs: These PUFs support a limited number PUF is a viable solution for device authentication applications
of Challenge-Response Pairs (CRP), which corresponds to where some device properties can be acquired through process
the number of components required to build the PUF, and variation. Other uses include key zeroization, secure storage
are referred to as weak PUFs. Cryptographic keys can be with renewable keys, and software downgrade prevention.
generated using this method. SRAM PUF, Butterfly PUF, and
other PUFs are common examples. III. D ELAY BASED PUF S
2) Strong PUFs: If an attacker cannot forecast or guess any The random delay variations of the logic and connection
response to an unused challenge during the device’s lifespan, are used in delay-based PUF designs. It compares two equal
it is referred to as a strong PUF. The polynomial period attack or symmetric circuit elements made up of interconnect and
is impossible with these types of PUF structures since they logic, and then quantifies the delay mismatch caused by man-
support a large number of CRP [9]. Device authentication ufacturing process changes. The Arbiter PUF, Ring Oscillator
systems frequently employ this. PUF-based delays such as PUF, and Butterfly PUF are three of the most widely discussed
Arbiter PUF, RO PUF, Bistable Ring PUF, and others are delay-based PUF topologies.
examples of this.
A. Ring Oscillator PUF in detail
B. PUF structures
One of the main concepts of PUF-based applications is to
take advantage of physical differences that occur at random
and are unpredictable.
1) Inter Distance: The distance between two separate
stages of PUF for a given task is the distance between the two
replies resulting from simultaneously applying this challenge
to both PUFs.
2) Intra distance: The distance between two tests for a
given challenge is one. The distance between the two re-
sponses determines the suspension of PUF, resulting in the
application of this challenge being doubled in one PUF.

C. PUF quality features

1) Unity: Based on retrieved replies, unity is estimated how
PUF can be classified separately chips.
2) Uniqueness: The ability to distinguish between different
sorts of gadgets is measured by uniqueness. A perfect unique-
ness value between any two PUF responses is 50.
3) Reliability: Reliability assesses a PUF’s capacity to
withstand changes in the environment. Temperature changes
are one of the most important factors influencing the stability Fig. 1. Conventional diagram of Ring Oscillator PUF
of PUF responses.
4) Randomness: Randomness analyses two properties in a The differences in frequencies of numerous identically
PUF signature: independence and uniformity, by studying the arranged ring oscillator structures are leveraged to form the
distribution of 0s and 1s. PUF design in a Ring Oscillator PUF or ROPUF. A counter
5) Tight security: PUF’s ability to prevent an adversary calculates the Ring Oscillator frequencies, which are then
from revealing a secret key. These secret keys are a sort of translated into binary outputs using a simple comparison
Challenge dual answer (CRPs). approach [12][9]. One problem of ROPUFs is that they require
6) Temperature Stability: As the temperature varies, the one pair of ring oscillators per bit of output, requiring a large
fluctuations in transistors create delay, therefore we make sure number of ring oscillators to collect enough output bits for a
the intra-distance is kept to a minimum. safe security level [8].

2
Authorized licensed use limited to: Northeastern University. Downloaded on February 12,2024 at 17:25:48 UTC from IEEE Xplore. Restrictions apply.
 Due to statistical process differences, the RO PUF is made
up of identically mapped ring oscillators, each of which
oscillates at a different frequency. Each input Challenge is
sent to the multiplexers’ selection lines, which choose a pair
of oscillators and compare them to generate a fixed number
of output responses. If all oscillators are mapped identically,
process changes define the frequency’s uniqueness. Chip to
chip, the output response differs. Another problem of RO PUFs
is that they require one pair of ring oscillators per bit of output,
requiring a large number of ring oscillators to collect enough
output bits for a safe level.
B. Arbiter PUFs in detail
Fig. 2. Arbiter PUF
The APUF, or Arbiter PUF, is made up of delayed config-
urations that are triggered by an intense signal [12]. Arbiter,
which is an activated edge flip-flop, measures the difference in
signal distribution delay between two delay lines. It is based on
the difference in delay between the two methods with almost
identical physical configurations. Multiplexers that determine
the delay technique are controlled by challenges. Bits from the
same input C I are utilised to pick a pair of multiplexers that
serve as a crossbox in this example. The two delay modes
are raised at the same time to see which route is arriving
arbiter with the least amount of delay. If the input is logic 0,
they behave similarly, with the bottom and upper signals being
replaced in various ways.
The Arbiter (which is a latch or flip-flop) at the end of
the delay method chooses which side rises first and sets the
output to 0 or 1 depending on which route took precedence.
The chance of the delay caused by variation of production
determines the output from Arbiter PUF. However, there have
been a few reported issues with Arbiter PUF with FPGAs.
The problem with Arbiter PUF is that it necessitates meticu-
lous planning as well as simultaneous mapping of the same
notion, which is extremely dangerous in the case of FPGAs.
Unfortunately, the attackers will be unable to find a circuit
model based on average input-output pairs, or CRPs.
3
Authorized licensed use limited to: Northeastern University. Downloaded on February 12,2024 at 17:25:48 UTC from IEEE Xplore. Restrictions apply.
IV. C RYPTOGRAPHY
The security of network communications is critical in e-
commerce and other network applications, for example. The
usage of cryptography, on the other hand, goes much beyond
the ease of confidentiality. Cryptography, in particular, enables
network businesses and customers to ensure the integrity of
their services. If the current trend in the global e-market con-
tinues, better cryptographic measures to protect commercial
transactions would be required. A hacker or an eavesdropper
could make sensitive information posted on an open network
anonymous.This is accomplished by converting messages into
a strange object form via a mathematical formula known
as an encryption algorithm. To extract the original message,
the intended recipient uses an encryption method.There are
various types of information that must be protected in this
way over open networks, such as bank account information,
credit card transactions, or personal health or tax records.
Cryptosystems can provide services such as confidentiality,
authenticity, integrity, and non-infringement. It doesn’t provide
you access to any information or systems.
A. AES(Advanced encryption standard)
AES is a block cypher that uses a 128-bit key, 192-bit
key, or 256-bit private key to convert 128-bit input data.
In January 1997, the National Institute of Standards and
Technology announced the start of work on a new AES
encryption. They reported in October 2001 that a new Rijndael
algorithm had won a competition among advanced algorithms
and presented a new one. Rijndael’s algorithm will be the
Advanced Encryption Standard. From there the AES goes
widely used as a basis for cryptography in terms of hardware
and software. It has been replace existing DES with Triple
DES to provide better safety and security benefits properties.
AES is widely used in the commercial market for various types
of data transactions. It has opened the way for the development
of cryptographic algorithm in the market. There are several
hardware components that take advantage of AES to make
the best encryption with the help of hash algorithms like SHA,
MD5 etc.
Fig. 3. AES working
 V. PROPOSED DESIGN
Physical Unclonable functions or PUFs are the newly evolv-
ing technology in the current world and is the one of the
most commonly used hardware primitive. It makes use of the
variations in the physical properties or the manufacturing to
provide a unique digital signature[4]. This unique identity/
key is a parallel to human fingerprint that no two devices
can have the same key. It works based on challenge response
pair. Challenges are the input we provide to the puf and
responses are the outputs generated by the puf. Since PUF
utilizes the variation in physical properties every PUF structure
will be internally different and responds differently to the same
challenge thereby giving unique response.This PUF attribute
can be utilised for simple authentication[5] as well as the
generation of secret keys. PUFs emerged at a time when
standard cryptography was failing to protect against physical Fig. 6. Arbiter PUF Waveform
attacks, modelling attacks, side channel attacks, and other
threats. One of the most significant advantages of PUF over
typical cryptographic systems based on keys[6] is that it does
not require secret keys to be stored in nonvolatile memory, i.e.
the secret key is hidden within the physical device itself. The
device is the key to the PUF’s security, and it appears to be a
promising cost-effective way for cryptographic primitives.

Fig. 7. Design Waveform

Fig. 4. Proposed Model

Fig. 8. AES Encryption

Fig. 5. RO PUF Waveform

4
Authorized licensed use limited to: Northeastern University. Downloaded on February 12,2024 at 17:25:48 UTC from IEEE Xplore. Restrictions apply.
 Fig. 9. AES 128 Encryption
Fig. 10. AES Decryption
VI. SUMMARY
This work is done in the Vivado design suite. Ring os-
cillator PUF integrated with Arbiter PUF has a special-OR
configuration to get a random number generator which acts
as a standard key or secret key. The results show uncertainty
in the output bit broadcast with the help of PUF. With this
design, energy consumption can be improved to great extent
.Puf parameter such as variation, non-discrimination, naming
and similarity near the fair value. Inter and Intra distance is
also 43.5 percent and close to zero. Introduced waves Found
and comparison tables and RTL Design of the schematic.
VII. CONCLUSION
PUF technology is the best storage technology available.
Like the most advanced key storage technology available
today, PUF technology can give our long-term plans to work
at a lower cost — before our designs become under secu-
rity threats. The input to a simple cryptographic function is
distributed randomly, and the function then provides robust
protection against encryption of empty text information up to
a particular degree for each bit. When data is delivered to
the user for encryption, keys are produced automatically. And
the keys are always produced at random, with no reference to
5
Authorized licensed use limited to: Northeastern University. Downloaded on February 12,2024 at 17:25:48 UTC from IEEE Xplore. Restrictions apply.
Fig. 11. Schematic of design, combination of ROPUF, APUF,with AES
encyprtion for cryptogrpahic key generation.
Fig. 12. Performance Analysis Table
previously generated keys. Because the keys used for encryp-
tion and decryption are different, the algorithm is difficult to
specify. Encryption keys and encryption keys are not always
the same data fragments; they are dependent on data fragment
modification. Both data and device are verified. It means that
both software and phone hardware are authorized.RO PUF
response pieces and Shift Register concept are used The effects
of heat and aging can be minimized. This causes a change in
the key value that PUF can extract, deactivate and deactivate
the crypto IC permanently.
Xilinx Vivado is used for simulation and validation of the
proposed model. A 8 bit input challenge is given as input
and a 32 bit output response is generated by the ROPUF.
For simulation purpose, random delay is given to each of
the gates in all ring oscillator in order to mimic the delay
contributed by physical gates in practical scenario. Figure 5
shows one such challenge response pair that is simulated. Few
other examples of challenge response pairs are given in Figure
6 and 7. Schematic of design is given in Figure 11. The select
lines are the challenge to the PUF.
VIII. F UTURE S COPE
This work is implemented on Vivado design suite. This
work has been proposed to overcome the limitations of var-
ious existing security measures adopted to prevent hardware
security breach. Most of the existing models have limitations
by restricting functionality, reducing testing and debugging, [15] Maiti, A., Casarona, J., McHale, L., Schaumont, P. (2010). ’A
limiting the frequency, excessive area and power overhead and large scale characterization of RO-PUF’. 2010 IEEE International
Symposium on Hardware- Oriented Security and Trust (HOST).
so on. An integrated structure of ROPUF and APUF has been doi:10.1109/hst.2010.5513108
proposed here for enhancing the security. A key advantage of [16] Rahman, M. T., Forte, D., Fahrny, J., Tehranipoor, M. (2014).’ ARO-
the proposed model is that it is using the existing components PUF: An aging-resistant ring oscillator PUF design.’ Design, Au-
tomation Test in Europe Conference Exhibition (DATE), 2014.
in the wrapper to enhance the security, there by reducing the doi:10.7873/date.2014.082
area overhead. Thus the proposed model helps to overcome [17] Shital Joshi, Saraju P. Mohanty, and Elias Kougianos , ”Everything You
all the problems faced by existing models. Wanted to Know About PUFs,” 2017 IEEE Potentials.
[18] Prof. Lalu V,Riya S. S.. ’A dynamically configurable LFSR-based PUF
The use of cryptographic primitives like PUF is increasing design against machine learning attacks,’ CCF Transactions on High
day by day and its usage has reached vast different areas. Performance Computing. 3. 10.1007/s42514-020-00060-7.
However, even though security is boosted by such methods, [19] Chen, Q., Csaba, G., Lugli, P., Schlichtmann, U., Ruhrmair, U. (2011).
’Stable cryptographic key generation using SRAM based Physical Un-
more and more vulnerabilities with the existing securities are clonable Function’. Proceedings of the International Conference on
being explored and exposed.A higher order LFSR and higher Smart Electronics and Communication (ICOSEC 2020)
order challenge response pair for the PUF can be added to [20] Chongyan Gu, Maire O’Neill,’ .Ultra-compact and Robust FPGA-based
PUF Identification Generator’.,2015 IEEE International Symposium on
further improve security. Furthermore, the PUF that will be Circuits and Systems (ISCAS)
used can be a more powerful version than the existing ROPUF. [21] Sriram Sankaran, Shivshankar Sand Nimmy K,’ LHPUF: Lightweight
Also, the LFSR utilised could be a more powerful one, with Hybrid PUF for enhanced security in Internet of Things’., 2018 IEEE
International Symposium on Smart Electronic Systems (iSES) (Formerly
a complex nonlinear polynomial that is difficult to crack. iNiS)
[22] Mahin Anil Kumar1 and Ramesh Bhakthavatchalu,.’ FPGA based
R EFERENCES delay PUF Implementation for Security Applications’., 2017 IEEE
[1] Erik Sargent and Weston Jense, ”Authentication Using a Physically International Conference on Technological Advancements in Power and
Unclonable Function,” in IEEE Design Test of Computers, vol. 27, Energy(TAP Energy )
no. 1, pp. 36-47, Jan.-Feb. 2015 [23] Sai kiran N H N and Ramesh Bhakthavatchalu,’ Implementing Delay
[2] Srinivas Devadas and G. Edward Suh, ”Physical Unclonable Functions Based Physically Unclonable Functions on FPGA ’., 2016 International
for Device Authentication and Secret Key Generation,” in Devadas;2007 Conference on Advanced Communication Control and Computing Tech-
44th ACM/IEEE Design Automation Conference nologies (ICACCCT)
[3] Mohammad Javad Parvardeh and Shahriar Baradaran Shokouhi, ”A Ring
Oscillator PUF Architecture With Enhanced Challenge-Response Set,”
9th International Conference on Computer and Knowledge Engineering
(ICCKE 2019), October 24-25 2019, Ferdowsi University of Mashhad.
[4] Randa, Maulana Bozdal, Mehmet Samie, Mohammad Jennions,
I.K.. (2018). Layered Security for IEEE 1687 Using a Bimodal
Physically Unclonable Function. Procedia Manufacturing. 16. 24-30.
10.1016/j.promfg.2018.10.154.
[5] P. Kumar and S. Kamatchi, ”A Secure, Area Efficient Strong Physical
Unclonable Function Design using LFSR,” 2020 International Confer-
ence on Smart Electronics and Communication (ICOSEC), 2020, pp.
1145-1149, doi: 10.1109/ICOSEC49089.2020.9215447.
[6] Suh, G.E., Devadas, S.: ‘Physical unclonable functions for device
authentication and secret key generation’. Proc. 44th Annual Design
Automation Conf., 2007, pp. 9–14
[7] Filip Kodytek and R ´ obert L ´ orenczi, ”, A design of ring oscillator
based PUF on FPGA,” 2015 IEEE 18th International Symposium on
Design and Diagnostics of Electronic Circuits Systems.
[8] Nitin Pundir, Fathi Amsaad, Muhtadi Choudhury, and Mohammed Nia-
mat, ”Novel Technique to Improve Strength of Weak Arbiter PUF,”978-
1-5090-6389-5/17/31.002017IEEE.
[9] Justin Cox and Tyler Travis, ”Secret Key Generation on a FPGA using
a PUF”.
[10] [8] Prof. Lalu V,Riya S. S.(2020), ”Stable cryptographic key generation
using SRAM based Physical Unclonable Function ,” Proceedings of
the International Conference on Smart Electronics and Communication
(ICOSEC 2020)..
[11] S. K. K., N. Satheesh, A. Mahapatra, S. Sahoo and K. K. Mahapatra,
”Securing IEEE 1687 Standard On-chip Instrumentation Access Using
PUF,” 2016 IEEE International Symposium on Nanoelectronic and In-
formation Systems (iNIS), 2016, pp. 56-61, doi: 10.1109/iNIS.2016.024.
[12] Poorna Sai Meka, Sivaraman Amirtharajan Rengarajan, Sundararaman
Ra jagopalan, ”Metastability Influenced PUF for Cryptographic Key
Generation,” 2020 IEEE A FPGA Approach International Conference
on Computer Communication and Informatics
[13] [10] Mohammed Saeed Alkatheiri;Yu Zhuang;Mikhail Korobkov;Abdur
Rashid Sangi, ”).An experimental study of the state-of-the-art PUFs
implemented on FPGAs ,” in FPGAs IEEE Conference on Dependable
and Secure Computing 2017.
[14] Xin, X., Kaps, J.-P., Gaj, K. (2011). ’A Configurable Ring-Oscillator-
Based PUF for Xilinx FPGAs ’. 2011 14th Euromicro Conference on
Digital System Design.doi:10.1109/dsd.2011.88

6
Authorized licensed use limited to: Northeastern University. Downloaded on February 12,2024 at 17:25:48 UTC from IEEE Xplore. Restrictions apply.