[001]The present disclosure generate relates to systems and methods for generation of a hardware seed, and more particularly relates to generation of a hardware seed based on latency or switching time of a memory.
BACKGROUND
[002]Importance of cryptography applied to security in electronic data transactions has acquired an essential relevance during the last few years. Every day millions of users generate and interchange large volumes of information in various fields, such as financial and legal files, medical reports, bank services via internet, telephone conversations, e-commerce transactions, etc. Such applications deserve a special treatment from the security point of view, not only in the transport of such information but also in its storage. A good encryption solution needs to encrypt the data with an algorithm that can withstand any cryptanalysis attack and also provide a secure reservoir for the key. However, as long as we keep the key stored somewhere, there is always a chance of it being accessed by an unauthorized person which can lead to the defeat of the entire encryption system. One way to resolve this issue and make the generation and storage of the encryption key secure is to involve physics of the memory device in the active encryption process. Emerging non-volatile memory devices operate with a wide range of interdisciplinary physical phenomena that can be utilized for this purpose, wherein RAMs such as Conductive Bridge Random-Access Memory (CBRAM), RRAM (resistive memory), Phase change memory (PCM), magneto resistive memory (MRAM), magnetic spin based memory, ferroelectric based memory (FRAM) etc. can be coupled with cryptography so as to create a novel and highly secure encryption solution.
[003] The wide-span of cyber-physical system consisting of computation and communication electronic gadgets are of important concern from vulnerable attacks in this modern era. These vulnerable attacks include unauthorized data access, identity theft, hacking, hardware counterfeit, etc. Data security is an important concern due to an increasing number of Internet users’ day by day. This also includes data stored in the data storage system. To securely store and access data, encrypted form of the original data is stored. The encryption process includes generating a key and use of such a key along with different algorithms to encrypt the data. The key can be stored along with the data. The reverse process is followed in order to extract the original data. Conventional encryption process utilizes a software algorithm running on a processor platform to actively encrypt or decrypt the information and treat memory as a passive reservoir. Utilizing physics of the memory device in the active encryption process can elevate the overall level of data security. It further facilitates designing of a dedicated encryption/decryption module, allowing us to take advantage of the inherent parallelism in hardware giving better performance compared to the sequential software implementation.
[004] Physically Unclonable Functions (PUFs) are one of the promising solutions for hardware security issues. A PUF is physical system that may map input to output based on stochastic properties of a physical device. Input stimulus to the PUF is called the challenge and the obtained output is called the response, wherein PUF utilizes the process variation properties of the device/circuit that occurs during the manufacturing process. These process variation characteristics are uncontrollable in nature, and differ from deice to device and from chip to chip. Imprint of these features are complex and random, and therefore very difficult to clone and invasively attack. PUFs are used for hardware security applications like Intellectual P (IP) protection, encryption key generation, IoT device security, stored data security, etc. There are different types of PUFs based on leveraging of variability of the physical device/circuit at the microelectronic structure. Hardware based PUFs like optical PUFs, ring-oscillator based PUF (RO-PUF), Arbiter PUF, butterfly PUF, etc. exploits the variation in the silicon wafer. The variation could be the angle of incident light, polarization of the light, mismatch in the delay path of the circuit, threshold voltage, temperature etc. Apart from these, there are also memory based PUFs (Mem-PUF) like SRAM based PUF, MRAM based PUF, PCM based PUF, resistive switching (RRAM) based PUF. However, all existing art is based on accessing analog parameters, die implementation, FPGA implementation or a standalone device. Furthermore, most research work on RRAM based PUF has been implemented mainly on single standalone device through exploitation of high state resistance spread during write operation. Also, existing PUF generation algorithms are based on exploiting resistance-switching variability of the RRAM devices. Also, as mentioned above, all existing art is mainly based on a single standalone device or a group of arrays.
[005] There is therefore a need in the art for a system and method to enable generation of a PUF signature based encryption key that overcomes the above-mentioned disadvantages and is more efficient and stronger.

OBJECTS OF THE INVENTION
[006] It is an object of the present disclosure to provide a system and method that generates a high security seed or key or bit-stream for encryption, PUF, RNG or other applications.
[007] It is another object of the present disclosure to provide a system and method that generates a hardware seed based on write/read/erase/switching latency of Random-Access Memory (RAM).
[008] It is another object of the present disclosure to provide a system and method that uses a single or multiple NVM chips that can be used for storing data as well as security applications.
[009] It is another object of the present disclosure to provide a system and method that enable minimum amount of post-processing to be performed on the obtained data for generating PUF/RNG or security application seeds.
[0010] It is another object of the present disclosure to provide a system and method that enable application in RNG.
[0011] It is another object of the present disclosure to provide a system and method that enable generation of keys are based on hardware exploitation, making the proposed architecture much more reliable compared to others for security applications.
[0012] It is another object of the present disclosure to provide a system and method that enables possibility of multiple programmable PUF/RNG/SEED signal generation using reprogrammable and multiple challenge pairs.

SUMMARY
[0013] The present disclosure generate relates to systems and methods for generation of a hardware seed, and more particularly relates to generation of a hardware seed based on latency of a memory.
[0014] In an aspect, the proposed method of generating a hardware seed comprises the steps of measuring at least one latency during any of a write, erase, switching or read operation on at least one location of a memory, said latency being indicative of variability of switching time of said memory; mapping said at least one measured latency as part of a challenge to form a complex data set; and generating a hardware seed based on complex data set.
[0015] In an aspect, the hardware seed can be configured as an n N-bit Physically Unclonable Function (PUF) signature, and/or can be configured as an encryption key.
[0016] In another aspect, the latency can be measured by polling a bit of status register of said memory based on at least one write/read/erase/switching operation, wherein said bit is 0 during the write/read/erase/switching operation and is switched to 1 after completion of said write/read/erase/switching operation.
[0017] In yet another aspect, the memory can be any of a Resistive Random-Access Memory (RRAM) or a conductive filamentary based random-access memory (CBRAM) or phase change memory (PCM), or ferroelectric memory (FRAM) or magneto resistive memory (MRAM) or magnetic spin based memory (STT-MRAM) or piezoelectric memory.
[0018] In another aspect, the challenge can be based on any or a combination of one or more address(es) on said memory or memories, type of switching event during write/read/erase operation, and mapping technique for generating said hardware seed.
[0019] In yet another aspect, the step of mapping can be followed by the step of quantizing said complex data set to increase inter-hamming and intra-hamming distance quality.
[0020] In yet another aspect, the step of mapping can include adding or subtracting or multiplying or a combination of more than one of these steps on values of the at least one measured latency obtained from one or more locations of the memory so as to generate the complex data set.
[0021] In an aspect, the proposed method can further include the step of converting said at least one measured latency to binary or hex or other number system before the step of mapping.
[0022] In an aspect, the present disclosure relates to a computing device for generation of encryption key, said device comprising: a non-volatile storage device having embodied therein one or more routines operable to generate an N-bit Physically Unclonable Function (PUF) signature that is rendered as the encryption key; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines include: a latency measurement module, which when executed by the one or more processors, measures at least one latency during any of a write, erase, or read operation on at least one location of a memory, said latency being indicative of variability of switching time of said memory; a mapping module, which when executed by the one or more processors, maps said at least one measured latency as part of a challenge to form a complex data set; and a hardware seed generation module, which when executed by the one or more processors, generates a hardware seed based on complex data set.
[0023] The present disclosure generate relates to systems and methods for generation of an encryption key, and more particularly relates to generation of an encryption key based on write latency of Random-Access Memory (RAM).
[0024] In an aspect, the present disclosure relates to a method of generating an encryption key, said method comprising the steps of: measuring more than one write/erase/read/switching latency values (L1, L2, …LN) during one or more write/erase/read/switching operations on one or more than one different locations of a random access memory (RAM), said latency being indicative of variability of switching/programming/access/read time of said RAM; mapping said measured write latency (L1 L2, …LN) as part of a challenge to form a complex data set; and generating an N-bit Physically Unclonable Function (PUF) signature based on said complex data set, said PUF signature being rendered as said encryption key.
[0025] In an aspect, the write latency can be measured by polling WIP bit of status register of said RAM based on at least one write operation, wherein said WIP bit is 0 during the write operation and is switched to 1 after completion of said write operation.
[0026] In another aspect, the RAM can be any of a RRAM or a CBRAM.
[0027] In another aspect, the challenge can be based on any or a combination of one or more address(es) on said RAM or RAM(s), type of switching event during write/erase/read operation, and mapping technique, aging effect, cycle number for generating said PUF signature.
[0028] In another aspect, the PUF signature can be stored on the RAM.
[0029] In another aspect, the step of mapping can be followed by the step of quantizing said complex data set to increase inter-hamming and intra-hamming distance.
[0030] In yet another aspect, the step of mapping can include adding squared values of the write latency (L1 and L2) obtained from the at least two different locations so as to generate the complex data set.
[0031] In another aspect, the proposed method further comprises the step of converting the measured write latency to binary before the step of mapping.
[0032] The present disclosure further relates to a computing device for generation of encryption key, wherein the device can include a non-transitory storage device having embodied therein one or more routines operable to generate an N-bit Physically Unclonable Function (PUF) signature that is rendered as the encryption key; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines include: a write latency measurement module, which when executed by the one or more processors, measures write latency (L1 and L2) during one or more write operations on at least two different locations of a random access memory (RAM), said write latency being indicative of variability of switching time of said RAM; a mapping module, which when executed by the one or more processors, maps said measured write latency (L1 and L2) as part of a challenge to form a complex data set; and a PUF signature generation module, which when executed by the one or more processors, generates an N-bit Physically Unclonable Function (PUF) signature based on said complex data set, said PUF signature being rendered as said encryption key.

BRIEF DESCRIPTION OF DRAWINGS
[0033] FIG. 1A illustrates an exemplary flow diagram showing working of the proposed method for generation of PUF signature in accordance with an embodiment of the present invention.
[0034] FIG. 1B illustrates an exemplary module diagram showing high level functional architecture of the proposed method for generation of PUF signature in accordance with an embodiment of the present invention.
[0035] FIG. 2 illustrates an exemplary block diagram of the experimental setup of the present invention in accordance with an embodiment of the present invention.
[0036] FIGs. 3A and 3B illustrate exemplary representations showing write latency distribution for RRAM and CBRAM.
[0037] FIG. 4 illustrates an exemplary representation of the proposed system architecture in accordance with an embodiment of the present invention.
[0038] FIG. 5 illustrates exemplary representations showing distribution of inter-hamming distance obtained in accordance with an embodiment of the present invention.
[0039] FIG. 6 illustrates exemplary representations showing distribution of intra-hamming distance in accordance with an embodiment of the present invention.
[0040] FIGs. 7A And 7B illustrate exemplary representations showing repetition of inter-hamming distance experiments for proposed 24-bit PUF.
[0041] FIG. 8 illustrates exemplary distribution of uniformity in accordance with an embodiment of the present invention.
[0042] FIGs. 9 illustrate exemplary stability analysis results in accordance with an embodiment of the present invention.
[0043] FIGs. 10A and 10B illustrate exemplary inter and intra hamming distance computations across one or more locations in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION
[0044] The following detailed description provides further details of the figures and example implementations of the present application. Reference numerals and descriptions of redundant elements between figures are omitted for clarity. Terms used throughout the description are provided as examples and are not intended to be limiting. For example, the use of the term “automatic” may involve fully automatic or semi-automatic implementations involving user or administrator control over certain aspects of the implementation, depending on the desired implementation of one of ordinary skill in the art practicing implementations of the present application.
[0045] The present disclosure generate relates to systems and methods for generation of a hardware seed, and more particularly relates to generation of a hardware seed based on latency of memory.
[0046] The present disclosure generate relates to systems and methods for generation of a hardware seed, and more particularly relates to generation of a hardware seed based on latency of a memory.
[0047] In an aspect, the proposed method of generating a hardware seed comprises the steps of measuring at least one latency during any of a write, erase, or read operation on at least one location of a memory, said latency being indicative of variability of switching time of said memory; mapping said at least one measured latency as part of a challenge to form a complex data set; and generating a hardware seed based on complex data set.
[0048] In an aspect, the hardware seed can be configured as an n N-bit Physically Unclonable Function (PUF) signature, and/or can be configured as an encryption key.
[0049] In another aspect, the latency can be measured by polling a bit of status register of said memory based on at least one write/read/erase operation, wherein said bit is 0 during the write/read/erase operation and is switched to 1 after completion of said write/read/erase operation.
[0050] In yet another aspect, the memory can be any of a Resistive Random-Access Memory (RRAM) or a conductive filamentary based random-access memory (CBRAM).
[0051] In another aspect, the challenge can be based on any or a combination of one or more address(es) on said memory or memories, type of switching event during write/read/erase operation, and mapping technique for generating said hardware seed.
[0052] In yet another aspect, the step of mapping can be followed by the step of quantizing said complex data set to increase inter-hamming and intra-hamming distance quality.
[0053] In yet another aspect, the step of mapping can include adding squared values of the at least one measured latency obtained from one or more locations of the memory so as to generate the complex data set.
[0054] In an aspect, the proposed method can further include the step of converting said at least one measured latency to binary before the step of mapping.
[0055] In an aspect, the present disclosure relates to a computing device for generation of encryption key, said device comprising: a non-volatile storage device having embodied therein one or more routines operable to generate an N-bit Physically Unclonable Function (PUF) signature that is rendered as the encryption key; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines include: a latency measurement module, which when executed by the one or more processors, measures at least one latency during any of a write, erase, or read operation on at least one location of a memory, said latency being indicative of variability of switching time of said memory; a mapping module, which when executed by the one or more processors, maps said at least one measured latency as part of a challenge to form a complex data set; and a hardware seed generation module, which when executed by the one or more processors, generates a hardware seed based on complex data set.
[0056] The present disclosure generate relates to systems and methods for generation of an encryption key, and more particularly relates to generation of an encryption key based on write latency of Random-Access Memory (RAM).
[0057] In an aspect, the present disclosure relates to a method of generating an encryption key, said method comprising the steps of: measuring more than one write/erase/read latency values (L1, L2, …LN) during one or more write/erase/read operations on one or more than one different locations of a random access memory (RAM), said latency being indicative of variability of switching/programming/access/read time of said RAM; mapping said measured write latency (L1 L2, …LN) as part of a challenge to form a complex data set; and generating an N-bit Physically Unclonable Function (PUF) signature based on said complex data set, said PUF signature being rendered as said encryption key.
[0058] In an aspect, the write latency can be measured by polling WIP bit of status register of said RAM based on at least one write operation, wherein said WIP bit is 0 during the write operation and is switched to 1 after completion of said write operation.
[0059] In another aspect, the RAM can be any of a RRAM or a CBRAM.
[0060] In another aspect, the challenge can be based on any or a combination of one or more address(es) on said RAM or RAM(s), type of switching event during write/erase/read operation, and mapping technique, aging effect, cycle number for generating said PUF signature.
[0061] In another aspect, the PUF signature can be stored on the RAM.
[0062] In another aspect, the step of mapping can be followed by the step of quantizing said complex data set to increase inter-hamming and intra-hamming distance.
[0063] In yet another aspect, the step of mapping can include adding squared values of the write latency (L1 and L2) obtained from the at least two different locations so as to generate the complex data set.
[0064] In another aspect, the proposed method further comprises the step of converting the measured write latency to binary before the step of mapping.
[0065] The present disclosure further relates to a computing device for generation of encryption key, wherein the device can include a non-transitory storage device having embodied therein one or more routines operable to generate an N-bit Physically Unclonable Function (PUF) signature that is rendered as the encryption key; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines include: a write latency measurement module, which when executed by the one or more processors, measures write latency (L1 and L2) during one or more write operations on at least two different locations of a random access memory (RAM), said write latency being indicative of variability of switching time of said RAM; a mapping module, which when executed by the one or more processors, maps said measured write latency (L1 and L2) as part of a challenge to form a complex data set; and a PUF signature generation module, which when executed by the one or more processors, generates an N-bit Physically Unclonable Function (PUF) signature based on said complex data set, said PUF signature being rendered as said encryption key.
[0066] FIG. 1A illustrates an exemplary flow diagram showing working of the proposed method for generation of PUF signature in accordance with an embodiment of the present invention. In an exemplary aspect, at step 102 of the proposed method, at least one of write/read/erase latency is measured during a respective operation on at least one location of a memory, wherein the write latency is indicative of variability of switching time of said memory. At step 104, the measured latency can be mapped as part of a challenge so as to form a complex data set, based on which, at step 106, a hardware seed is generated based on the complex data set.
[0067] FIG. 1B illustrates an exemplary module diagram showing high level functional architecture of the proposed method for generation of PUF signature in accordance with an embodiment of the present invention.
[0068] Various embodiments are further described herein with reference to the accompanying figures. It should be noted that the description and figures relate to exemplary embodiments, and should not be construed as a limitation to the subject matter of the present disclosure. It is also to be understood that various arrangements may be devised that, although not explicitly described or shown herein, embody the principles of the subject matter of the present disclosure. Moreover, all statements herein reciting principles, aspects, and embodiments of the subject matter of the present disclosure, as well as specific examples, are intended to encompass equivalents thereof. Yet further, for the sake of brevity, operation or working principles pertaining to the technical material that is known in the technical field of the present disclosure have not been described in detail so as not to unnecessarily obscure the present disclosure.
[0069] In an aspect, the proposed system 150, which may be implemented in a computing device, can include one or more processor(s) 152. Processor(s) 152 can be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, FPGA, central processing units, logic circuitries, and/or any devices that manipulate data based on operational instructions. Among other capabilities, processor(s) 152 are configured to fetch and execute computer-readable instructions stored in a memory 154 of system. Memory 154 can store one or more computer-readable instructions or routines, which may be fetched and executed to create or share the data units over a network service. Memory 154 can include any non-transitory storage device including, for example, volatile memory such as RAM, or non-volatile memory such as EPROM, flash memory, and the like. In an example embodiment, memory 154 may be a local memory or may be located remotely, such as a server, a file server, a data server, and the Cloud.
[0070] In an aspect, the proposed system can also include one or more interface(s) 156. Interface(s) 156 may include a variety of interfaces, for example, interfaces for data input and output devices, referred to as I/O devices, storage devices, and the like. Interface(s) 156may facilitate communication of system with various devices coupled to system. Interface(s) 156 may also provide a communication pathway for one or more components of system. Examples of such components include, but are not limited to, processing engine(s) 158 and data 160.
[0071] Engine(s) 158 can be implemented as a combination of hardware and software or firmware programming (for example, programmable instructions) to implement one or more functionalities of engine(s) 158. In examples described herein, such combinations of hardware and software or firmware programming may be implemented in several different ways. For example, the programming for engine(s) 158 may be processor executable instructions stored on a non-transitory machine-readable storage medium and the hardware for engine(s) 158 may include a processing resource (for example, one or more processors), to execute such instructions. In the examples, the machine-readable storage medium may store instructions that, when executed by the processing resource, implement engine(s) 158. In such examples, system can include the machine-readable storage medium storing the instructions and the processing resource to execute the instructions, or the machine-readable storage medium may be separate but accessible to system and the processing resource. In other examples, engine(s) 158 may be implemented by electronic circuitry. System can include data 160 that is either stored or generated as a result of functionalities implemented by any of the components of engine(s) 158.
[0072] In an example, processing engine(s) 158 can include a latency measurement module 162, a mapping module 164, and a hardware seed generation module 166, and other module(s) 168. Other module(s) 216 can implement functionalities that supplement applications or functions performed by system or processing engine(s) 158. For instance, an exemplary other module 168 can include quantization module (not shown) configured to quantize complex data set formed after the mapping module to increase inter-hamming and intra-hamming distance.
[0073] In an aspect, latency measurement module 162 can be configured to measure latency during one or more of write/read/erase operations on at least one location of a memory (such as random-access memory (RAM)), wherein the latency can be indicative of variability of switching time of said memory. Mapping module 164, on the other hand, can be configured to map the measured latency as part of a challenge so as to form a complex data set, whereas the hardware seed generation module 166 can be configured to generate a hardware seed (such as an N-bit Physically Unclonable Function (PUF) signature) based on the complex data set, wherein the proposed hardware seed of the present invention can be rendered as the encryption key and/or as the PUF signature.
[0074] In an aspect, the mapping module 164 can be configured to add squared values of the latency (such as write latencies L1 and L2 determined at two locations of the memory) that are obtained from the at least two different locations so as to generate the complex data set.
[0075] In an exemplary aspect, write latency (interchangeably and generally referred to as latency hereinafter as it can easily be read or erase operation based latency as well) can be measured by polling WIP bit of status register of the memory (such as RAM) based on at least one write operation, wherein the WIP bit is 0 during the write operation and is switched to 1 after completion of said write operation.
[0076] It would be appreciated that although embodiments of the present disclosure are being explained with reference to Resistive RAM (RRAM) or a Conductive filamentary based random-access memory (CBRAM), implementation of the present invention can be done in any other suitable RAM, and all other non-illustrated embodiments are well within the scope of the present invention.
[0077] It would further be appreciated that the proposed RAM enables any or a combination of page level or byte level write access.
[0078] In an aspect, the challenge can be based on any or a combination of an address on the RAM, type of switching event during write operation, and mapping technique for generating the PUF signature, aging effect, cycle number.
[0079] As would be appreciated, the present disclosure exploits inherent physics of emerging non-volatile memory devices, for instance conductive filamentary based random-access memory (CBRAM) and RRAM (or can be any other memory), and coupled said physics with cryptography to create a novel and highly secure encryption solution. In an aspect, switching time variability of an NVM chip has been exploited to implement it for PUF application.
[0080] In an exemplary implementation, variation of switching time of a commercially available RRAM (such as MB85AS4MT, for instance) chips and CBRAM (such as RM25C256C-L, for instance) chips can be performed, wherein the present invention enables characterization of write latency of commercially available NVM chips, along with enabling analog parameters to not be used for observing switching time variability of the RRAM chip. The present invention also enables generation and quantification of a high quality PUF signature by exploiting write latency variability from a commercial NVM chip, along with generation of High quality RNG for data encryption application and implementation of RNG and PUF for hardware security applications.
[0081] In an exemplary implementation, the present disclosure pertains to application of a unique latency mapping technique for increasing PUF performance, wherein the mapping technique includes defining write latency at two or more locations in a RAM as ’sum-of-squares’. Using this, the write-latency obtained from two different page locations on the chip can be squared and summed, leading to a final seed/challenge, thus making the response a function of multiple regions on the same chip. Mathematically, it can be represented as:

Challenge = L12 + L22

where Li denotes write-latency of the i’th page in the chip. Sum of squares can then be represented as a 30-bit binary number (for instance), which acts as the final PUF signature. In order to further improve PUF performance, the obtained 30-bit PUF can be truncated (through quantization) to a 24-bit signature (for instance) by removing 6-bits from the MSB, for instance.

Exemplary Experimental Setup
[0082] It would be appreciated that below description is only and solely an example, and is not to be construed in any limiting manner whatsoever, as any other implementation is well within the scope of the present invention.
[0083] Block diagram of the experimental setup is shown in FIG. 2, wherein characterization of NVM chip was performed using Nexys 4 FPGA evaluation board for implementing the controller, and fabricated a custom daughter board for housing 8-SOIC SPI chips. Soft-core Micro-Blaze processor was used to control AXI SPI, and UART, IP cores for communication. In an aspect, the controller module implements data-sheet defined read, write, erase instructions, and estimation of program latency. Communication module helps pass user instructions to Micro-Blaze from host PC, and log back the data generated from the NVM chip to the host.
[0084] Commercial RRAM chips (MB85AS4MT) from Fujitsu semiconductor and CBRAM chips (RM25C256C-L) from Adesto technologies that were used for the experiment were 4 Mbit and 256 Kbit in size with serial peripheral interface (SPI) for communication. Write latency was measured by polling Write In Progress (WIP) bit of status register in RAM chip while performing write operations. In operation, WIP bit is '0' till write operation is completed and set to '1' once write operation is completed. Monitoring this bit helps in computing time required to write the data. Data-sheet specified write cycle time is 16 ms for 256 byte page, and specified endurance per byte is 1.2 million cycles for RRM chip. The chip used has only byte level access with maximum write buffer size of 256 bytes, and the write operating current is 1.3 mA. Operating frequency is set to 3.125 MHz for this study. The CBRAM chip has 500 pages, where each page contains 64 bytes, with a data-sheet specified endurance of 1×105 cycles. The chip provides both byte and page level write/read access.
[0085] During implementation of the proposed method to generate encryption key, as latency values obtained (which can be termed as the “Analog Value Analysis”) did not fit into any mathematical modelling that can provide a consistent key for encryption or decryption, binary equivalent values of these latencies (which can be termed as the “Digital Value Analysis”) were obtained/determined/computed, based on which it was observed that a certain number of MSBs remain constant over a long stretch of endurance cycles.
[0086] In the instant experiment, the proposed RRAM based PUF signature generation is based on measuring write latency computed for 256 bytes, wherein CBRAM is based on measuring 64 byte write latency. In the instant experience, challenge of the proposed PUF was based on multi-variable function including, but not limited to, address on
the RAM chip, switching event type while writing data/data type, mapping technique for generating response. FIG. 3A shows distribution of obtained write latency of an RRAM chip for four different challenges over 1K cycles. FIG. 3B shows extraction of a particular write latency obtained for a single challenge for 25 K cycles.
[0087] As mentioned above, the present disclosure/invention, in an exemplary aspect can be implemented through three stages of operation for generating a long encryption key based PUF system (shown in FIG. 4). In the first stage 402, data measurement (response) based on the application of the challenge 404 to the system is performed, wherein the challenge 404 includes, but is not limited to, write operation performed on defined pages. The measured data 402 can be based on variability of switching time of the RRAM, wherein variability can be observed in cycle to cycle and between devices to device. Stochasticity of write latency can be a combined effect of switching time of RRAM, CMOS manufacturing process variations, and delay path. However, dominant effect is due to the switching time variability.
[0088] Second stage 406 deals with processing of the obtained data, in which stage mathematical/logic operations on the obtained data can be performed in order to form a complex data set. In an implementation, squared values of the write latency obtained from two different locations on the chip can be added through a function f(.) of location 1 and location 2, which can be mathematically written as:
Challenge =L_12 + L_22

where L_i denotes location of the i’th page in the RAM chip. In the experiment, response data (added result) obtained after the application of the challenge was converted to a 30 bit binary number, wherein the characteristic features of the obtained binary data were computed. In order to increase inter-hamming and intra-hamming distance, the obtained binary data was further quantized by removing 6-bits from MSB. Obtained quantized data of 24 bits was then implemented for key generation, wherein the obtained 24 bits were processed for advanced encrypted standard (AES) applications. The obtain 24 bits were concatenated in order to get a 120-bit data that was used for long encryption key generation.

PUF performance Metric
In order to be reliably applicable for hardware security and key generation, a PUF needs to generate unique responses from different chips on application of similar challenges. Moreover, the response obtained from a single chip should not change over cycling. Data for the proposed PUF has been obtained from four different chips. Analysis has been made on the parameters required to evaluate the PUF and are discussed below

Uniqueness or Inter-Hamming Distance
Uniqueness is defined as ability of PUF to generate unique responses between different chips. This can also be defined as estimating the inter-hamming distance between different chips. Mathematically, it can be calculated using relation:

HDinter =\frac{2}{k(k-1)}\sum_{i=1}^{k- 1}\sum_{j=i+1}^{k}\frac{HD(R_i,R_j)}{n}\times 100 \%

where, k = number of chips, i, j = chip number, n = bit-length of the response, Ri = Response from chip ‘i’. Ideally the value should be 50% indicating that the response from different chips are unique. In our case, k = 4, and n = 24 bits. Obtained uniqueness is ~ 49.05%. Without using the quantization, the uniqueness obtained is ~ 38%. Even after concatenating the data, the uniqueness obtained remains the same. This shows a good improvement on the uniqueness which makes PUF resistant from cloning. FIG. 5 shows the distribution of inter-hamming distance of the 24-bit truncated PUF. Uniqueness improved after truncation to 24 bits com-pared to 30 bits (Table 1).

Parameters Direct Latency PUF (14-bit) Mapping PUF (30-bit) Mapping PUF (24-bit)
Challenge Pair 2-variable 3-variable 3-variable
Intra-Hamming 20 28.3 .001
Inter-Hamming 30 38 49.86
Uniformity (%) 45 49 49.03
Table-1
Comparative Analysis of Latency and Mapping Based PUFs.

Reliability or Intra-Hamming Distance
Reliability can be defined as probability of generation of similar response bit over the same chip. This can be estimated by calculating intra-hamming distance over number of cycles. Ideally, the value for should be 0%.

where, m = total number of samples collected for response Ri, and Ri:t is the t’th response of Ri. . Ideally, the value for HDintra should be 0%. Experimental results using aspects of the present invention show that HDintra is 0% for m = 25K samples. Intra-hamming distance before quantization is 28.3% and much worse in case of direct-latency PUF (Table-1 above).

To study repeatability of obtained results, a large number of iterations were performed for the 24-bit PUF. FIG. 6 shows the repeatability of inter-hamming distance, where 4 chips cycled 25K times each for 5 distinct pairs of page locations (i.e. L1 and L2) and different switching event types (leading to distinct CRPs). Mean value of inter-hamming distance across 4 chips and all 5 iterations for the different CRPs was 49.7%, with maximum and minimum values of 49.86% and 49.69%, respectively. FIGs. 7A And 7B shows intra-hamming repeatability experiment where the same chip was cycled for 25K times using 5 different sets of page locations and different switching types (i.e. distinct CRPs). Mean value intra-hamming distance was 0.0014% with maximum and minimum values of 0.0018% and 0.0010% respectively.

Table-2 below shows a comparative analysis of the PUF before and after quantization of the obtained data. The repeatability of the designed PUF is analyzed on 5 different iteration numbers (1 iteration number = 25000 CRPs). The mean value inter-hamming distance for the different CRPs is 49.78% with maximum at 49.86 \% while minimum obtained at 49.69 %. The mean value of the different CRPs intra-hamming distance is 0.0014%.

Properties Before Proposed Method-CBRAM After Proposed Method Before Proposed Method-CBRAM After Proposed Method
Intra Hamming 31.8957 0.0018 28.3826 0.0016
Inter Hamming 40.5908 48.33 37.9313
49.05

Uniformity
Uniformity is estimated to calculate distribution of number of '0s' and '1s' in the response bits. It can be defined as:
1 n
Xl (4)
Uniformity = n Ri;l 100%
=1

Where Ri;l is the ith binary bit of an n bit response from chip i. Uniformity of 3 different PUFs for 25K cycles over different CRPs (Table 1) were calculated. For the 24-bit PUF, mean uniformity value was found to be 50% with minimum and maximum values of 46% and 53%, respectively. FIG. 8 shows uniformity distribution of the proposed 24-bit PUF for a specific CRP. In the instant experiment, uniformity was calculated of the PUF for 25 K cycles for different CRPs, where the mean value of uniformity was found to be 50 % with minimum value of 46% and maximum value of ~ 53% for different CRPs.

Bit-Aliasing
Bit-aliasing indicates if there is similarity in sequence of ’0’s and ’1’s in the data obtained from different chips. It can be estimated as:

Bit-aliasing=\frac{1}{k}\sum_{l=1kRi, t 100 %
where Ri;t is the ith binary bit of an n bit response from chip i. Mean Bit-aliasing of for the 24-bit PUF was 50%. Worst-case energy dissipation for generating the proposed sum-of-squares latency seed was estimated 138 µJ. The energy dissipation for 24-bit PUF seed generation is high, however, it can be reduced either if the size of the virtual page is decreased from 256 bytes to a lower value or the chip interface is specifically engineered for the purpose of PUF.
[0089] FIGs. 9 illustrate exemplary stability analysis results in accordance with an embodiment of the present invention.
[0090] FIGs. 10A and 10B illustrate exemplary inter and intra hamming distance computations across one or more locations in accordance with an embodiment of the present invention.
[0091] For a person skilled in the art, it is understood that the use of phrase(s) “is”, “are”, “may”, “can”, “could”, “will”, “should” or the like is for understanding various embodiments, aspects, or implementations of the present disclosure and the phrases do not limit the disclosure or its implementation in any manner.
[0092] The above description does not provide specific details of manufacture or design of the various components. Those of skill in the art are familiar with such details, and unless departures from those techniques are set out, techniques, known, related art or later developed designs and materials should be employed. Those in the art are capable of choosing suitable manufacturing and design details.
[0093] Note that throughout the following discussion, numerous references may be made regarding servers, services, engines, modules, interfaces, portals, platforms, or other systems formed from computing devices. It should be appreciated that the use of such terms are deemed to represent one or more computing devices having at least one processor configured to or programmed to execute software instructions stored on a computer readable tangible, non-transitory medium or also referred to as a processor-readable medium. For example, a server can include one or more computers operating as a web server, database server, or other type of computer server in a manner to fulfil described roles, responsibilities, or functions. Within the context of this document, the disclosed devices or systems are also deemed to comprise computing devices having a processor and a non-transitory memory storing instructions executable by the processor that cause the device to control, manage, or otherwise manipulate the features of the devices or systems.
[0094] It should be understood, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise, as apparent from the discussion herein, it is appreciated that throughout the description, discussions utilizing terms such as “receiving” or “extracting” or “storing” or “generating” or the like, refer to the action and processes of a computing machine, or similar electronic computing device, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices.
[0095] The exemplary embodiment also relates to a system/device for performing the operations discussed herein above. This system/apparatus/device may be specially constructed for the required purposes, or it may comprise a general-purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, pen drive, SDD, HDD, NVM technologies or any type of media suitable for storing electronic instructions, and each coupled to a computer system bus.
[0096] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the present disclosure. It will be appreciated that several of the above-disclosed and other features and functions, or alternatives thereof, may be combined into other systems or applications. Various presently unforeseen or unanticipated alternatives, modifications, variations, or improvements therein may subsequently be made by those skilled in the art without departing from the scope of the present disclosure as encompassed by the following claims.
[0097] The claims, as originally presented and as they may be amended, encompass variations, alternatives, modifications, improvements, equivalents, and substantial equivalents of the embodiments and teachings disclosed herein, including those that are presently unforeseen or unappreciated, and that, for example, may arise from applicants/patentees and others.
[0098] It will be appreciated that variants of the above-disclosed and other features and functions, or alternatives thereof, may be combined into many other different systems or applications. Various presently unforeseen or unanticipated alternatives, modifications, variations, or improvements therein may be subsequently made by those skilled in the art which are also intended to be encompassed by the following claims.
[0099] While the foregoing describes various embodiments of the invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof. The scope of the invention is determined by the claims that follow. The invention is not limited to the described embodiments, versions or examples, which are included to enable a person having ordinary skill in the art to make and use the invention when combined with information and knowledge available to the person having ordinary skill in the art.
[00100] The present invention has been described herein with reference to a particular embodiment for a particular application. Those having ordinary skill in the art and access to the present teachings will recognize additional modifications applications and embodiments within the scope thereof. For example, the invention is not limited to the biasing arrangements shown herein. Those skilled in the art will appreciate that the kickers may be rigidly mounted (instead of pivotally mounted) with an inherent spring force in lieu of a biasing spring.
[00101] It is therefore intended by the appended claims to cover any and all such applications, modifications and embodiments within the scope of the present invention.
[00102] Moreover, other implementations of the present application will be apparent to those skilled in the art from consideration of the specification and practices of the example implementations disclosed herein. Various aspects and/or components of the described example implementations may be used singly or in any combination. It is intended that the specification and examples be considered as examples, with a true scope and spirit of the application being indicated by the following claims.

ADVANTAGES OF THE PRESENT INVENTION
[00103] The present invention enables a single or multiple commercial RAM chip(s) to be used for storage as well as security applications.
[00104] The present invention enables the RAM chip to generate Physically Unclonable Functions, seeds for encryption, cryptography and Random numbers.
[00105] The present invention enables generation of PUF signature through low power consumption.
[00106] The present invention enables higher order bits to be generated for AES and other applications.
[00107] The present invention enables fast operation and provides reliable security compared to software based security.

claims

A method of generating a hardware seed, said method comprising the steps of: measuring at least one latency during any of a write, erase, or read operation on at least one location of a memory, said latency being indicative of variability of switching time of said memory; mapping said at least one measured latency as part of a challenge to form a complex data set; and generating a hardware seed based on complex data set.
2. The method of claim 1, wherein said hardware seed is configured as an n N-bit Physically Unclonable Function (PUF) signature.
3. The method of claim 1, wherein said hardware seed is configured as an encryption key.
4. The method of claim 1, wherein said latency is measured by polling a bit of status register of said memory based on at least one write/read/erase operation, wherein said bit is 0 during the write/read/erase operation and is switched to 1 after completion of said write/read/erase operation.
5. The method of claim 1, wherein said memory is any of a resistive memory (RRAM) such as conductive bridge random-access memory (CBRAM), Oxide based resistive memory (OxRAM), Phase change memory (PCM), Ferroelectric memory (FRAM), Magneto-resistive memory (MRAM), magnetic spin based memory (STT-MRAM), piezoelectric memory etc.
6. The method of claim 1, wherein said challenge is based on any or a combination of one or more address(es) on said memory or memories, type of switching event during write/read/erase operation, and mapping technique for generating said hardware seed.
7. The method of claim 1, wherein the step of mapping is followed by the step of quantizing said complex data set to increase inter-hamming and intra-hamming distance quality.
8. The method of claim 1, wherein the step of mapping comprises of applying at least one arithmetic operation such as: addition, subtraction, multiplication, or division on the values of at least one measured latency obtained from one or more locations of the memory so as to generate the complex data set.
9. The method of claim 1, further comprising the step of converting at least one measured latency to binary or any other number system before the step of mapping.
10. A computing device for generation of encryption key, said device comprising: a non-volatile storage device having embodied therein one or more routines operable to generate an N-bit Physically Unclonable Function (PUF) signature that is rendered as the encryption key; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines include: a latency measurement module, which when executed by the one or more processors, measures at least one latency during any of a write, erase, or read operation on at least one location of a memory, said latency being indicative of variability of switching time of said memory; a mapping module, which when executed by the one or more processors, maps said at least one measured latency as part of a challenge to form a complex data set; and a hardware seed generation module, which when executed by the one or more processors, generates a hardware seed based on complex data set.