Time-Bounded Authentication of FPGAs

This paper introduces a novel technique to authenticate and identify field-programmable gate arrays (FPGAs). The technique uses the reconfigurability feature of FPGAs to perform self-characterization and extract the unique timing of the FPGA building blocks over the space of possible inputs. The characterization circuit is then exploited for constructing a physically unclonable function (PUF). The PUF can accept different forms of challenges including pulsewidth, digital binary, and placement challenges. The responses from the PUF are only verifiable by entities with access to the unique timing signature. However, the authentic device is the only entity who can respond within a given time constraint. The constraint is set by the gap between the speed of PUF evaluation on authentic hardware and simulation of its behavior. A suite of authentication protocols is introduced based on the time-bounded mechanism. We ensure that the responses are robust to fluctuations in operational conditions such as temperature and voltage variations by employing: 1) a linear calibration mechanism that adjusts the clock frequency by a feedback from on-chip temperature and voltage sensor readings, and 2) a differential PUF structure with real-valued responses that cancels out the common impact of variations on delays. Security against various attacks is discussed and a proof-of-concept implementation of signature extraction and authentication are demonstrated on Xilinx Virtex 5 FPGAs.