Your browser is unsupported

We recommend using the latest version of IE11, Edge, Chrome, Firefox or Safari.

Devroye, Rao receive grant to research Physically Unclonable Functions

graphic of interconnected IoT devices

As more of our devices become connected, establishing secure authentication protocols between these items is becoming increasingly important. Physically Unclonable Functions, or PUFs, are computer hardware circuits that can be built into computer chips at a relatively low cost. PUFs are like fingerprints for a device, and both authenticate and secure communication. They are expected to become critical in communication between connected Internet of Things devices in the near future.

As the name suggests, one would expect an unclonable device to be just that—unpredictable and unreproducible. Yet some PUFs have been shown to be “machine learnable”: as they transmit data during communication phases, their behavior can be predicted, enabling an attacker to mimic the PUF behavior and challenge the security of the communication.

Professor Natasha Devroye and Associate Professor Wenjing Rao, both with UIC’s electrical and computer engineering department, are developing a new framework to understand the fundamental limits and properties of PUFs. They are co-principal investigators on a National Science Foundation grant titled “CIF: Small: Analytically Predicting Strong PUF Responses from Few Known CRPs.”

“There is a real need to understand—theoretically, not just experimentally—how unpredictable a PUF really is under a variety of conditions,” Rao said. “Our work seeks to statistically quantify this.”

When PUFs are integrated onto computer chips, they provide a possible digital fingerprint, and as devices interact with each other, PUFs can be used to identify and authenticate a particular device. They aim to discover how predictable a PUF becomes after that interaction information between devices has been exposed.

Understanding the fundamental limits and properties of PUFs will help Devroye and Rao find ways to control the learning progress of an attacker to limit their ability to predict–and therefore outsmart—a  PUF.

“Our work has so far revealed how one can carefully select challenges that make the PUFs harder to learn, or use them to detect anomalies in the PUF fabrication process. It’s a wonderful project, really bringing together hardware security, statistics, and information theory to better design and use PUFs,” Devroye said.

The grant runs through December 31, 2020.

To learn more about Devroye’s work, visit her website, and learn more about Rao here.