Engineering SRAM-PUF on Arduino microcontroller

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2025-06-12 DOI:10.1016/j.sysarc.2025.103466

Mario Barbareschi , Franco Cirillo , Christian Esposito , Nicola Mazzocca

{"title":"Engineering SRAM-PUF on Arduino microcontroller","authors":"Mario Barbareschi , Franco Cirillo , Christian Esposito , Nicola Mazzocca","doi":"10.1016/j.sysarc.2025.103466","DOIUrl":null,"url":null,"abstract":"<div><div>The emergence of the Internet of Things (IoT) enables both people and devices to access services, data, and actuator control from remote locations, even spanning thousands of miles. Ensuring authentication, communication integrity, and confidentiality for IoT devices is essential for systems security and still an open challenge too. In this context, Physical Unclonable Functions (PUFs) have gained significant attention due to their ability to generate stable, tamper-resistant, and random fingerprints that can be successfully exploited to provide cryptography keys or to implement authentication schemes. However, PUFs necessitate dedicated hardware, making them costly and available only in specific designs, thereby impeding their broader adoption. In this paper, we enable the usage of static random access memory (SRAM)-based PUF on Arduino UNO device, an open-source board implemented upon an ATMega328P, without requiring special hardware. We analyze SRAM PUF quality parameters and how to reconstruct a reliable cryptography key by engineering a fuzzy extractor. Additionally, we design a secure bootloader as root-of-trust and, as a case study, we detail how to authenticate Arduino Sketches and how to implement an authentication scheme.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"167 ","pages":"Article 103466"},"PeriodicalIF":3.7000,"publicationDate":"2025-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125001389","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The emergence of the Internet of Things (IoT) enables both people and devices to access services, data, and actuator control from remote locations, even spanning thousands of miles. Ensuring authentication, communication integrity, and confidentiality for IoT devices is essential for systems security and still an open challenge too. In this context, Physical Unclonable Functions (PUFs) have gained significant attention due to their ability to generate stable, tamper-resistant, and random fingerprints that can be successfully exploited to provide cryptography keys or to implement authentication schemes. However, PUFs necessitate dedicated hardware, making them costly and available only in specific designs, thereby impeding their broader adoption. In this paper, we enable the usage of static random access memory (SRAM)-based PUF on Arduino UNO device, an open-source board implemented upon an ATMega328P, without requiring special hardware. We analyze SRAM PUF quality parameters and how to reconstruct a reliable cryptography key by engineering a fuzzy extractor. Additionally, we design a secure bootloader as root-of-trust and, as a case study, we detail how to authenticate Arduino Sketches and how to implement an authentication scheme.

查看原文本刊更多论文

Arduino微控制器上的工程SRAM-PUF

物联网（IoT）的出现使人和设备能够从远程位置访问服务、数据和执行器控制，甚至跨越数千英里。确保物联网设备的身份验证、通信完整性和机密性对系统安全至关重要，也是一个公开的挑战。在这种情况下，物理不可克隆函数（puf）由于能够生成稳定、防篡改和随机的指纹而受到了极大的关注，这些指纹可以成功地用于提供加密密钥或实现身份验证方案。然而，puf需要专用硬件，这使得它们价格昂贵，并且只能在特定的设计中使用，从而阻碍了它们的广泛采用。在本文中，我们在Arduino UNO设备上启用了基于静态随机存取存储器（SRAM）的PUF，这是一个在ATMega328P上实现的开源板，无需特殊硬件。我们分析了SRAM PUF质量参数，以及如何通过设计一个模糊提取器来重建一个可靠的密码密钥。此外，我们设计了一个安全的引导加载程序作为信任根，作为案例研究，我们详细介绍了如何认证Arduino草图以及如何实现认证方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.