A Theoretical Model to Link Uniqueness and Min-Entropy for PUF Evaluations
Physical unclonable functions (PUFs) are security primitives that enable the extraction of digital identifiers from electronic devices, based on the inherent silicon process variations between devices which occur during the manufacturing process. Due to the intrinsic and lightweight nature of a PUF, they have been proposed to provide security at a low cost for many applications, in particular for the internet of things (IoT). Many metrics have been proposed to evaluate the security and performance of PUF architectures, two of which are uniqueness and min-entropy. The uniqueness of a PUF response evaluates its ability to differentiate between different physical devices, while the min-entropy estimation is a measure of how much uncertainty the PUF response contains. The min-entropy is a lower-bound of real entropy. When the uniqueness of a PUF design is close to the optimal, it is unclear if this also implies that the design has a significantly high entropy; hence it would be useful to ascertain the minimum uniqueness required to achieve a given entropy. To date, a thorough investigation of the relationship between uniqueness and entropy for PUF designs has not been conducted. In this paper, this relationship between the uniqueness and entropy is explored, and for the first time, to the authors' knowledge, the relationship between them is modeled. To verify this model, both simulated and hardware-based experimental results are performed, with a test-bed containing 184 Xilinx Artix-7 FPGA based Basys3 boards providing a large data set for granular results. The experimental results demonstrate that the proposed model accurately estimates the relationship between uniqueness and min-entropy, with both the theoretical analysis and software simulations closely matching the experimental results.