Abstract:RISC-V's limited security features hinder its use in confidential computing and heterogeneous platforms. This paper introduces RISecure-PUF, a security extension utilizing existing Physical Unclonable Functions for key generation and secure protocol purposes. A one-way hash function is integrated to ensure provable security against modeling attacks, while a lookaside buffer accelerates batch sampling and minimizes reliance on error correction codes. Implemented on the Genesys 2 FPGA, RISecure-PUF improves at least $2.72\times$ in batch scenarios with negligible hardware overhead and a maximum performance reduction of $10.7\%$, enabled by reusing the hash function module in integrated environments such as cryptographic engines.

What problem does this paper attempt to address?

This paper attempts to solve the problem of limited security functions faced by the RISC - V architecture in confidential computing and heterogeneous platform applications. Specifically, the RISC - V architecture lacks sufficient security features, which restricts its use in application scenarios requiring a high level of security, such as trusted computing, secure boot, and hardware isolation. To solve this problem, the author proposes **RISecure - PUF**, a security extension based on Physical Unclonable Function (PUF), aiming to provide multi - purpose security functions for the RISC - V architecture. The main objectives of RISecure - PUF include: 1. **Using PUF for key generation and security protocols**: By integrating existing PUF technologies, RISecure - PUF can generate root keys for encryption and support multiple security protocols. 2. **Improving resistance to modeling attacks**: By introducing one - way hash functions, the unpredictability of PUF output is ensured, thereby enhancing the resistance to modeling attacks. 3. **Accelerating batch sampling and reducing error correction dependence**: A look - aside buffer is introduced to accelerate the batch sampling process and reduce the dependence on Error Correction Code (ECC), thus improving efficiency. ### Specific Problem Description Although the RISC - V architecture has received wide attention due to its openness and flexibility, it has deficiencies in security. Especially in applications involving sensitive data processing, such as finance, medical and other fields, the security problems of RISC - V urgently need to be solved. Some existing security modules, such as Trusted Platform Module (TPM) and Secure Element, have been widely used in x86 and ARM architectures, but have not been fully explored in the RISC - V architecture. ### Solution RISecure - PUF solves the above problems in the following ways: - **Combination of PUF and hash function**: Combining PUF with one - way hash function can not only generate reliable keys, but also ensure the unpredictability of the output, thereby improving the security of the system. - **Look - aside buffer optimization**: By introducing a look - aside buffer, the dependence on ECC in the batch sampling process is reduced, significantly improving the sampling speed and efficiency. - **Compatibility with existing encryption engines**: Compatibility with existing encryption engines is considered during the design, minimizing additional hardware overhead while maintaining high - performance. ### Experimental Verification The experimental results show that RISecure - PUF achieves at least a 2.72 - fold acceleration in batch sampling on Genesys 2 FPGA, and both the hardware overhead and performance loss are within an acceptable range. This proves that RISecure - PUF not only improves security, but also has good feasibility and high efficiency in practical applications. In conclusion, this paper aims to make up for the security deficiencies of the RISC - V architecture by introducing RISecure - PUF, enabling it to be better applied in scenarios requiring high security.

RISecure-PUF: Multipurpose PUF-Driven Security Extensions with Lookaside Buffer in RISC-V

Locking Secret Data in the Vault Leveraging Fuzzy PUFs

Building Secure SRAM PUF Key Generators on Resource Constrained Devices

Design and Implementation of a Group-Based RO PUF

Secure ECDSA SRAM-PUF Based on Universal Single/Double Scalar Multiplication Architecture

D-PUF: An Intrinsically Reconfigurable DRAM PUF for Device Authentication and Random Number Generation.

A Response-Feedback-Based Strong PUF with Improved Strict Avalanche Criterion and Reliability

A High Area-Efficiency RRAM-Based Strong PUF with Multi-Entropy Source and Configurable Double-Read Process

RPPUF: an Ultra-Lightweight Reconfigurable Pico-Physically Unclonable Function for Resource-Constrained IoT Devices

A Novel FeFET Array-Based PUF: Co-optimization of Entropy Source and CRP Generation for Enhanced Robustness in IoT Security

Extending 1kb RRAM array from weak PUF to strong PUF by employment of SHA module

Efficient Attacks on Strong PUFs via Covariance and Boolean Modeling

Concealable Physically Unclonable Function Chip with a Memristor Array

Hardware Implementation of Physical Unclonable Function on FPGAs

25.2 A Reconfigurable RRAM Physically Unclonable Function Utilizing Post-Process Randomness Source with <6×10−6 Native Bit Error Rate

A Highly Reliable Strong Physical Unclonable Function Design Based on FPGA

R$^3$PUF: A Highly Reliable Memristive Device based Reconfigurable PUF

A PUF-Based Key Storage Scheme Using Fuzzy Vault

Architecture and Physical Implementation of Reconfigurable Multi-Port Physical Unclonable Functions in 65 Nm CMOS.

Model and Physical Implementation of Multi-Port PUF in 65 Nm CMOS

A Homogeneous, Reconfigurable, and Efficient Implementation of PUF in 3-D Selector-Free RRAM