Practical DRAM PUFs in Commodity Devices

A Physically Unclonable Function (PUF) is a unique and stable physical characteristic of a piece of hardware, due to variations in the fabrication processes. Prior works have demonstrated that PUFs are a promising cryptographic primitive to enable hardware-based device authentication and identification. A diverse number of PUFs have been explored, e.g., delay-based PUFs in dedicated circuits, SRAMbased PUFs in commodity hardware, and DRAM-based PUFs in custom FPGA-based setup. This paper is the first to extract and evaluate a DRAM PUFs from commodity off-the-shelf hardware and to provide a practical solution to query the PUF during a Linux system run-time, not just at startup. DRAM instances are traditionally larger compared to SRAM and thus provide an increased challenge-response space that makes them attractive. Lightweight protocols for device authentication and secure channel establishment are proposed, that exploit this large challenge-response space of the DRAM PUFs and the time-dependent decay of DRAM cells. Intrinsic DRAM PUF characteristics are evaluated based on commodity hardware using custom Linux kernel module and also firmware code.