7.6.5.2 PUF Operations

During start-up, the PUF controller first tests the PUF-dedicated SRAM for defects. If defects are found, the PUF SRAM is disqualified, and the PUF controller does not allow any operations. This prevents security breaches due to a malfunctioning PUF.

Enrollment is done to obtain the device’s intrinsic PUF key, and as a result creates helper data (the activation code). This code must be stored in a non-volatile memory area. From then on, the device’s activation code can be provided to reconstruct the intrinsic PUF key.

When the intrinsic PUF key is available (which is the case after enrollment and after successful reconstruction), key operations can be performed.

Table 7-9. List of Operations
Operation NameRuntime (in clock cycles)
Initialization36800 with memory test
26400 without memory test
14550 for a warm reset
Enroll33800
Start (12.5% PUF noise)53400
Start (worst case PUF noise)55650
Reconstruct (12.5% PUF noise)40450
Reconstruct (worst case PUF noise)42700
Stop1600
Get Key (256 bits)1200
Wrap Generated Random (256 bits)6000
Wrap (256 bits)4450
Unwrap (256 bits)2850
Generate Random (256 bits)1650
Reseed (no external entropy)4600
Reseed (external entropy)5800
Test Memory12800
Test PUF2400
BIST57100
Zeroize1600

When all required key operations have been completed, a Stop command removes all key material from the PUF controller. When more key operations need to be performed later, this can be enabled by a new reconstruction.

With PUF DRNG, bit strings can be generated for use in other parts of the system (for example, as IV, session key, nonce, etc.).

A Built-In Self-Test (BIST) is available to test digital logic in the field. It clears and then tests all digital logic. The result is provided via a register. After BIST has completed, operations can be resumed as if the PUF controller had just been reset.