54.5.2 PUF Operations
During startup, the PUF controller first tests the PUF-dedicated SRAM for defects. If defects are found, the PUF SRAM is disqualified, and the PUF controller does not allow any operations. This prevents security breaches due to a malfunctioning PUF.
Enrollment is done to obtain the device’s intrinsic PUF key, and as a result creates helper data (the activation code). This code must be stored in a non-volatile memory area. From then on, the device’s activation code can be provided to reconstruct the intrinsic PUF key.
When the intrinsic PUF key is available (which is the case after enrollment and after successful reconstruction), key operations can be performed.
| Operation Name | Runtime (in clock cycles) |
|---|---|
| Initialization | 36800 with memory test |
| 26400 without memory test | |
| 14550 for a warm reset | |
| Enroll | 33800 |
| Start (12.5% PUF noise) | 53400 |
| Start (worst case PUF noise) | 55650 |
| Reconstruct (12.5% PUF noise) | 40450 |
| Reconstruct (worst case PUF noise) | 42700 |
| Stop | 1600 |
| Get Key (256 bits) | 1200 |
| Wrap Generated Random (256 bits) | 6000 |
| Wrap (256 bits) | 4450 |
| Unwrap (256 bits) | 2850 |
| Generate Random (256 bits) | 1650 |
| Reseed (no external entropy) | 4600 |
| Reseed (external entropy) | 5800 |
| Test Memory | 12800 |
| Test PUF | 2400 |
| BIST | 57100 |
| Zeroize | 1600 |
When all required key operations have been completed, a Stop command removes all key material from the PUF controller. When more key operations need to be performed later, this can be enabled by a new reconstruction.
With PUF DRNG, bit strings can be generated for use in other parts of the system (e.g. as IV, session key, nonce, etc.).
A Built-In Self-Test (BIST) is available to test digital logic in the field. It clears and then tests all digital logic. The result is provided via a register. After BIST has completed, operations can be resumed as if the PUF controller had just been reset.