Ultrafast Near‐Ideal Phase‐Change Memristive Physical Unclonable Functions Driven by Amorphous State Variations

Abstract There is an ever‐increasing demand for next‐generation devices that do not require passwords and are impervious to cloning. For traditional hardware security solutions in edge computing devices, inherent limitations are addressed by physical unclonable functions (PUF). However, realizing efficient roots of trust for resource constrained hardware remains extremely challenging, despite excellent demonstrations with conventional silicon circuits and archetypal oxide memristor‐based crossbars. An attractive, down‐scalable approach to design efficient cryptographic hardware is to harness memristive materials with a large‐degree‐of‐randomness in materials state variations, but this strategy is still not well understood. Here, the utilization of high‐degree‐of‐randomness amorphous (A) state variations associated with different operating conditions via thermal fluctuation effects is demonstrated, as well as an integrated framework for in memory computing and next generation security primitives, viz., APUF, for achieving secure key generation and device authentication. Near ideal uniformity and uniqueness without additional initial writing overheads in weak memristive A‐PUF is achieved. In‐memory computing empowers a strong exclusive OR (XOR‐) and‐repeat A PUF construction to avoid machine learning attacks, while rapid crystallization processes enable large‐sized‐key reconfigurability. These findings pave the way for achieving a broadly applicable security primitive for enhancing antipiracy of integrated systems and product authentication in supply chains.

. National Institute of Science and Technology (NIST) tests. Results of NIST test for strong PUF construction. 20 million bits corresponding to 20 million CRPS were collected for the NIST test. The responses successfully pass all 15 tests. Table S2. Reference utilized for comparison of mean value of HD distribution for UQ for weak PUF ( Figure S10).   Figure S11).         For PUF performed by traditional nonvolatile devices, if the challenge condition results in a device with the low conductance state, the response is '0', and the response becomes '1' for the case where the challenge condition leads to a device with the high conductance state [1,2] .

Ref no. Reference
Moreover, digital keys/ bits are generated using an array of cells for conventional nonvolatile devices [3] . Based on this protocol, we created the A PUF. This is achieved by utilizing an appropriate choice of the reference conductance     Figure 4c shows the schematic illustration of the generation of a key with 10 × 10 bits from strong PUF setup. This is achieved by administering a group of 100 different 32-bit challenge to the strong-PUF system and consolidating the 100 generated response bits in the form of a response matrix, which is utilized as the key for authentication purposes. Since the CRP space is large, it is possible to generate many different keys with wide bit-array-range.
We investigated the resilience of the strong PUF from machine learning (ML) attacks. In a ML attack, the machine learner is assumed to have access to CRPs and is able to utilize different algorithms to model CRP relationships. ML attacks are tested on the A PUF with two different algorithms, logistic regression (LR) and multi-layered perceptron (MLP). In this work, a total of 1.4 10 6 CRPs from the strong PUF are generated. We utilized an upper bound of 10 6 CRPs for training and a fixed test set of 0.4 10 6 CRPs for testing. The number of training samples is varied between 10 2 and 10 6 , and the same CRP test-set is harnessed. We obtained an attack accuracy of ~50%, close to the 50% accuracy of random guessing. Moreover, the attack accuracy remains the same with an increased number of CRPs utilized for training (Figure 4d).
In the worst-case scenario, if the attacker attains a CRP number above 10 6 CRPs, it still causes a strain on attacker computation resources. This could be considered as a universal approach to design ML-resistant strong PUF using small to medium-sized arrays through memristive materials and with few tens of cells.  (Table S1). The response bits passed all 15 tests, exhibiting a high quality of randomness of CRPs.

Reconfiguration
The reconfiguration of the PUF key is required for supporting ownership change, changes in software versions or preventing external attacks by malicious third parties [4,5] . We harnessed the cycle-to-cycle variability of PCM to switch the cells into new reset states to facilitate the freshness of cryptographic key. With this reconfiguration, the trustworthy party can now reconfigure the keys, rendering all previous keys inferred or known by the attackers futile. This is achieved by applying 3.5 V pulses to switch all the 16 cells from the low resistance crystallized state (~10 kΩ/ 100 µS) to the high resistance melt-quenched A state (~300 k / 3.3 µS). Administering these pulses to the same cells for 5 different cycles results in a stochastic variation in the resistance slightly above/ below the mean resistance of 300 kΩ (equivalently, the conductance slightly above/ below the mean conductance of 3.33 µS). This forms the basis for reconfiguration. The reference conductance G ref, 3 (3.33 µS) is utilized. The difference between the reference conductance of the reconfigured weak PUF and that of the original weak PUF is that the conductance value is changed from 1.25 µS to 3.33 µS. Supporting Information Figure   S8c shows the histogram of reconfiguration HD. This is obtained by calculating the HD for This preserves the reliability of weak PUF.
In strong PUF, the spontaneous crystallization effect may influence the pairwise comparison output bit in Equation (1). For instance, if two cells in the as-fabricated very high resistance state are utilized (~1100 k / 0.9 µS), the pairwise comparison in Equation (1) [6,7] . In this work, the key is generated using stochasticity of the melt-quenched high resistance state prior to the write back process, followed by storing the key in database. To ensure that the same key is generated by the end user, the conductance needs to be consistently above/ below reference conductance. This is to eliminate reading errors the next time the conductance value is read using same protocol. For example, in the case where one cell with a conductance of 3.57 µS and another cell with the conductance of 3.125 µS are disclosed, the write back process is performed by setting the cell with the lower conductance to the new high conductance of ~100 µS. Next, the reference conductance is increased to the approximate midpoint conductance (~50 µS) between the new high conductance value of ~100 µS and low conductance value of ~3.125 µS, so that the same protocol results in excellent reading operations with large sensing margin.