Recently, there has been a growing interest in Physically Unclonable Functions (PUFs). These electronic circuits possess several key characteristics such as unpredictability and uniqueness that make them particularly attractive for security applications. PUFs offer an appealing solution for secure boot applications, providing a hardware-based mechanism for generating unique cryptographic keys. These keys can be used to encrypt the bootloader and operating system, thereby enhancing security. In this paper, we propose an innovative, secure boot scheme that leverages the functionality and characteristics of a PUF. Our approach eliminates the need for physical storage of the encryption key of the boot code, which enhances security and provides the possibility of securely updating the firmware. We will present an architecture that comprises essential components, along with a demo board on FPGA. The demo board features a general-purpose 64-bit RISC-V-based system that leverages the proposed PUF-based secure architecture, enabling secure boot and firmware update functionalities.
A PUF-Based Secure Boot for RISC-V Architectures
Stefano Di Matteo
;Luca Zulberti;Pietro Nannipieri;Luca Crocetti;Luca Fanucci;Sergio Saponara
2024-01-01
Abstract
Recently, there has been a growing interest in Physically Unclonable Functions (PUFs). These electronic circuits possess several key characteristics such as unpredictability and uniqueness that make them particularly attractive for security applications. PUFs offer an appealing solution for secure boot applications, providing a hardware-based mechanism for generating unique cryptographic keys. These keys can be used to encrypt the bootloader and operating system, thereby enhancing security. In this paper, we propose an innovative, secure boot scheme that leverages the functionality and characteristics of a PUF. Our approach eliminates the need for physical storage of the encryption key of the boot code, which enhances security and provides the possibility of securely updating the firmware. We will present an architecture that comprises essential components, along with a demo board on FPGA. The demo board features a general-purpose 64-bit RISC-V-based system that leverages the proposed PUF-based secure architecture, enabling secure boot and firmware update functionalities.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
