Improving Usability of the SRAM PUF with a Compact Token Design

Jack Garrard; Saloni Jain; Ian Burke; Mahafujul Alam; Bertrand Cambou

doi:10.1007/978-3-031-92611-2_18

Improving Usability of the SRAM PUF with a Compact Token Design

Jack Garrard, Saloni Jain, Ian Burke, Mahafujul Alam, Bertrand Cambou

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

With the importance of cybersecurity and cryptography in the modern era, two-factor authentication has become critical to user authentication. Devices like phones, YubiKeys, and smart cards are foundational technologies in this field. However, these devices have been found to give predictable responses if internal secrets are discovered. By using measured intrinsic properties of devices rather than stored secrets, a Physically Unclonable Function (PUF) can provide more cryptographic information with great resilience to side-channel attacks. This cryptographic information can be measured using Challenge-Response Pairs (CRPs) and the resulting response can be used for key generation. The Static Random Access Memory (SRAM) PUF is one viable option for creating such a cryptographic primitive. Current implementations of the SRAM PUF are still not feasible for replacement of a portable two-factor authentication mechanism due to size and error rates. In this paper, we improve upon previous SRAM PUF designs allowing them to be a publicly accessible source for two-factor authentication through tokenization of the PUF. Our design shown has a similar size to the YubiKey while being backed by PUF-based technologies allowing for accessible security primitives capable of key generation.

Original language	English (US)
Title of host publication	Intelligent Computing - Proceedings of the 2025 Computing Conference
Editors	Kohei Arai
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	257-268
Number of pages	12
ISBN (Print)	9783031926105
DOIs	https://doi.org/10.1007/978-3-031-92611-2_18
State	Published - 2025
Event	Computing Conference, CompCom 2025 - London, United Kingdom Duration: Jun 19 2025 → Jun 20 2025

Publication series

Name	Lecture Notes in Networks and Systems
Volume	1426 LNNS
ISSN (Print)	2367-3370
ISSN (Electronic)	2367-3389

Conference

Conference	Computing Conference, CompCom 2025
Country/Territory	United Kingdom
City	London
Period	6/19/25 → 6/20/25

Keywords

Challenge-Response Pairs (CRPs)
Cryptography
Cybersecurity, Tokenization
Key generation
Physical Unclonable Function (PUF)
Static random access memory

ASJC Scopus subject areas

Control and Systems Engineering
Signal Processing
Computer Networks and Communications

Access to Document

10.1007/978-3-031-92611-2_18

Cite this

Garrard, J., Jain, S., Burke, I., Alam, M., & Cambou, B. (2025). Improving Usability of the SRAM PUF with a Compact Token Design. In K. Arai (Ed.), Intelligent Computing - Proceedings of the 2025 Computing Conference (pp. 257-268). (Lecture Notes in Networks and Systems; Vol. 1426 LNNS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-92611-2_18

Improving Usability of the SRAM PUF with a Compact Token Design. / Garrard, Jack; Jain, Saloni; Burke, Ian et al.
Intelligent Computing - Proceedings of the 2025 Computing Conference. ed. / Kohei Arai. Springer Science and Business Media Deutschland GmbH, 2025. p. 257-268 (Lecture Notes in Networks and Systems; Vol. 1426 LNNS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Garrard, J, Jain, S, Burke, I, Alam, M & Cambou, B 2025, Improving Usability of the SRAM PUF with a Compact Token Design. in K Arai (ed.), Intelligent Computing - Proceedings of the 2025 Computing Conference. Lecture Notes in Networks and Systems, vol. 1426 LNNS, Springer Science and Business Media Deutschland GmbH, pp. 257-268, Computing Conference, CompCom 2025, London, United Kingdom, 6/19/25. https://doi.org/10.1007/978-3-031-92611-2_18

@inproceedings{08d6c239f07e4fb7a038a7a3a5f281b4,

title = "Improving Usability of the SRAM PUF with a Compact Token Design",

abstract = "With the importance of cybersecurity and cryptography in the modern era, two-factor authentication has become critical to user authentication. Devices like phones, YubiKeys, and smart cards are foundational technologies in this field. However, these devices have been found to give predictable responses if internal secrets are discovered. By using measured intrinsic properties of devices rather than stored secrets, a Physically Unclonable Function (PUF) can provide more cryptographic information with great resilience to side-channel attacks. This cryptographic information can be measured using Challenge-Response Pairs (CRPs) and the resulting response can be used for key generation. The Static Random Access Memory (SRAM) PUF is one viable option for creating such a cryptographic primitive. Current implementations of the SRAM PUF are still not feasible for replacement of a portable two-factor authentication mechanism due to size and error rates. In this paper, we improve upon previous SRAM PUF designs allowing them to be a publicly accessible source for two-factor authentication through tokenization of the PUF. Our design shown has a similar size to the YubiKey while being backed by PUF-based technologies allowing for accessible security primitives capable of key generation.",

keywords = "Challenge-Response Pairs (CRPs), Cryptography, Cybersecurity, Tokenization, Key generation, Physical Unclonable Function (PUF), Static random access memory",

author = "Jack Garrard and Saloni Jain and Ian Burke and Mahafujul Alam and Bertrand Cambou",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.; Computing Conference, CompCom 2025 ; Conference date: 19-06-2025 Through 20-06-2025",

year = "2025",

doi = "10.1007/978-3-031-92611-2\_18",

language = "English (US)",

isbn = "9783031926105",

series = "Lecture Notes in Networks and Systems",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "257--268",

editor = "Kohei Arai",

booktitle = "Intelligent Computing - Proceedings of the 2025 Computing Conference",

address = "Germany",

}

TY - GEN

T1 - Improving Usability of the SRAM PUF with a Compact Token Design

AU - Garrard, Jack

AU - Jain, Saloni

AU - Burke, Ian

AU - Alam, Mahafujul

AU - Cambou, Bertrand

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

PY - 2025

Y1 - 2025

N2 - With the importance of cybersecurity and cryptography in the modern era, two-factor authentication has become critical to user authentication. Devices like phones, YubiKeys, and smart cards are foundational technologies in this field. However, these devices have been found to give predictable responses if internal secrets are discovered. By using measured intrinsic properties of devices rather than stored secrets, a Physically Unclonable Function (PUF) can provide more cryptographic information with great resilience to side-channel attacks. This cryptographic information can be measured using Challenge-Response Pairs (CRPs) and the resulting response can be used for key generation. The Static Random Access Memory (SRAM) PUF is one viable option for creating such a cryptographic primitive. Current implementations of the SRAM PUF are still not feasible for replacement of a portable two-factor authentication mechanism due to size and error rates. In this paper, we improve upon previous SRAM PUF designs allowing them to be a publicly accessible source for two-factor authentication through tokenization of the PUF. Our design shown has a similar size to the YubiKey while being backed by PUF-based technologies allowing for accessible security primitives capable of key generation.

AB - With the importance of cybersecurity and cryptography in the modern era, two-factor authentication has become critical to user authentication. Devices like phones, YubiKeys, and smart cards are foundational technologies in this field. However, these devices have been found to give predictable responses if internal secrets are discovered. By using measured intrinsic properties of devices rather than stored secrets, a Physically Unclonable Function (PUF) can provide more cryptographic information with great resilience to side-channel attacks. This cryptographic information can be measured using Challenge-Response Pairs (CRPs) and the resulting response can be used for key generation. The Static Random Access Memory (SRAM) PUF is one viable option for creating such a cryptographic primitive. Current implementations of the SRAM PUF are still not feasible for replacement of a portable two-factor authentication mechanism due to size and error rates. In this paper, we improve upon previous SRAM PUF designs allowing them to be a publicly accessible source for two-factor authentication through tokenization of the PUF. Our design shown has a similar size to the YubiKey while being backed by PUF-based technologies allowing for accessible security primitives capable of key generation.

KW - Challenge-Response Pairs (CRPs)

KW - Cryptography

KW - Cybersecurity, Tokenization

KW - Key generation

KW - Physical Unclonable Function (PUF)

KW - Static random access memory

UR - https://www.scopus.com/pages/publications/105013621132

UR - https://www.scopus.com/inward/citedby.url?scp=105013621132&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-92611-2_18

DO - 10.1007/978-3-031-92611-2_18

M3 - Conference contribution

AN - SCOPUS:105013621132

SN - 9783031926105

T3 - Lecture Notes in Networks and Systems

SP - 257

EP - 268

BT - Intelligent Computing - Proceedings of the 2025 Computing Conference

A2 - Arai, Kohei

PB - Springer Science and Business Media Deutschland GmbH

T2 - Computing Conference, CompCom 2025

Y2 - 19 June 2025 through 20 June 2025

ER -