GridTrust PUF Setup
The PUF utilized by the GridTrust framework is an SRAM PUF found on the LPC55S69 microprocessor. Our PUF usage utilizes two bare-metal scripts. First, an enrollment script is ran to initialize the PUF and store a chosen counter and AES key value. Second, an operational script is flashed to the memory of the device for deployment of the PUF board.
Source Code
Github link (Note: source code release is being prepared)
Device Utilized
LPCXpresso55S69 Development Board
Software Utilized
Setup
The PUF setup first enrolls a desired AES key and a 128-bit counter onto the LPC55S69 microprocessor. These steps are accomplished with the MCUXpresso SDK, available from NXP.
- Install MCUXpresso
- Load the enroll project found at github puf/enroll.zip
- Change the counter and AES key values found in the enroll.c file
- Found on lines 60 and 63 of enroll.c
- Note: these values are represented as the same endianess as the values stored in the server’s database.
- Build the enroll project and run the program on the PUF board one time.
- Load the encrypt_ctr project found at github puf/encrypt_ctr.zip
- Build the project and flash the program onto the PUF board
- Do not run the program as this will increment the counter stored on the board
- Repeat steps 2-6 for each PUF board.