Physical Unclonable Functions

Module Number: EI71029

Duration: 1 Semester

Occurence: Summer semester

Language: English

Number of ECTS: 5


Professor in charge: Georg Sigl

Amount of work

Contact hours: 75

Self-study hours: 75

Total: 150

Description of Achievement and Assessment Methods

Lab work: In the practical part of the module, students show their capability to practically implement selected concepts from the lecture on FPGA. A properly functioning implementation of a module for key generation with PUFs and the documentation of the module are mandatory.

Oral Examination: In an examination talk, students name and explain concepts and applications of PUFs and TRNGs. They show that they know and can apply metrics to evaluate PUFs and TRNGs. They demonstrate that they can identify attack vectors on PUFs and that they can suggest appropriate countermeasures. Using their documentation and implementation from the lab part of the module, they show their deep understanding of the concepts used in the implementation. Grading of the module is based on this oral exam.

Prerequisites (recommended)

For the lab part of the module the following is required: - Knowledge in VHDL - Basic knowledge in cryptology like it is taught in the lecture Applied Cryptology.


This lecture addresses concrete concepts to utilize randomness which is available in hardware for IT-security. In the first part of the lecture, Physical Unclonable Functions (PUFs) are considered. First, concepts of PUFs are presented on a circuit level and effects, which are used, are discussed. Next, metrics for quality evaluation of PUFs are taught and applications of PUFs are presented. Required components for applications of PUFs are discussed as well as attacks and countermeasures. In a second part of the lecture, true random number generators (TRNGs) and methods to analyze TRNGs are addressed. In the lab part of the project, students implement on their own a module for en- and decryption of data on FPGA using a PUF. The goal is to implement key storage and random number generation on an FPGA where interface specification must be met. Modules for en- and decryption as well as for communication are provided. The exercise part of the module is dedicated to practice the content of the lecture, on the one hand. On the other hand, it helps the students in transferring content from the lecture to the lab part and supports the lab part.

Teaching and learning methods

Teacher-centered teaching is used in the lecture of this module to provide knowledge regarding concepts of PUFs and RNGs, evaluation methods for PUFs, and application of PUFs. The understanding of these theoretical contents is advanced in an exercise where interactive teacher-centered teaching is used as a learning method. Furthermore, in the exercise, knowledge regarding the transfer from theory into practice is provided. Also, students learn important aspects of practical implementations of PUFs and RNGs in the laboratory part of the module. Theoretical background for the laboratory part is provided in the lecture. The knowledge on how to transfer theory into practice is teached in the exercise. Based on that, students have to find solutions for the realization of typical components of PUF applications on their own. The components which are to be implemented are specified. Literature resources as well as discussions with a supervisor can be used to solve the task.


  • Lecture/Exercise: PowerPoint and blackboard presentation 
  • Lab: Brief instruction

Reading List

The following literature is recommended:

  •  C. Böhm und M. Hofer, "Physical Unclonable Functions in Theory and Practice", Springer 2012
  •   M. Hiller, "Key Derivation with Physical Unclonable Functions ", Dissertation, TUM 2016
  •  J. Delvaux, "Security Analysis of PUF-Based Key Generation and Entity Authentication", PhD Thesis, KU Leuven, 2017