FPGA Implementation of Resource-Efficient Recursive Challenge-Based PUF for Enhanced Security in IoT Applications

Physical unclonable functions (PUFs) serve as essential security primitives for cryptographic key generation particularly in Internet of Things (IoT) applications ensuring device-specific uniqueness and resistance to cloning. However existing PUF architectures often suffer from high resource consumption, susceptibility to machine learning (ML) attacks and instability under environmental variations. This paper presents a novel recursive challenge-based PUF (RPUF) that enhances randomness and security while minimizing hardware overhead. The proposed RPUF incorporates a recursive challenge mechanism reducing external challenge dependencies and increasing resistance to ML-based attacks. Additionally it integrates XOR operations at multiple stages enhancing nonlinearity and preventing attackers from accurately predicting challenge-response pairs (CRPs). The RPUF was implemented on Artix-7 and Zynq-7020 FPGAs and evaluated using 100K CRPs to assess its performance and security. Experimental results demonstrate that the proposed RPUF achieves high uniformity (50.25% on Artix-7, 50.18% on Zynq-7020), uniqueness (50.09% on Artix-7, 50.22% on Zynq-7020), diffuseness (50.01% on Artix-7, 50.12% on Zynq-7020), and reliability (99.27% on Artix-7, 99.35% on Zynq-7020 under temperature variations, 99.48% on Artix-7, 99.53% on Zynq-7020 under supply voltage variations) all while utilizing minimal hardware resources (36 LUTs on Artix-7, 35 LUTs on Zynq-7020). Furthermore, security analysis shows that RPUF maintains the lowest ML prediction accuracy across various ML algorithms underscoring its robustness against modeling attacks. The proposed design outperforms traditional PUF architectures in hardware efficiency, randomness', and security, making it highly suitable for IoT and embedded security applications.