Abstract: Existing trusted platform modules (TPMs) primarily rely on a single RSA public-private key pair as the foundation for secure trusted root, with this RSA key pair being permanently stored within the TPM chip. Consequently, this design architecture may expose the system to threats from physical-level attacks, such as physical analysis and side-channel analysis, thereby making it difficult to effectively guarantee system security. To address this issue, this paper proposes the use of a physically unclonable function (PUF) as the trusted root. By leveraging the secure characteristics of PUFs, includ- ing their physical tamper-resistance, randomness, and unpredictability, a PUF-based TPM architecture is designed and implemented. Furthermore, this paper effectively improves upon the security vulnerabilities in key generation algorithms and the inadequacies in authentication mechanisms identified in existing research. The improved design is then applied to trusted boot verification and secure firmware updates, thereby significantly enhancing the defense capabilities against security threats in trusted comput- ing environments. The security of the proposed protocol is thoroughly analyzed using BAN logic and the protocol automated verification tool AVISPA. Additionally, relevant experiments on trusted boot are conducted on the ZynqTM  7000 series development board. The results demonstrate that the proposed method enhances the security of key generation algorithms and effectively reduces the threats posed by adversaries tampering with bootloader and firmware update data, thereby compromising the system. Performance evaluation results indicate that the average duration of the entire authentication process in the proposed protocol is merely 0.06 seconds, showcasing its superior performance.

Key words: encryption and decryption, PUF, trusted boot, firmware update, authentication protocol