Recently, the resistance variability of Resistive Random Access Memory (RRAM) based array has been exploited to design a weak Physical Unclonable Function (PUF) for the cryptographic key generation. Generally, memory-based PUF is weak PUF as the challenge-response pair (CRP) space is limited by the memory capacity. In this work, we propose a design of RRAM based strong PUF for device authentication by employing Secure Hash Algorithm (SHA). The key idea is to split the challenge bits into two segments. The first segment is fed into the RRAM array and the output of the RRAM array is mixed with the second segment as the input to the SHA module, thereby significantly increasing the CRP space. To analyze the properties of the proposed strong PUF such as uniqueness and reliability, the resistance variability is experimentally measured from the fabricated 1 kb HfO2 based RRAM arrays, and the read current distribution is then modeled. The simulation shows that when the number of bits from RRAM is larger than 8 bits, the proposed PUF can present good uniqueness. In order to achieve higher security against PUF modeling attack, however, more bits from RRAM array should be feed into SHA module. With 32-bit from RRAM array, it could achieve average uniqueness ∼49.95%, uniformity of '1's ∼49.81%, diffusiveness ∼49.97% with tight distributions. The use of SHA imposes a strict requirement on the reliability, thus multiple RRAM cells are grouped and used to statistically minimize the risk of early retention failure of a single cell. On the other hand, the use of SHA provides a strong resistance against the machine learning attack as demonstrated through 3-layer multi-layer perceptron (MLP) modeling.