Fortifying Strong PUFs: A Modeling Attack-Resilient Approach Using Weak PUF for IoT Device Security

Strong Physical Unclonable Functions (PUFs) have gained traction as lightweight authentication solutions for IoT devices. However, their vulnerability to machine learning attacks poses a security risk. Various strategies have been introduced in the literature to enhance its resilience against modeling attacks, introducing additional complexity and making them unsuitable for resource-constrained devices. In contrast, weak PUFs exhibit inherent resistance to modeling attacks, but they suffer from a restricted number of Challenge-Response Pairs (CRPs), thus unsuitable for authentication. This paper proposes a PUF design that incorporates weak PUFs to obscure the responses of Strong PUFs, effectively safeguarding them from modeling attacks. Our design shows resilience against a modeling attack, revealing a maximum accuracy of 57% despite using 107 CRPs. The proposed method is implemented on the Artix-7 FPGA with Verilog HDL. The results demonstrate that the proposed method has a small footprint in terms of resource utilization. This innovative approach offers a lightweight solution for IoT device authentication, combining the strengths of strong and weak PUFs while mitigating the vulnerabilities associated with modeling attacks.