Machine learning of physical unclonable functions using helper data revealing a pitfall in the fuzzy commitment scheme

被引:0
作者
Strieder E. [1 ]
Frisch C. [2 ]
Pehl M. [2 ]
机构
[1] Technical University of Munich, Department of Electrical and Computer Engineering
来源
IACR Transactions on Cryptographic Hardware and Embedded Systems | 2021年 / 2021卷 / 02期
关键词
Error Correcting Code; Fuzzy Commitment Scheme; Fuzzy Extractor; Key Distribution; Key Storage; Machine Learning; Neural Network; Physical Unclonable Function; PUF; Supervised Learning;
D O I
10.46586/tches.v2021.i2.1-36
中图分类号
学科分类号
摘要
Physical Unclonable Functions (PUFs) are used in various key-generation schemes and protocols. Such schemes are deemed to be secure even for PUFs with challenge-response behavior, as long as no responses and no reliability information about the PUF are exposed. This work, however, reveals a pitfall in these constructions: When using state-of-the-art helper data algorithms to correct noisy PUF responses, an attacker can exploit the publicly accessible helper data and challenges. We show that with this public information and the knowledge of the underlying error correcting code, an attacker can break the security of the system: The redundancy in the error correcting code reveals machine learnable features and labels. Learning these features and labels results in a predictive model for the dependencies between different challenge-response pairs (CRPs) without direct access to the actual PUF response. We provide results based on simulated data of a k-SUM PUF model and an Arbiter PUF model. We also demonstrate the attack for a k-SUM PUF model generated from real data and discuss the impact on more recent PUF constructions such as the Multiplexer PUF and the Interpose PUF. The analysis reveals that especially the frequently used repetition code is vulnerable: For a SUM-PUF in combination with a repetition code, e.g., already the observation of 800 challenges and helper data bits suffices to reduce the entropy of the key down to one bit. The analysis also shows that even other linear block codes like the BCH, the Reed-Muller, or the Single Parity Check code are affected by the problem. The code-dependent insights we gain from the analysis allow us to suggest mitigation strategies for the identified attack. While the shown vulnerability advances Machine Learning (ML) towards realistic attacks on key-storage systems with PUFs, our analysis also facilitates a better understanding and evaluation of existing approaches and protocols with PUFs. Therefore, it brings the community one step closer to a more complete leakage assessment of PUFs. © 2021, Ruhr-University of Bochum. All rights reserved.
引用
收藏
页码:1 / 36
页数:35
相关论文
共 72 条
  • [31] Kocabas U., Peter A., Katzenbeisser S., Sadeghi A.-R., Converse PUF-based authentication, International Conference on Trust and Trustworthy Computing, pp. 142-158, (2012)
  • [32] Lim D., Lee J. W., Gassend B., Suh G. E., van Dijk M., Devadas S., Extracting secret keys from integrated circuits, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 13, 10, pp. 1200-1205, (2005)
  • [33] Masci J., Bronstein M. M., Bronstein A. M., Schmidhuber J., Multimodal Similarity-Preserving Hashing, IEEE Transactions on Pattern Analysis and Machine Intelligence, (2014)
  • [34] McGrath T., Bagci I. E., Wang Z. M., Roedig U., Young R. J., A PUF taxonomy, Applied Physics Reviews, 6, 1, (2019)
  • [35] Maiti A., Casarona J., McHale L., Schaumont P., A Large Scale Characterization of RO-PUF, HOST 2010, Proceedings of the 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), (2010)
  • [36] Majzoobi M., Rostami M., Koushanfar F., Wallach D. S., Devadas S., Slender PUF protocol: A lightweight, robust, and secure authentication by substring matching, 2012 IEEE Symposium on Security and Privacy Workshops, pp. 33-44, (2012)
  • [37] Merli D., Schuster D., Stumpf F., Sigl G., Side-Channel Analysis of PUFs and Fuzzy Extractors, Trust and Trustworthy Computing, (2011)
  • [38] Mueller J., Thyagarajan A., Siamese recurrent architectures for learning sentence similarity, Proceedings of the Thirtieth AAAI Conference on Artificial Intelligence, AAAI’16, pp. 2786-2792, (2016)
  • [39] Maes R., Tuyls P., Verbauwhede I., A soft decision helper data algorithm for SRAM PUFs, 2009 IEEE international symposium on information theory, pp. 2101-2105, (2009)
  • [40] Maes R., Van Herrewege A., Verbauwhede I., PUFKY: A Fully Functional PUF-Based Cryptographic Key Generator, Cryptographic Hardware and Embedded Systems – CHES 2012, (2012)
12345678