On the Pitfalls of Using Arbiter-PUFs as Building Blocks

被引:86
作者
Becker, Georg T. [1 ]
机构
[1] Ruhr Univ Bochum, Horst Gortz Inst IT Secur, D-44801 Bochum, Germany
关键词
Evolution strategies (ES); machine learning; physical unclonable functions (PUFs); reverse fuzzy extractor; AUTHENTICATION;
D O I
10.1109/TCAD.2015.2427259
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Physical unclonable functions (PUFs) have emerged as a promising solution for securing resource-constrained embedded devices such as RFID tokens. PUFs use the inherent physical differences of every chip to either securely authenticate the chip or generate cryptographic keys without the need of nonvolatile memory. However, PUFs have shown to be vulnerable to model building attacks if the attacker has access to challenge and response pairs. In these model building attacks, machine learning is used to determine the internal parameters of the PUF to build an accurate software model. Nevertheless, PUFs are still a promising building block and several protocols and designs have been proposed that are believed to be resistant against machine learning attacks. In this paper, we take a closer look at two such protocols, one based on reverse fuzzy extractors and one based on pattern matching. We show that it is possible to attack these protocols using machine learning despite the fact that an attacker does not have access to direct challenge and response pairs. The introduced attacks demonstrate that even highly obfuscated responses can be used to attack PUF protocols. Hence, this paper shows that even protocols in which it would be computationally infeasible to compute enough challenge and response pairs for a direct machine learning attack can be attacked using machine learning.
引用
收藏
页码:1295 / 1307
页数:13
相关论文
共 21 条
  • [11] A technique to build a secret key in integrated circuits for identification and authentication applications
    Lee, JW
    Lim, DY
    Gassend, B
    Suh, GE
    van Dijk, M
    Devadas, S
    [J]. 2004 SYMPOSIUM ON VLSI CIRCUITS, DIGEST OF TECHNICAL PAPERS, 2004, : 176 - 179
  • [12] Maes R, 2012, LECT NOTES COMPUT SC, V7428, P302, DOI 10.1007/978-3-642-33027-8_18
  • [13] Majzoobi M., 2012, 2012 IEEE CS Security and Privacy Workshops (SPW 2012), P33, DOI 10.1109/SPW.2012.30
  • [14] Paral Z., 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), P128, DOI 10.1109/HST.2011.5955010
  • [15] Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching
    Rostami, Masoud
    Majzoobi, Mehrdad
    Koushanfar, Farinaz
    Wallach, Dan S.
    Devadas, Srinivas
    [J]. IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING, 2014, 2 (01) : 37 - 49
  • [16] PUF Modeling Attacks on Simulated and Silicon Data
    Ruehrmair, Ulrich
    Soelter, Jan
    Sehnke, Frank
    Xu, Xiaolin
    Mahmoud, Ahmed
    Stoyanova, Vera
    Dror, Gideon
    Schmidhuber, Juergen
    Burleson, Wayne
    Devadas, Srinivas
    [J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2013, 8 (11) : 1876 - 1891
  • [17] Modeling Attacks on Physical Unclonable Functions
    Ruehrmair, Ulrich
    Sehnke, Frank
    Soelter, Jan
    Dror, Gideon
    Devadas, Srinivas
    Schmidhuber, Juergen
    [J]. PROCEEDINGS OF THE 17TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'10), 2010, : 237 - 249
  • [18] Physical unclonable functions for device authentication and secret key generation
    Suh, G. Edward
    Devadas, Srinivas
    [J]. 2007 44TH ACM/IEEE DESIGN AUTOMATION CONFERENCE, VOLS 1 AND 2, 2007, : 9 - +
  • [19] Design and implementation of the AEGIS single-chip secure processor using physical random functions
    Suh, GE
    O'Donnell, CW
    Sachdev, I
    Devadas, S
    [J]. 32ND INTERNATIONAL SYMPOSIUM ON COMPUTER ARCHITECTURE, PROCEEDINGS, 2005, : 25 - 36
  • [20] Van Herrewege A., 2012, P INT C FIN CRYPT DA, P374