Physical Characterization of Arbiter PUFs

As intended by its name, Physically Unclonable Functions PUFs are considered as an ultimate solution to deal with insecure storage, hardware counterfeiting, and many other security problems. However, many different successful attacks have already revealed vulnerabilities of certain digital intrinsic PUFs. Although settling-state-based PUFs, such as SRAM PUFs, can be physically cloned by semi-invasive and fully-invasive attacks, successful attacks on timing-based PUFs were so far limited to modeling attacks. Such modeling requires a large subset of challenge-response-pairs CRP to successfully model the targeted PUF. In order to provide a final security answer, this paper proves that all arbiter-based i.e. controlled and XOR-enhanced PUFs can be completely and linearly characterized by means of photonic emission analysis. Our experimental setup is capable of measuring every PUF-internal delay with a resolution of 6 picoseconds. Due to this resolution we indeed require only the theoretical minimum number of linear independent equations i.e. physical measurements to directly solve the underlying inhomogeneous linear system. Moreover, we neither require to know the actual PUF challenges nor the corresponding PUF responses for our physical delay extraction. On top of that devastating result, we are also able to further simplify our setup for easier physical measurement handling. We present our practical results for a real arbiter PUF implementation on a Complex Programmable Logic Device CPLD from Altera manufactured in a 180 nanometer process.

[1]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[2]  Srinivas Devadas,et al.  Controlled physical random functions , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[3]  Ulrich Rührmair,et al.  Combined Modeling and Side Channel Attacks on Strong PUFs , 2013, IACR Cryptol. ePrint Arch..

[4]  Jean-Pierre Seifert,et al.  Simple photonic emission analysis of AES , 2013, Journal of Cryptographic Engineering.

[5]  Jean-Pierre Seifert,et al.  Simple Photonic Emission Analysis of AES - Photonic Side Channel Analysis for the Rest of Us , 2012, CHES.

[6]  Ingrid Verbauwhede,et al.  Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions , 2010, Towards Hardware-Intrinsic Security.

[7]  Berk Sunar,et al.  Towards Robust Low Cost Authentication for Pervasive Devices , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[8]  Jean-Pierre Seifert,et al.  Cloning Physically Unclonable Functions , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[9]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[10]  Jean-Pierre Seifert,et al.  Invasive PUF Analysis , 2013, 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[11]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[12]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[13]  Boris Skoric,et al.  Robust Key Extraction from Physical Uncloneable Functions , 2005, ACNS.

[14]  G. Edward Suh,et al.  Extracting secret keys from integrated circuits , 2005, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[15]  Julie Ferrigno,et al.  When AES blinks: introducing optical side channel , 2008, IET Inf. Secur..

[16]  Jeroen Delvaux,et al.  Fault Injection Modeling Attacks on 65 nm Arbiter and RO Sum PUFs via Environmental Changes , 2014, IEEE Transactions on Circuits and Systems I: Regular Papers.

[17]  Sergei Skorobogatov,et al.  Optical Fault Masking Attacks , 2010, 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[18]  Frank Sehnke,et al.  On the Foundations of Physical Unclonable Functions , 2009, IACR Cryptol. ePrint Arch..

[19]  Jean-Pierre Seifert,et al.  Differential Photonic Emission Analysis , 2013, COSADE.

[20]  Ingrid Verbauwhede,et al.  PUFKY: A Fully Functional PUF-Based Cryptographic Key Generator , 2012, CHES.

[21]  Marten van Dijk,et al.  A technique to build a secret key in integrated circuits for identification and authentication applications , 2004, 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525).

[22]  Wolfgang Rankl,et al.  Smart Card Handbook , 1997 .

[23]  Jeroen Delvaux,et al.  Side channel modeling attacks on 65nm arbiter PUFs exploiting CMOS device noise , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[24]  Jean-Pierre Seifert,et al.  Functional integrated circuit analysis , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[25]  Sven Frohmann,et al.  Highly resolved spatial and temporal photoemission analysis of integrated circuits , 2013 .

[26]  Georg Sigl,et al.  Semi-invasive EM attack on FPGA RO PUFs and countermeasures , 2011 .

[27]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[28]  Srinivas Devadas,et al.  FPGA PUF using programmable delay lines , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[29]  François-Xavier Standaert,et al.  Strong PUFs and their (physical) unpredictability: a case study with power PUFs , 2013, WESS '13.

[30]  Elisabeth Oswald,et al.  Constructive Side-Channel Analysis and Secure Design , 2016, Lecture Notes in Computer Science.

[31]  Wolfgang Rankl,et al.  Smart Card Handbook: Rankl/Smart Card Handbook , 2010 .

[32]  Ahmad-Reza Sadeghi,et al.  Enhancing RFID Security and Privacy by Physically Unclonable Functions , 2009, Towards Hardware-Intrinsic Security.

[33]  Frederik Armknecht,et al.  A Formalization of the Security Features of Physical Functions , 2011, 2011 IEEE Symposium on Security and Privacy.