Attacking and protecting ring oscillator physical unclonable functions and code-offset fuzzy extractors

Physical Unclonable Functions (PUFs) are information storage primitives that can be used for cryptographic key generation. The Ring Oscillator PUF (RO PUF) evolved as one of the most promising PUFs and the Code-Offset Fuzzy Extractor (COFE) is one of the most popular key generation algorithms to date. In this dissertation, the resistance of RO PUFs and COFEs against physical attacks, e.g., electromagnetic and power analysis, is investigated. Further, countermeasures to protect both implementations are suggested, which enhances the security of PUF-based key generation systems.

[1]  Steven W. Smith,et al.  The Scientist and Engineer's Guide to Digital Signal Processing , 1997 .

[2]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[3]  Benedikt Heinz,et al.  Localized Electromagnetic Analysis of Cryptographic Implementations , 2012, CT-RSA.

[4]  Patrick Schaumont,et al.  A large scale characterization of RO-PUF , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[5]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[6]  Georg Sigl,et al.  Side-Channel Analysis of PUFs and Fuzzy Extractors , 2011, TRUST.

[7]  Matthias Hiller,et al.  Complementary IBS: Application specific error correction for PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[8]  Walter Fumy,et al.  A New Security Architecture for Smartcards Utilizing PUFs , 2012, ISSE.

[9]  Ulrich Rührmair,et al.  The Bistable Ring PUF: A new architecture for strong Physical Unclonable Functions , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[10]  Srinivas Devadas,et al.  Lightweight and Secure PUF Key Storage Using Limits of Machine Learning , 2011, CHES.

[11]  Srinivas Devadas,et al.  Performance metrics and empirical results of a PUF cryptographic key generation ASIC , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[12]  Akashi Satoh,et al.  Quantitative and Statistical Performance Evaluation of Arbiter Physical Unclonable Functions on FPGAs , 2010, 2010 International Conference on Reconfigurable Computing and FPGAs.

[13]  Miodrag Potkonjak,et al.  Testing Techniques for Hardware Security , 2008, 2008 IEEE International Test Conference.

[14]  Benedikt Heinz,et al.  Localized electromagnetic analysis of RO PUFs , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[15]  François-Xavier Standaert,et al.  Extractors against side-channel attacks: weak or strong? , 2011, Journal of Cryptographic Engineering.

[16]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[17]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[18]  Martin Bossert,et al.  Channel Coding for Telecommunications , 1999 .

[19]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[20]  Boris Skoric,et al.  Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions , 2009, Inf. Syst. Frontiers.

[21]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[22]  Ahmad-Reza Sadeghi,et al.  PUF-Enhanced RFID Security and Privacy , 2010 .

[23]  Georg Sigl,et al.  Protecting PUF Error Correction by Codeword Masking , 2013, IACR Cryptol. ePrint Arch..

[24]  Georg Sigl,et al.  Physical Unclonable Functions , 2012, Datenschutz und Datensicherheit - DuD.

[25]  Jean-Pierre Seifert,et al.  Cloning Physically Unclonable Functions , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[26]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[27]  Miodrag Potkonjak,et al.  Lightweight secure PUFs , 2008, ICCAD 2008.

[28]  Jorge Guajardo,et al.  Extended abstract: The butterfly PUF protecting IP on every FPGA , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[29]  Ingrid Verbauwhede,et al.  Intrinsic PUFs from Flip-flops on Reconfigurable Devices , 2008 .

[30]  Claudia Eckert,et al.  Improving the quality of ring oscillator PUFs on FPGAs , 2010, WESS '10.

[31]  Abdulhadi Shoufan,et al.  A simple power analysis attack on a McEliece cryptoprocessor , 2011, Journal of Cryptographic Engineering.

[32]  Patrick Schaumont,et al.  A Systematic Method to Evaluate and Compare the Performance of Physical Unclonable Functions , 2011, IACR Cryptol. ePrint Arch..

[33]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[34]  Daisuke Suzuki,et al.  The Glitch PUF: A New Delay-PUF Architecture Exploiting Glitch Shapes , 2010, CHES.

[35]  Ulrich Rührmair,et al.  Characterization of the bistable ring PUF , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[36]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[37]  Srinivas Devadas,et al.  Delay-based circuit authentication and applications , 2003, SAC '03.

[38]  Jean-Pierre Seifert,et al.  Simple photonic emission analysis of AES , 2013, Journal of Cryptographic Engineering.

[39]  Sidney N. Graybeal,et al.  Getting Out of the Starting Block , 1989 .

[40]  Patrick Schaumont,et al.  Improving the quality of a Physical Unclonable Function using configurable Ring Oscillators , 2009, 2009 International Conference on Field Programmable Logic and Applications.

[41]  Sylvain Guilley,et al.  Electromagnetic Radiations of FPGAs: High Spatial Resolution Cartography and Attack on a Cryptographic Module , 2009, TRETS.

[42]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[43]  Ingrid Verbauwhede,et al.  Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs , 2009, CHES.

[44]  Patrick Schaumont,et al.  A Comparative Analysis of Delay Based PUF Implementations on FPGA , 2009, IACR Cryptol. ePrint Arch..

[45]  Lei Wang,et al.  A Study of Side-Channel Effects in Reliability-Enhancing Techniques , 2009, 2009 24th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.

[46]  A. Ghazel,et al.  SRAM-FPGA implementation of masked S-Box based DPA countermeasure for AES , 2008, 2008 3rd International Design and Test Workshop.

[47]  Darko Kirovski,et al.  RF-DNA: Radio-Frequency Certificates of Authenticity , 2007, CHES.

[48]  Srinivas Devadas,et al.  Identification and authentication of integrated circuits , 2004, Concurr. Pract. Exp..

[49]  Louis Goubin,et al.  DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.

[50]  Mathias Wagner,et al.  700+ Attacks Published on Smart Cards: The Need for a Systematic Counter Strategy , 2012, COSADE.

[51]  Srinivas Devadas,et al.  Recombination of Physical Unclonable Functions , 2010 .

[52]  Berk Sunar,et al.  CDs Have Fingerprints Too , 2009, CHES.

[53]  G. David Forney,et al.  Concatenated codes , 2009, Scholarpedia.

[54]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[55]  Marten van Dijk,et al.  A technique to build a secret key in integrated circuits for identification and authentication applications , 2004, 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525).

[56]  Srinivas Devadas,et al.  Secure and robust error correction for physical unclonable functions , 2010, IEEE Design & Test of Computers.

[57]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[58]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[59]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[60]  Erik Tews,et al.  Side Channels in the McEliece PKC , 2008, PQCrypto.

[61]  Farinaz Koushanfar,et al.  FPGA Time-Bounded Unclonable Authentication , 2010, Information Hiding.

[62]  Ulrich Rührmair,et al.  SIMPL Systems: On a Public Key Variant of Physical Unclonable Functions , 2009, IACR Cryptol. ePrint Arch..

[63]  Chi-En Daniel Yin,et al.  LISA: Maximizing RO PUF's secret extraction , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[64]  David G. Stork,et al.  Pattern classification, 2nd Edition , 2000 .

[65]  Miodrag Potkonjak,et al.  Hardware-Based Public-Key Cryptography with Public Physically Unclonable Functions , 2009, Information Hiding.

[66]  R. C. Fairfield,et al.  An LSI Random Number Generator (RNG) , 1985, CRYPTO.

[67]  Berk Sunar,et al.  Differential template attacks on PUF enabled cryptographic devices , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[68]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[69]  Chi-En Yin A Regression-Based Entropy Distiller for RO PUFs , 2011 .

[70]  Ying Su,et al.  A Digital 1.6 pJ/bit Chip Identification Circuit Using Process Variations , 2008, IEEE Journal of Solid-State Circuits.

[71]  Srinivas Devadas,et al.  Reliable and efficient PUF-based key generation using pattern matching , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[72]  Sergei Skorobogatov,et al.  Optical Fault Masking Attacks , 2010, 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[73]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.

[74]  Pieter H. Hartel,et al.  Constructing practical Fuzzy Extractors using QIM , 2007 .

[75]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[76]  Georg Sigl,et al.  Semi-invasive EM attack on FPGA RO PUFs and countermeasures , 2011 .

[77]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[78]  Luc Vandendorpe,et al.  Computing the word-, symbol-, and bit-error rates for block error-correcting codes , 2004, IEEE Transactions on Communications.

[79]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.