Eliminating Leakage in Reverse Fuzzy Extractors

In recent years, physically unclonable functions (PUFs) have been proposed as a promising building block for key storage and device authentication. PUFs are physical systems, and as such, their responses are inherently noisy, precluding a straightforward derivation of cryptographic key material from raw PUF measurements. To overcome this drawback, fuzzy extractors are used to eliminate the noise and guarantee robust outputs. A special type is reverse fuzzy extractors, shifting the computational load of error correction toward a computationally powerful verifier. However, the reverse fuzzy extractor reveals error patterns to any eavesdropper, which may cause privacy issues (due to a systematic drift of the PUF responses, the error pattern is linkable to the identity) and even security problems (if the noise is data-dependent). In this paper, we quantify the issue of leakage due to asymmetry of noise, leveraging the binary asymmetric channel (BAC) model. We further propose to concatenate two BACs to form a symmetric channel, as a solution that is able to eliminate such noise. Finally, we propose a modified reverse fuzzy extractor that does not leak via the error patterns even in the case of systematic drift of the PUF responses.

[1]  Boris Skoric,et al.  Bias-based modeling and entropy analysis of PUFs , 2013, TrustED '13.

[2]  Wei Wu,et al.  Entropy loss in PUF-based key generation schemes: The repetition code pitfall , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[3]  Dawu Gu,et al.  Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications , 2016, CHES.

[4]  Boris Skoric,et al.  A trivial debiasing scheme for Helper Data Systems , 2018, Journal of Cryptographic Engineering.

[5]  Stefan Katzenbeisser,et al.  On the Systematic Drift of Physically Unclonable Functions Due to Aging , 2015, TrustED@CCS.

[6]  Frans M. J. Willems,et al.  Secure Key Generation from Biased PUFs , 2015, CHES.

[7]  Ingrid Verbauwhede,et al.  Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions , 2010, Towards Hardware-Intrinsic Security.

[8]  Boris Skoric,et al.  The Spammed Code Offset Method , 2014, IEEE Transactions on Information Forensics and Security.

[9]  An Braeken,et al.  Comparison of SRAM and FF PUF in 65nm Technology , 2011, NordSec.

[10]  Gerben Geltink Concealing Ketje: A Lightweight PUF-Based Privacy Preserving Authentication Protocol , 2016, LightSec.

[11]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[12]  Gilles Brassard,et al.  Practical Quantum Oblivious Transfer , 1991, CRYPTO.

[13]  Moti Yung,et al.  End-To-End Design of a PUF-Based Privacy Preserving Authentication Protocol , 2015, CHES.

[14]  Boris Skoric,et al.  Secure Key Storage with PUFs , 2007 .

[15]  Ulrich Rührmair,et al.  Strong PUFs: Models, Constructions, and Security Proofs , 2010, Towards Hardware-Intrinsic Security.

[16]  Po-Ning Chen,et al.  Error Probability Analysis of Binary Asymmetric Channels , 2010 .

[17]  Frans M. J. Willems,et al.  Information Leakage in Fuzzy Commitment Schemes , 2010, IEEE Transactions on Information Forensics and Security.

[18]  Stefan Katzenbeisser,et al.  Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-Enabled RFIDs , 2012, Financial Cryptography.

[19]  Solomon W. Golomb,et al.  The limiting behavior of the Z-channel (Corresp.) , 1980, IEEE Trans. Inf. Theory.

[20]  Stefan Katzenbeisser,et al.  PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon , 2012, CHES.

[21]  Ahmad-Reza Sadeghi,et al.  Short paper: lightweight remote attestation using physical functions , 2011, WiSec '11.