FPGA Implementation of a Cryptographically-Secure PUF Based on Learning Parity with Noise

Herder et al. (IEEE Transactions on Dependable and Secure Computing, 2017) designed a new computational fuzzy extractor and physical unclonable function (PUF) challenge-response protocol based on the Learning Parity with Noise (LPN) problem. The protocol requires no irreversible state updates on the PUFs for security, like burning irreversible fuses, and can correct for significant measurement noise when compared to PUFs using a conventional (information theoretical secure) fuzzy extractor. However, Herder et al. did not implement their protocol. In this paper, we give the first implementation of a challenge response protocol based on computational fuzzy extractors. Our main insight is that “confidence information” does not need to be kept private, if the noise vector is independent of the confidence information, e.g., the bits generated by ring oscillator pairs which are physically placed close to each other. This leads to a construction which is a simplified version of the design of Herder et al. (also building on a ring oscillator PUF). Our simplifications allow for a dramatic reduction in area by making a mild security assumption on ring oscillator physical obfuscated key output bits.

[1]  Sanjeev Arora,et al.  New Algorithms for Learning in Presence of Errors , 2011, ICALP.

[2]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[3]  Tanja Lange,et al.  Never Trust a Bunny , 2012, RFIDSec.

[4]  Thomas Johansson,et al.  Solving LPN Using Covering Codes , 2014, ASIACRYPT.

[5]  Marina Blanton,et al.  Analysis of Reusability of Secure Sketches and Fuzzy Extractors , 2013, IEEE Transactions on Information Forensics and Security.

[6]  Jorge Guajardo,et al.  Extended abstract: The butterfly PUF protecting IP on every FPGA , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[7]  Abhranil Maiti,et al.  Improved Ring Oscillator PUF: An FPGA-friendly Secure Primitive , 2011, Journal of Cryptology.

[8]  Srinivas Devadas,et al.  PUF Modeling Attacks on Simulated and Silicon Data , 2013, IEEE Transactions on Information Forensics and Security.

[9]  Srinivas Devadas,et al.  Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching , 2012, 2012 IEEE Symposium on Security and Privacy Workshops.

[10]  Chi-En Daniel Yin,et al.  LISA: Maximizing RO PUF's secret extraction , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[11]  Georg T. Becker,et al.  The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs , 2015, CHES.

[12]  Jean-Pierre Seifert,et al.  Why Attackers Win: On the Learnability of XOR Arbiter PUFs , 2015, TRUST.

[13]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[14]  Marina Blanton,et al.  On the (non-)reusability of fuzzy sketches and extractors and security in the computational setting , 2011, Proceedings of the International Conference on Security and Cryptography.

[15]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[16]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[17]  Marten van Dijk,et al.  MXPUF: Secure PUF Design against State-of-the-art Modeling Attacks , 2017, IACR Cryptol. ePrint Arch..

[18]  Omer Paneth,et al.  Reusable Fuzzy Extractors for Low-Entropy Distributions , 2016, Journal of Cryptology.

[19]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[20]  Berk Sunar,et al.  A Provably Secure True Random Number Generator with Built-In Tolerance to Active Attacks , 2007, IEEE Transactions on Computers.

[21]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[22]  Jean-Pierre Seifert,et al.  Physical Characterization of Arbiter PUFs , 2014, IACR Cryptol. ePrint Arch..

[23]  Patrick Schaumont,et al.  A large scale characterization of RO-PUF , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[24]  Srinivas Devadas,et al.  A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication , 2016, IEEE Transactions on Multi-Scale Computing Systems.

[25]  David Cash,et al.  Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems , 2009, CRYPTO.

[26]  Jean-Pierre Seifert,et al.  Laser Fault Attack on Physically Unclonable Functions , 2015, 2015 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[27]  Jan Sölter,et al.  Efficient Power and Timing Side Channels for Physical Unclonable Functions , 2014, CHES.

[28]  Stefan Mangard,et al.  An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order , 2017, CT-RSA.

[29]  Frederik Armknecht,et al.  A Formal Foundation for the Security Features of Physical Functions , 2011, S&P 2011.

[30]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[31]  Debdeep Mukhopadhyay,et al.  Efficient attacks on robust ring oscillator PUF with enhanced challenge-response set , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[32]  Éric Levieil,et al.  An Improved LPN Algorithm , 2006, SCN.

[33]  Jeroen Delvaux,et al.  Fault Injection Modeling Attacks on 65 nm Arbiter and RO Sum PUFs via Environmental Changes , 2014, IEEE Transactions on Circuits and Systems I: Regular Papers.

[34]  Jean-Pierre Seifert,et al.  Strong Machine Learning Attack Against PUFs with No Mathematical Model , 2016, CHES.

[35]  Srinivas Devadas,et al.  Trapdoor Computational Fuzzy Extractors and Stateless Cryptographically-Secure Physical Unclonable Functions , 2017, IEEE Transactions on Dependable and Secure Computing.

[36]  Bart Preneel,et al.  Privacy Weaknesses in Biometric Sketches , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[37]  Norbert Wehn,et al.  Hardware implementations of Gaussian elimination over GF(2) for channel decoding algorithms , 2013, 2013 Africon.

[38]  Leonid Reyzin,et al.  Computational Fuzzy Extractors , 2013, ASIACRYPT.

[39]  Vadim Lyubashevsky,et al.  The Parity Problem in the Presence of Noise, Decoding Random Linear Codes, and the Subset Sum Problem , 2005, APPROX-RANDOM.

[40]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[41]  Ankur Srivastava,et al.  A Combined Optimization-Theoretic and Side- Channel Approach for Attacking Strong Physical Unclonable Functions , 2018, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[42]  Avi Wigderson,et al.  Public-key cryptography from different assumptions , 2010, STOC '10.

[43]  Jean-Pierre Seifert,et al.  Lattice Basis Reduction Attack against Physically Unclonable Functions , 2015, CCS.

[44]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[45]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.