Protecting PUF Error Correction by Codeword Masking

One of the main applications of Physical Unclonable Functions (PUFs) is unique key generation. While the advantages of PUF-based key extraction and embedding have been shown in several papers, physical attacks on it have gained only little interest until now. In this work, we demonstrate the feasibility of a differential power analysis attack on the error correction module of a secure sketch. This attack can also be applied to code-offset fuzzy extractors because they build upon secure sketches. We propose a codeword masking scheme to protect key generation algorithms used for PUFs. Our proposed countermeasure enables masking of linear Error-Correcting Codes (ECCs) without impact on their error correction capabilities while keeping the overhead low. This is achieved by random masking codewords, which can be efficiently generated by the ECC's encoding function. Further, it allows to consistently protect the PUF-based key generation process and can provide the masked key and its mask to a subsequent crypto module which implements masking as well. We demonstrate the practical protection of our codeword masking scheme by attacking a masked secure sketch implementation. We emphasize that, besides protecting code-offset algorithms, the proposed masking scheme can also be applied to index-based syndrome coding and other security-critical error correction modules.

[1]  Dieter Schuster Side-Channel Analysis of Physical Unclonable Functions (PUFs) , 2011 .

[2]  Ahmad-Reza Sadeghi,et al.  Efficient Helper Data Key Extractor on FPGAs , 2008, CHES.

[3]  Erik Tews,et al.  Side Channels in the McEliece PKC , 2008, PQCrypto.

[4]  Matthias Hiller,et al.  Complementary IBS: Application specific error correction for PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[5]  Walter Fumy,et al.  A New Security Architecture for Smartcards Utilizing PUFs , 2012, ISSE.

[6]  Lei Wang,et al.  A Study of Side-Channel Effects in Reliability-Enhancing Techniques , 2009, 2009 24th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.

[7]  A. Ghazel,et al.  SRAM-FPGA implementation of masked S-Box based DPA countermeasure for AES , 2008, 2008 3rd International Design and Test Workshop.

[8]  Louis Goubin,et al.  DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.

[9]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[10]  Abdulhadi Shoufan,et al.  A simple power analysis attack on a McEliece cryptoprocessor , 2011, Journal of Cryptographic Engineering.

[11]  Berk Sunar,et al.  Differential template attacks on PUF enabled cryptographic devices , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[12]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[13]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[14]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[15]  Georg Sigl,et al.  Side-Channel Analysis of PUFs and Fuzzy Extractors , 2011, TRUST.

[16]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[17]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[18]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[19]  Ingrid Verbauwhede,et al.  Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs , 2009, CHES.

[20]  Srinivas Devadas,et al.  Secure and robust error correction for physical unclonable functions , 2010, IEEE Design & Test of Computers.

[21]  Daniel J. Costello,et al.  Error Control Coding, Second Edition , 2004 .

[22]  S. Devadas,et al.  Design and Implementation of PUF-Based "Unclonable" RFID ICs for Anti-Counterfeiting and Security Applications , 2008, 2008 IEEE International Conference on RFID.

[23]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[24]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.