Security analysis of index-based syndrome coding for PUF-based key generation

Physical Unclonable Functions (PUFs) as secure providers for cryptographic keys have gained significant research interest in recent years. Since plain PUF responses are typically unreliable, error-correcting mechanisms are employed to transform a fuzzy PUF response into a deterministic cryptographic key. In this context, Index-Based Syndrome Coding (IBS) has been reported as being provably secure in case of identical and independently distributed PUF responses and is therefore an interesting option to implement a highly secure key provider. In this paper we analyze the security of IBS in combination with a k-sum PUF as proposed at CHES 2011. Since for a k-sum PUF the assumption of identical and independently distributed responses does not hold, the notion of leaked bits was introduced at CHES 2011 to capture the security of such constructions. Based on a refined analysis using hamming distance characterization and machine learning techniques, we show that the entropy of the key obtained is significantly lower than expected. More precisely, we obtained from our findings that even the construction from CHES with the highest security claims only achieves a bit entropy rate of 0.39.

[1]  Sani R. Nassif,et al.  Ultra-low power current-based PUF , 2011, 2011 IEEE International Symposium of Circuits and Systems (ISCAS).

[2]  Srinivas Devadas,et al.  Recombination of Physical Unclonable Functions , 2010 .

[3]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[4]  Ingrid Verbauwhede,et al.  Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs , 2009, CHES.

[5]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[6]  Srinivas Devadas,et al.  Reliable and efficient PUF-based key generation using pattern matching , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[7]  Ahmad-Reza Sadeghi,et al.  Efficient Helper Data Key Extractor on FPGAs , 2008, CHES.

[8]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[9]  Jeroen Delvaux,et al.  Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation , 2014, CT-RSA.

[10]  Wei Wu,et al.  Entropy loss in PUF-based key generation schemes: The repetition code pitfall , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[11]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[12]  Daniel E. Holcomb,et al.  Bitline PUF: Building Native Challenge-Response PUF Capability into Any SRAM , 2014, IACR Cryptol. ePrint Arch..

[13]  Tim Güneysu,et al.  Using Data Contention in Dual-ported Memories for Security Applications , 2010, Journal of Signal Processing Systems.

[14]  Nikolaus Hansen,et al.  The CMA Evolution Strategy: A Comparing Review , 2006, Towards a New Evolutionary Computation.

[15]  Matthias Hiller,et al.  Complementary IBS: Application specific error correction for PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[16]  Srinivas Devadas,et al.  Lightweight and Secure PUF Key Storage Using Limits of Machine Learning , 2011, CHES.

[17]  Srinivas Devadas,et al.  Performance metrics and empirical results of a PUF cryptographic key generation ASIC , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[18]  Peter Simons,et al.  Buskeeper PUFs, a promising alternative to D Flip-Flop PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[19]  Helper Data,et al.  Reliable and efficient PUF-based key generation using pattern matching , 2011 .

[20]  Patrick Schaumont,et al.  A large scale characterization of RO-PUF , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[21]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[22]  Ingrid Verbauwhede,et al.  Intrinsic PUFs from Flip-flops on Reconfigurable Devices , 2008 .

[23]  Srinivas Devadas,et al.  Secure and robust error correction for physical unclonable functions , 2010, IEEE Design & Test of Computers.

[24]  Bart Preneel,et al.  Soft Decision Error Correction for Compact Memory-Based PUFs Using a Single Enrollment , 2012, CHES.

[25]  Ingrid Verbauwhede,et al.  PUFKY: A Fully Functional PUF-Based Cryptographic Key Generator , 2012, CHES.