Qian Wang
ABSTRACT
Silicon Physical Unclonable Function (PUF) is arguably the most promising hardware security primitive. In particular, PUFs that are capable of generating a large amount of challenge response pairs (CRPs) can be used in many security applications. However, these CRPs can also be exploited by machine learning attacks to model the PUF and predict its response. In this paper, we first show that, based on data in the public domain, two popular PUFs that can generate CRPs (i.e., arbiter PUF and reconfigurable ring oscillator (RO) PUF) can be broken by simple logistic regression (LR) attack with about 99% accuracy. We then propose a feedback structure to XOR the PUF response with the challenge and challenge the PUF again to generate the response. Results show that this successfully reduces LR's learning accuracy to the lower 50%, but artificial neural network (ANN) learning attack still has an 80% success rate. Therefore, we propose a configurable ring oscillator based dual-mode PUF which works with both odd number of inverters (like the reconfigurable RO PUF) and even number of inverters (like a bistable ring (BR) PUF). Since currently there are no known attacks that can model both RO PUF and BR PUF, the dual-mode PUF will be resistant to modeling attacks as long as we can hide its working mode from the attackers, which we achieve with two practical methods. Finally, we implement the proposed dual-mode PUF on Nexys 4 FPGA boards and collect real measurement to show that it reduces the learning accuracy of LR and ANN to the mid-50% and low 60%, respectively. In addition, it meets the PUF requirements of uniqueness, randomness, and robustness.
- Blaise Gassend, Dwaine Clarke, Marten Van Dijk, and Srinivas Devadas. Silicon physical random functions. In Proceedings of the 9th ACM conference on Computer and communications security, pages 148--160. ACM, 2002. Google Scholar
Digital Library
- Mingze Gao, Khai Lai, and Gang Qu. A highly flexible ring oscillator puf. In 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC), pages 1--6. IEEE, 2014. Google ScholarDigital Library
- Qingqing Chen, György Csaba, Paolo Lugli, Ulf Schlichtmann, and Ulrich Rührmair. The bistable ring puf: A new architecture for strong physical unclonable functions. In Hardware-Oriented Security and Trust (HOST), 2011 IEEE International Symposium on, pages 134--141. IEEE, 2011.Google ScholarCross Ref
- Ulrich Rührmair, Frank Sehnke, Jan Sölter, Gideon Dror, Srinivas Devadas, and Jürgen Schmidhuber. Modeling attacks on physical unclonable functions. In Proceedings of the 17th ACM conference on Computer and communications security, pages 237--249. ACM, 2010. Google ScholarDigital Library
- Ulrich Rührmair, Jan Sölter, Frank Sehnke, Xiaolin Xu, Ahmed Mahmoud, Vera Stoyanova, Gideon Dror, Jürgen Schmidhuber, Wayne Burleson, and Srinivas Devadas. Puf modeling attacks on simulated and silicon data. IEEE Transactions on Information Forensics and Security, 8(11):1876--1891, 2013. Google ScholarDigital Library
- Qian Wang, An Wang, Gang Qu, and Guoshuang Zhang. New methods of template attack based on fault sensitivity analysis. IEEE Transactions on Multi-Scale Computing Systems, 3(2):113--123, 2017.Google ScholarCross Ref
- Dai Yamamoto, Masahiko Takenaka, Kazuo Sakiyama, and Naoya Torii. Security evaluation of bistable ring pufs on fpgas using differential and linear analysis. In Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pages 911--918. IEEE, 2014.Google ScholarCross Ref
- Yuntao Liu, Yang Xie, Chongxi Bao, and Ankur Srivastava. An optimization-theoretic approach for attacking physical unclonable functions. In Proceedings of the 35th International Conference on Computer-Aided Design, page 45. ACM, 2016. Google ScholarDigital Library
- Yuntao Liu, Yang Xie, Chongxi Bao, and Ankur Srivastava. A combined optimization-theoretic and side-channel approach for attacking strong physical unclonable functions. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 26(1):73--81, 2018.Google ScholarCross Ref
- Meng-Day Mandel Yu, Matthias Hiller, Jeroen Delvaux, Richard Sowell, Srinivas Devadas, and Ingrid Verbauwhede. A lockdown technique to prevent machine learning on pufs for lightweight authentication. IEEE Transactions on Multi-Scale Computing Systems, 2(3):146--159, 2016.Google ScholarCross Ref
- Xiaolin Xu, Ulrich Rührmair, Daniel E Holcomb, and Wayne Burleson. Security evaluation and enhancement of bistable ring pufs. In International Workshop on Radio Frequency Identification: Security and Privacy Issues, pages 3--16. Springer, 2015. Google ScholarDigital Library
- Yansong Gao, Damith C Ranasinghe, Said F Al-Sarawi, Omid Kavehei, and Derek Abbott. Emerging physical unclonable functions with nanotechnology. IEEE access, 4:61--80, 2016.Google ScholarCross Ref
- Mingze Gao, Khai Lai, Jiliang Zhang, Gang Qu, Aijiao Cui, and Qiang Zhou. Reliable and anti-cloning pufs based on configurable ring oscillators. In Computer-Aided Design and Computer Graphics (CAD/Graphics), 2015 14th International Conference on, pages 194--201. IEEE, 2015.Google ScholarCross Ref
- Meng-Day Yu, Ingrid Verbauwhede, Srinivas Devadas, and David M'Raihi. A noise bifurcation architecture for linear additive physical functions. In Hardware-Oriented Security and Trust (HOST), 2014 IEEE International Symposium on, pages 124--129. IEEE, 2014.Google ScholarCross Ref
- Daniel E Holcomb, Wayne P Burleson, and Kevin Fu. Power-up sram state as an identifying fingerprint and source of true random numbers. IEEE Transactions on Computers, 58(9):1198--1210, 2009. Google ScholarDigital Library
- Chi-En Yin and Gang Qu. Improving puf security with regression-based distiller. In Proceedings of the 50th Annual Design Automation Conference, page 184. ACM, 2013. Google ScholarDigital Library
- Chi-En Yin and Gang Qu. Temperature-aware cooperative ring oscillator puf. In Hardware-Oriented Security and Trust, 2009. HOST'09. IEEE International Workshop on, pages 36--42. IEEE, 2009. Google ScholarDigital Library
- Zdenek Paral and Srinivas Devadas. Reliable and efficient puf-based key generation using pattern matching. In Hardware-Oriented Security and Trust (HOST), 2011 IEEE International Symposium on, pages 128--133. IEEE, 2011.Google ScholarCross Ref
Index Terms
- A Machine Learning Attack Resistant Dual-mode PUF
Recommendations
Attack Is the Best Defense: A Multi-Mode Poisoning PUF Against Machine Learning Attacks
Advances in Knowledge Discovery and Data MiningAbstractResistance to modeling attacks is an important issue for Physical Unclonable Functions (PUFs). Deep learning, the state-of-the-art modeling attack, has recently been shown to be able to break many newly developed PUFs. Since then, many more ...
Machine Learning Vulnerability Analysis of FPGA-based Ring Oscillator PUFs and Counter Measures
Physical Unclonable Functions (PUFs) exploit the manufacturing process variations inherent in silicon-based chips to generate unique secret keys. Although PUFs are supposed to be unclonable or unbreakable, researchers have found that they are vulnerable ...
Machine Learning Attacks on Low-Cost Reconfigurable XRRO and XRBR PUF Designs
Security, Privacy, and Applied Cryptography EngineeringAbstractPhysically unclonable functions (PUFs) can be seen as hardware circuits whose output does not only depend upon the inputs fed to it, but also on the random variation in the integrated circuits (ICs) during its manufacturing process. As a result of ...
Comments