Papers
Topics
Authors
Recent
Search
2000 character limit reached

Breaking XOR Arbiter PUFs with Chosen Challenge Attack

Published 3 Dec 2023 in cs.CR | (2312.01256v2)

Abstract: The XOR Arbiter PUF was introduced as a strong PUF in 2007 and was broken in 2015 by a Machine Learning (ML) attack, which allows the underlying Arbiter PUFs to be modeled individually by exploiting reliability information of the measured responses. To mitigate the reliability-based attacks, state-of-the-art understanding shows that the reliability of individual Arbiter PUFs and the overall XOR Arbiter PUF can be boosted to an arbitrarily high level, thus rendering all known reliability-based ML attacks infeasible; alternatively, an access control interface around the XOR Arbiter PUF can prevent the same challenge-response pairs from being accessed repeatedly, thus eliminating the leakage of reliability information. We show that, \textbf{for the first time, a perfectly reliable XOR Arbiter PUF can be successfully attacked in a divide-and-conquer manner}, meaning each underlying Arbiter PUF in an XOR Arbiter PUF can be attacked individually. This allows us to attack large XOR Arbiter PUFs efficiently, even without reliability information or any side-channel information. Our key insight is that, instead of reliability information, the responses of highly correlated challenges also reveal how close the responses are to the response decision boundary. This leads to a \textit{chosen challenge attack} on XOR Arbiter PUFs by carefully choosing correlated challenges to measure and aggregate the collected information. We validate our attack by using PUF simulation, as well as an XOR Arbiter PUF implemented on FPGA. We also demonstrate that our chosen challenge methodology is compatible with the state-of-the-art combined gradient-based multi-objective optimization attack. Finally, we discuss an effective countermeasure that can prevent our attack but with a relatively large area overhead compared to the PUF itself.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (22)
  1. Georg T. Becker. The gap between promise and reality: On the insecurity of XOR arbiter pufs. In Tim Güneysu and Helena Handschuh, editors, Cryptographic Hardware and Embedded Systems - CHES 2015 - 17th International Workshop, Saint-Malo, France, September 13-16, 2015, Proceedings, volume 9293 of Lecture Notes in Computer Science, pages 535–555. Springer, 2015.
  2. Side channel modeling attacks on 65nm arbiter pufs exploiting CMOS device noise. In 2013 IEEE International Symposium on Hardware-Oriented Security and Trust, HOST 2013, Austin, TX, USA, June 2-3, 2013, pages 137–142. IEEE Computer Society, 2013.
  3. Pitfalls in machine learning-based adversary modeling for hardware systems. In 2020 Design, Automation & Test in Europe Conference & Exhibition, DATE 2020, Grenoble, France, March 9-13, 2020, pages 514–519. IEEE, 2020.
  4. Pufmeter a property testing tool for assessing the robustness of physically unclonable functions to machine learning attacks. IEEE Access, 7:122513–122521, 2019.
  5. Rock’n’roll pufs: crafting provably secure pufs from less secure ones (extended version). J. Cryptogr. Eng., 11(2):105–118, 2021.
  6. Controlled physical random functions. In 18th Annual Computer Security Applications Conference (ACSAC 2002), 9-13 December 2002, Las Vegas, NV, USA, pages 149–160. IEEE Computer Society, 2002.
  7. Silicon physical random functions. In Vijayalakshmi Atluri, editor, Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, DC, USA, November 18-22, 2002, pages 148–160. ACM, 2002.
  8. Secure remote attestation with strong key insulation guarantees. IEEE Transactions on Computers, 2023.
  9. Erasable pufs: Formal treatment and generic design. In Chip-Hong Chang, Ulrich Rührmair, Stefan Katzenbeisser, and Patrick Schaumont, editors, Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security Workshop, ASHES@CCS 2020, Virtual Event, USA, November 13, 2020, pages 21–33. ACM, 2020.
  10. Programmable access-controlled and generic erasable PUF design and its applications. J. Cryptogr. Eng., 12(4):413–432, 2022.
  11. Extracting secret keys from integrated circuits. IEEE Trans. Very Large Scale Integr. Syst., 13(10):1200–1205, 2005.
  12. Learning from output transitions: A chosen challenge strategy for ML attacks on pufs. In IEEE/ACM International Symposium on Low Power Electronics and Design, ISLPED 2023, Vienna, Austria, August 7-8, 2023, pages 1–6. IEEE, 2023.
  13. An optimization-theoretic approach for attacking physical unclonable functions. In Frank Liu, editor, Proceedings of the 35th International Conference on Computer-Aided Design, ICCAD 2016, Austin, TX, USA, November 7-10, 2016, page 45. ACM, 2016.
  14. Security analysis of arbiter PUF and its lightweight compositions under predictability test. ACM Trans. Design Autom. Electr. Syst., 22(2):20:1–20:28, 2017.
  15. The interpose PUF: secure PUF design against state-of-the-art machine learning attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2019(4):243–290, 2019.
  16. Modeling attacks on physical unclonable functions. In Ehab Al-Shaer, Angelos D. Keromytis, and Vitaly Shmatikov, editors, Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010, pages 237–249. ACM, 2010.
  17. Physical unclonable functions for device authentication and secret key generation. In Proceedings of the 44th Design Automation Conference, DAC 2007, San Diego, CA, USA, June 4-8, 2007, pages 9–14. IEEE, 2007.
  18. Combining optimization objectives: New modeling attacks on strong pufs. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2021(2):357–389, 2021.
  19. PUF modeling attack using active learning. In IEEE International Symposium on Circuits and Systems, ISCAS 2018, 27-30 May 2018, Florence, Italy, pages 1–5. IEEE, 2018.
  20. Why attackers lose: design and security analysis of arbitrarily large XOR arbiter pufs. J. Cryptogr. Eng., 9(3):221–230, 2019.
  21. Short paper: XOR arbiter pufs have systematic response bias. In Joseph Bonneau and Nadia Heninger, editors, Financial Cryptography and Data Security - 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10-14, 2020 Revised Selected Papers, volume 12059 of Lecture Notes in Computer Science, pages 50–57. Springer, 2020.
  22. Neural network modeling attacks on arbiter-puf-based designs. IEEE Trans. Inf. Forensics Secur., 17:2719–2731, 2022.

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Collections

Sign up for free to add this paper to one or more collections.

Sign Up