277 research outputs found
Combined Modeling and Side Channel Attacks on Strong PUFs
Physical Unclonable Functions (PUFs) have established themselves
in the scientific literature, and are also gaining ground
in commercial applications. Recently, however, several attacks
on PUF core properties have been reported. They concern
their physical and digital unclonability, as well as their
assumed resilience against invasive or side channel attacks.
In this paper, we join some of these techniques in order
to further improve their effectiveness. The combination of
machine-learning based modeling techniques with side channel
information allows us to attack so-called XOR Arbiter
PUFs and Lightweight PUFs up to a size and complexity
that was previously out of reach. For Lightweight PUFs,
for example, we report successful attacks for bitlengths of
64, 128 and 256, and for up to nine single Arbiter PUFs
whose output is XORed. Previous work at CCS 2010 and
IEEE TIFS 2013, which provides the currently most efficient
modeling results, had only been able to attack this structure
for up to five XORs and bitlength 64.
Our attack employs the first power side channel (PSC) for
Strong PUFs in the literature. This PSC tells the attacker
the number of single Arbiter PUF within an XOR Arbiter
PUF or Lightweight PUF architecture that are zero or one.
This PSC is of little value if taken by itself, but strongly
improves an attacker’s capacity if suitably combined with
modeling techniques. At the end of the paper, we discuss efficient
and simple countermeasures against this PSC, which
could be used to secure future PUF generations
Power and Timing Side Channels for PUFs and their Efficient Exploitation
We discuss the first power and timing side channels
on Strong Physical Unclonable Functions (Strong PUFs) in the
literature, and describe their efficient exploitation via adapted
machine learning (ML) techniques. Our method is illustrated by
the example of the two currently most secure (CCS 2010, IEEE
T-IFS 2013) electrical Strong PUFs, so-called XOR Arbiter PUFs
and Lightweight PUFs. It allows us for the first time to tackle
these two architectures with a polynomial attack complexity.
In greater detail, our power and timing side channels provide
information on the single outputs of the many parallel Arbiter
PUFs inside an XOR Arbiter PUF or Lightweight PUF. They
indicate how many of these single outputs (in sum) were equal
to one (and how many were equal to zero) before the outputs
entered the final XOR gate. Taken for itself, this side channel
information is of little value, since it does not tell which of the
single outputs were zero or one, respectively. But we show that if
combined with suitably adapted machine learning techniques, it
allows very efficient attacks on the two above PUFs, i.e., attacks
that merely use linearly many challenge-response pairs and lowdegree
polynomial computation times. Without countermeasures,
the two PUFs can hence no longer be called secure, regardless of
their sizes. For comparison, the best-performing pure modeling
attacks on the above two PUFs are known to have an exponential
complexity (CCS 2010, IEEE T-IFS 2013).
The practical viability of new our attacks is firstly demonstrated
by ML experiments on numerically simulated CRPs. We
thereby confirm attacks on the two above PUFs for up to 16
XORs and challenge bitlengths of up to 512. Secondly, we execute
a full experimental proof-of-concept for our timing side channel,
successfully attacking FPGA-implementations of the two above
PUF types for 8, 12, and 16 XORs, and bitlengths 64, 128, 256
and 512. In earlier works (CCS 2010, IEEE T-IFS 2013), 8 XOR
architectures with bitlength 512 had been explicitly suggested as
secure and beyond the reach of foreseeable attacks.
Besides the abovementioned new power and timing side
channels, two other central innovations of our paper are our
tailormade, polynomial ML-algorithm that integrates the side
channel information, and the implementation of Arbiter PUF
variants with up to 16 XORs and bitlength 512 in silicon. To our
knowledge, such sizes have never been implemented before in the
literature. Finally, we discuss efficient countermeasures against
our power and timing side channels. They could and should be
used to secure future Arbiter PUF generations against the latter
Extended Abstract: Analysis of 1000 Arbiter PUF based RFID Tags
In this extended abstract a large-scale analysis of 4-
way Arbiter PUFs is performed with measurement results from
1000 RFID tags. Arbiter PUFs are one of the most important
building blocks in PUF-based protocols and have been the
subject of many papers. However, in the past often only software
simulations or a limited number of test chips were available for
analysis. Therefore, the goal of this work is to verify earlier
findings in regard to the uniqueness and reliability of Arbiter
PUFs by using a much larger measurement set. Furthermore, we
used machine learning algorithms to approximate and compare
the internal delay differences of the employed PUF. One of the
main research questions in this paper is to examine if any
“outliers” occurred, i.e., if some tags performed considerably
different. This might for example happen due to some unusual
manufacturing variations or faults. However, our findings are that
for all of the analyzed tags the parameters fell within the range
of a Gaussian distribution without significant outliers. Hence, our
results are indeed in line with the results of prior work
A noise bifurcation architecture for linear additive physical functions
Physical Unclonable Functions (PUFs) allow a silicon device to be authenticated based on its manufacturing variations using challenge/response evaluations. Popular realizations use linear additive functions as building blocks. Security is scaled up using non-linear mixing (e.g., adding XORs). Because the responses are physically derived and thus noisy, the resulting explosion in noise impacts both the adversary (which is desirable) as well as the verifier (which is undesirable). We present the first architecture for linear additive physical functions where the noise seen by the adversary and the noise seen by the verifier are bifurcated by using a randomized decimation technique and a novel response recovery method at an authentication verification server. We allow the adversary's noise η[subscript a] → 0.50 while keeping the verifier's noise η[subscript v] constant, using a parameter-based authentication modality that does not require explicit challenge/response pair storage at the server. We present supporting data using 28nm FPGA PUF noise results as well as machine learning attack results. We demonstrate that our architecture can also withstand recent side-channel attacks that filter the noise (to clean up training challenge/response labels) prior to machine learning
Segurança de computadores por meio de autenticação intrínseca de hardware
Orientadores: Guido Costa Souza de Araújo, Mario Lúcio Côrtes e Diego de Freitas AranhaTese (doutorado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Neste trabalho apresentamos Computer Security by Hardware-Intrinsic Authentication (CSHIA), uma arquitetura de computadores segura para sistemas embarcados que tem como objetivo prover autenticidade e integridade para código e dados. Este trabalho está divido em três fases: Projeto da Arquitetura, sua Implementação, e sua Avaliação de Segurança. Durante a fase de projeto, determinamos como integridade e autenticidade seriam garantidas através do uso de Funções Fisicamente Não Clonáveis (PUFs) e propusemos um algoritmo de extração de chaves criptográficas de memórias cache de processadores. Durante a implementação, flexibilizamos o projeto da arquitetura para fornecer diferentes possibilidades de configurações sem comprometimento da segurança. Então, avaliamos seu desempenho levando em consideração o incremento em área de chip, aumento de consumo de energia e memória adicional para diferentes configurações. Por fim, analisamos a segurança de PUFs e desenvolvemos um novo ataque de canal lateral que circunvê a propriedade de unicidade de PUFs por meio de seus elementos de construçãoAbstract: This work presents Computer Security by Hardware-Intrinsic Authentication (CSHIA), a secure computer architecture for embedded systems that aims at providing authenticity and integrity for code and data. The work encompassed three phases: Design, Implementation, and Security Evaluation. In design, we laid out the basic ideas behind CSHIA, namely, how integrity and authenticity are employed through the use of Physical Unclonable Functions (PUFs), and we proposed an algorithm to extract cryptographic keys from the intrinsic memories of processors. In implementation, we made CSHIA¿s design more flexible, allowing different configurations without compromising security. Then, we evaluated CSHIA¿s performance and overheads, such as area, energy, and memory, for multiple configurations. Finally, we evaluated security of PUFs, which led us to develop a new side-channel-based attack that enabled us to circumvent PUFs¿ uniqueness property through their architectural elementsDoutoradoCiência da ComputaçãoDoutor em Ciência da Computação2015/06829-2; 2016/25532-3147614/2014-7FAPESPCNP
Threat Analysis, Countermeaures and Design Strategies for Secure Computation in Nanometer CMOS Regime
Advancements in CMOS technologies have led to an era of Internet Of Things (IOT), where the devices have the ability to communicate with each other apart from their computational power. As more and more sensitive data is processed by embedded devices, the trend towards lightweight and efficient cryptographic primitives has gained significant momentum. Achieving a perfect security in silicon is extremely difficult, as the traditional cryptographic implementations are vulnerable to various active and passive attacks. There is also a threat in the form of hardware Trojans inserted into the supply chain by the untrusted third-party manufacturers for economic incentives. Apart from the threats in various forms, some of the embedded security applications such as random number generators (RNGs) suffer from the impacts of process variations and noise in nanometer CMOS. Despite their disadvantages, the random and unique nature of process variations can be exploited for generating unique identifiers and can be of tremendous use in embedded security.
In this dissertation, we explore techniques for precise fault-injection in cryptographic hardware based on voltage/temperature manipulation and hardware Trojan insertion. We demonstrate the effectiveness of these techniques by mounting fault attacks on state-of-the-art ciphers. Physically Unclonable Functions (PUFs) are novel cryptographic primitives for extracting secret keys from complex manufacturing variations in integrated circuits (ICs). We explore the vulnerabilities of some of the popular strong PUF architectures to modeling attacks using Machine Learning (ML) algorithms. The attacks use silicon data from a test chip manufactured in IBM 32nm silicon-on-insulator (SOI) technology. Attack results demonstrate that the majority of strong PUF architectures can be predicted to very high accuracies using limited training data. We also explore the techniques to exploit unreliable data from strong PUF architectures and effectively use them to improve the prediction accuracies of modeling attacks. Motivated by the vulnerabilities of existing PUF architectures, we present a novel modeling attack resistant PUF architecture based on non-linear computing elements. Post-silicon validation results are used to demonstrate the effectiveness of the non-linear PUF architecture against modeling and fault-injection attacks. Apart from the techniques to improve the security of PUF circuits, we also present novel solutions to improve the performance of PUF circuits from the perspectives of IC fabrication and system/protocol design. Finally, we present a statistical benchmark suite to evaluate PUFs in conceptualization phase and also to enable fine-grained security assessments for varying PUF parameters. Data compressibility analyses for validating the statistical benchmark suite are also presented
PUF authentication and key-exchange by substring matching
Mechanisms for operating a prover device and a verifier device so that the verifier device can verify the authenticity of the prover device. The prover device generates a data string by: (a) submitting a challenge to a physical unclonable function (PUF) to obtain a response string, (b) selecting a substring from the response string, (c) injecting the selected substring into the data string, and (d) injecting random bits into bit positions of the data string not assigned to the selected substring. The verifier: (e) generates an estimated response string by evaluating a computational model of the PUF based on the challenge; (f) performs a search process to identify the selected substring within the data string using the estimated response string; and (g) determines whether the prover device is authentic based on a measure of similarity between the identified substring and a corresponding substring of the estimated response string
- …