18 research outputs found
Lightweight Silicon-based Security: Concept, Implementations, and Protocols
Advancement in cryptography over the past few decades has enabled a spectrum of security mechanisms and protocols for many applications. Despite the algorithmic security of classic cryptography, there are limitations in application and implementation of standard security methods in ultra-low energy and resource constrained
systems. In addition, implementations of standard cryptographic methods can be
prone to physical attacks that involve hardware level invasive or non-invasive attacks.
Physical unclonable functions (PUFs) provide a complimentary security paradigm for a number of application spaces where classic cryptography has shown to be inefficient or inadequate for the above reasons. PUFs rely on intrinsic device-dependent
physical variation at the microscopic scale. Physical variation results from imperfection
and random fluctuations during the manufacturing process which impact each device’s characteristics in a unique way. PUFs at the circuit level amplify and capture
variation in electrical characteristics to derive and establish a unique device-dependent
challenge-response mapping.
Prior to this work, PUF implementations were unsuitable for low power applications
and vulnerable to wide range of security attacks. This doctoral thesis presents a coherent framework to derive formal requirements to design architectures and protocols
for PUFs. To the best of our knowledge, this is the first comprehensive work that
introduces and integrates these pieces together. The contributions include an introduction
of structural requirements and metrics to classify and evaluate PUFs, design
of novel architectures to fulfill these requirements, implementation and evaluation of
the proposed architectures, and integration into real-world security protocols.
First, I formally define and derive a new set of fundamental requirements and
properties for PUFs. This work is the first attempt to provide structural requirements
and guideline for design of PUF architectures. Moreover, a suite of statistical properties of PUF responses and metrics are introduced to evaluate PUFs.
Second, using the proposed requirements, new and efficient PUF architectures are
designed and implemented on both analog and digital platforms. In this work, the
most power efficient and smallest PUF known to date is designed and implemented on ASICs that exploits analog variation in sub-threshold leakage currents of MOS
devices. On the digital platform, the first successful implementation of Arbiter-PUF on FPGA was accomplished in this work after years of unsuccessful attempts by the research community. I introduced a programmable delay tuning mechanism with pico-second resolution which serves as a key component in implementation of the
Arbiter-PUF on FPGA. Full performance analysis and comparison is carried out through comprehensive device simulations as well as measurements performed on a
population of FPGA devices.
Finally, I present the design of low-overhead and secure protocols using PUFs for integration in lightweight identification and authentication applications. The new protocols are designed with elegant simplicity to avoid the use of heavy hash operations
or any error correction. The first protocol uses a time bound on the authentication process while second uses a pattern-matching index-based method to thwart reverseengineering
and machine learning attacks. Using machine learning methods during
the commissioning phase, a compact representation of PUF is derived and stored in a database for authentication
Techniques for design and implementation of physically unclonable functions
Physically unclonable functions (PUFs) provide a basis for many security, and digital rights management protocols. PUFs exploit the unclonable and unique manufacturing variability of silicon devices to establish a secret. However, as we will demonstrate in this work, the classic delay-based PUF structures have a number of drawbacks including susceptibility to prediction, reverse engineering, man-in-the-middle and emulation attacks, as well as sensitivity to operational and environmental variations.
To address these limitations, we have developed a new set of techniques for design and implementation of PUF. We design a secure PUF architecture and show how to predict response errors as well as to compress the challenge/responses in database. We further demonstrate applications where PUFs on reconfigurable FPGA platforms can be exploited for privacy protection. The effectiveness of the proposed techniques is validated using extensive implementations, simulations, and statistical analysis
Slender PUF Protocol: A lightweight, robust, and secure authentication by substring matching
We introduce Slender PUF protocol, an efficient
and secure method to authenticate the responses
generated from a Strong Physical Unclonable Function
(PUF). The new method is lightweight, and suitable for
energy constrained platforms such as ultra-low power embedded
systems for use in identification and authentication
applications. The proposed protocol does not follow the
classic paradigm of exposing the full PUF responses (or
a transformation of the full string of responses) on the
communication channel. Instead, random subsets of the
responses are revealed and sent for authentication. The
response patterns are used for authenticating the prover
device with a very high probability.We perform a thorough
analysis of the method’s resiliency to various attacks
which guides adjustment of our protocol parameters for
an efficient and secure implementation. We demonstrate
that Slender PUF protocol, if carefully designed, will be
resilient against all known machine learning attacks. In
addition, it has the great advantage of an inbuilt PUF error
tolerance. Thus, Slender PUF protocol is lightweight and
does not require costly additional error correction, fuzzy
extractors, and hash modules suggested in most previously
known PUF-based robust authentication techniques. The
low overhead and practicality of the protocol are confirmed
by a set of hardware implementation and evaluations
Combined Modeling and Side Channel Attacks on Strong PUFs
Physical Unclonable Functions (PUFs) have established themselves
in the scientific literature, and are also gaining ground
in commercial applications. Recently, however, several attacks
on PUF core properties have been reported. They concern
their physical and digital unclonability, as well as their
assumed resilience against invasive or side channel attacks.
In this paper, we join some of these techniques in order
to further improve their effectiveness. The combination of
machine-learning based modeling techniques with side channel
information allows us to attack so-called XOR Arbiter
PUFs and Lightweight PUFs up to a size and complexity
that was previously out of reach. For Lightweight PUFs,
for example, we report successful attacks for bitlengths of
64, 128 and 256, and for up to nine single Arbiter PUFs
whose output is XORed. Previous work at CCS 2010 and
IEEE TIFS 2013, which provides the currently most efficient
modeling results, had only been able to attack this structure
for up to five XORs and bitlength 64.
Our attack employs the first power side channel (PSC) for
Strong PUFs in the literature. This PSC tells the attacker
the number of single Arbiter PUF within an XOR Arbiter
PUF or Lightweight PUF architecture that are zero or one.
This PSC is of little value if taken by itself, but strongly
improves an attacker’s capacity if suitably combined with
modeling techniques. At the end of the paper, we discuss efficient
and simple countermeasures against this PSC, which
could be used to secure future PUF generations
A Fourier Analysis Based Attack against Physically Unclonable Functions
Electronic payment systems have leveraged the advantages offered by the RFID technology, whose security is promised to be improved by applying the notion of Physically Unclonable Functions (PUFs). Along with the evolution of PUFs, numerous successful attacks against PUFs have been proposed in the literature. Among these are machine learning (ML) attacks, ranging from heuristic approaches to provable algorithms, that have attracted great attention. Our paper pursues this line of research by introducing a Fourier analysis based attack against PUFs. More specifically, this paper focuses on two main aspects of ML attacks, namely being provable and noise tolerant. In this regard, we prove that our attack is naturally integrated into a provable Probably Approximately Correct (PAC) model. Moreover, we show that our attacks against known PUF families are effective and applicable even in the presence of noise. Our proof relies heavily on the intrinsic properties of these PUF families, namely arbiter, Ring Oscillator (RO), and Bistable Ring (BR) PUF families. We believe that our new style of ML algorithms, which take advantage of the Fourier analysis principle, can offer better measures of PUF security