Physical Unclonable Functions (PUFs) are promising security primitives for
resource-constrained IoT devices. And the XOR Arbiter PUF (XOR-PUF) is one of
the most studied PUFs, out of an effort to improve the resistance against
machine learning attacks of probably the most lightweight delay-based PUFs -
the Arbiter PUFs. However, recent attack studies reveal that even XOR-PUFs with
large XOR sizes are still not safe against machine learning attacks. Increasing
PUF stages or components and using different challenges for different
components are two ways to improve the security of APUF-based PUFs, but more
stages or components lead to more hardware cost and higher operation power, and
different challenges for different components require the transmission of more
bits during operations, which also leads to higher power consumption. In this
paper, we present a strategy that combines the choice of XOR Arbiter PUF
(XOR-PUF) architecture parameters with the way XOR-PUFs are used to achieve
lightweights in hardware cost and energy consumption as well as security
against machine learning attacks. Experimental evaluations show that with the
proposed strategy, highly lightweight component-differentially challenged
XOR-PUFs can withstand the most powerful machine learning attacks developed so
far and maintain excellent intra-device and inter-device performance, rendering
this strategy a potential blueprint for the fabrication and use of XOR-PUFs for
resource-constrained IoT applications.Comment: arXiv admin note: text overlap with arXiv:2206.0131