Delay model and machine learning exploration of a hardware-embedded delay PUF (original) (raw)
Related papers
Advancing PUF Security: Machine Learning-Assisted Modeling Attacks
2024
Physically Unclonable Functions (PUFs) works as an essential component for hardware security, using their inherent unpredictability to prevent unauthorized access. However, arbiter PUFs, which are widely used, are sensitive to modeling attacks, especially when applying machine learning methods.This study shows the usefulness of various machine learning algorithms in compromising the security of arbiter-PUFs. For this study, we review at how effectively Logistic Regression, K-nearest Neighbor, naïve bayess, Gradient Boosting, and Random Forest Classifiers can predict PUF reactions. We make use of a dataset of 12,000 challenge-response pairs (CRPs) for a 64-stage arbiter-PUF. The Random Forest Classifier emerged as the most proficient, yielding the best accuracy in duplicating the arbiter-PUF's behavior with 89% in the attack part. To address this problem, a defense mechanism that integrates random fluctuations into the challenge bits with the purpose of undermining the prediction powers of the machine learning models was developed. Our findings reveal a significant reduction in attack accuracy following the adoption of protection measures, highlighting the potential of noise injection as a technique to increase PUF security with the accuracy of 81%. The conclusions of this research not only underline the vital need for effective defense strategies against machine learning attacks on PUFs but also offer a feasible strategy to defending these crucial security components.
Reliable Delay Based Algorithm to Boost PUF Security Against Modeling Attacks
Information
Silicon Physical Unclonable Functions (sPUFs) are one of the security primitives and state-of-the-art topics in hardware-oriented security and trust research. This paper presents an efficient and dynamic ring oscillator PUFs (d-ROPUFs) technique to improve sPUFs security against modeling attacks. In addition to enhancing the Entropy of weak ROPUF design, experimental results show that the proposed d-ROPUF technique allows the generation of larger and updated challenge-response pairs (CRP space) compared with simple ROPUF. Additionally, an innovative hardware-oriented security algorithm, namely, the Optimal Time Delay Algorithm (OTDA), is proposed. It is demonstrated that the OTDA algorithm significantly improves PUF reliability under varying operating conditions. Further, it is shown that the OTDA further efficiently enhances the d-ROPUF capability to generate a considerably large set of reliable secret keys to protect the PUF structure from new cyber-attacks, including machine lear...
A Novel Modeling-Attack Resilient Arbiter-PUF Design
34th International Conference on VLSI Design and 2021 20th International Conference on Embedded Systems (VLSID), 2021
Physically Unclonable Functions (PUFs) have been considered as promising lightweight primitives for random number generation and device authentication. Thanks to the imperfections occurring during the fabrication process of integrated circuits, each PUF generates a unique signature which can be used for chip identification. Although supposed to be unclonable, PUFs have been shown to be vulnerable to modeling attacks where a set of collected challenge response pairs are used for training a machine learning model to predict the PUF response to unseen challenges. Challenge obfuscation has been proposed to tackle the modeling attacks in recent years. However, knowing the obfuscation algorithm can help the adversary to model the PUF. This paper proposes a modeling-resilient arbiter-PUF architecture that benefits from the randomness provided by PUFs in concealing the obfuscation scheme. The experimental results confirm the effectiveness of the proposed structure in countering PUF modeling attacks.
Attacking Arbiter PUFs Using Various Modeling Attack Algorithms: A Comparative Study
2018 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), 2018
Physical Unclonable Function (PUF) is becoming popular in the era of the internet of things (IoT) due to its lightweight implementation and unique feature of physically unclonable capability. However, it has been shown that PUF can be venerable to modeling attacks using machine learning based algorithms. For example, logic regression (LR) is used as an effective attack method to break Arbiter PUF (APUF) design. In this paper, we investigate the effectiveness of three different machine learning algorithms, including LR, Naï ve Bayes, and AdaBoost, on attacking APUF design. A comparison of experimental results between theses algorithms is presented. The results show that the performance of the algorithms is related to the number of training data, the noise level involved in the APUF design and the number of stages in the generation of each bit response. It is found that the performance of LR is worse for a small number of data compared to the Naï ve Bayes and AdaBoost algorithms.
Leveraging Distributions in Physical Unclonable Functions
Cryptography
A special class of Physical Unclonable Functions (PUFs) referred to as strong PUFs can be used in novel hardware-based authentication protocols. Strong PUFs are required for authentication because the bit strings and helper data are transmitted openly by the token to the verifier, and therefore are revealed to the adversary. This enables the adversary to carry out attacks against the token by systematically applying challenges and obtaining responses in an attempt to machine learn, and later predict, the token's response to an arbitrary challenge. Therefore, strong PUFs must both provide an exponentially large challenge space and be resistant to machine-learning attacks in order to be considered secure. We investigate a transformation called temperature-voltage compensation (TVCOMP), which is used within the Hardware-Embedded Delay PUF (HELP) bit string generation algorithm. TVCOMP increases the diversity and unpredictability of the challenge-response space, and therefore increases resistance to model-building attacks. HELP leverages within-die variations in path delays as a source of random information. TVCOMP is a linear transformation designed specifically for dealing with changes in delay introduced by adverse temperature-voltage (environmental) variations. In this paper, we show that TVCOMP also increases entropy and expands the challenge-response space dramatically.
Modeling attack resistant strong physical unclonable functions : design and applications
2021
Physical unclonable functions (PUFs) have great promise as hardware authentication primitives due to their physical unclonability, high resistance to reverse engineering, and difficulty of mathematical cloning. Strong PUFs are distinguished by an exponentially large number of challenge-response pairs (CRPs), in contrast with weak PUFs that have a smaller CRP set. Because the adversary cannot create an enumeration clone by recording all CRPs even when in physical possession of a PUF, strong PUFs enable secure direct authentication, that does not require cryptography and are thus attractive to low-energy and IoT applications. The first contribution of this dissertation is the design of a strong silicon PUF resistant to machine learning (ML) attacks. For a strong PUF to be an effective security primitive, the CRPs need to be unpredictable: given a set of known CRPs, it should be difficult to predict the unobserved CRPs. Otherwise, an adversary can succeed in an attack based on building...
Performance evaluation of Physically Unclonable Function by delay statistics
2011 IEEE 9th International New Circuits and systems conference, 2011
This paper presents a novel approach to evaluate silicon Physically Unclonable Functions (PUFs) implemented in FPGAs and based on delay elements. The metrics studied to characterize the PUFs are Randomness, Uniqueness and Steadiness. They take advantage of the measured physical values of elementary component making up the PUF. The delay distributions provide the interest to quantify the PUF at the physical level rather than carrying out a lot of experiments to get the PUF IDs at logical level. An Arbiter PUF composed of identical chains has been considered as a test chip to evaluate the method with the proposed metrics. Experiments have been carried out on CYCLONE II FPGA and the corresponding results shows the intra-device performance of the studied PUF.
A 0.16pJ/bit recurrent neural network based PUF for enhanced machine learning attack resistance
Proceedings of the 24th Asia and South Pacific Design Automation Conference, 2019
Physically Unclonable Function (PUF) circuits are finding widespread use due to increasing adoption of IoT devices. However, the existing strong PUFs such as Arbiter PUFs (APUF) and its compositions are susceptible to machine learning (ML) attacks because the challenge-response pairs have a linear relationship. In this paper, we present a Recurrent-Neural-Network PUF (RNN-PUF) which uses a combination of feedback and XOR function to significantly improve resistance to ML attack, without significant reduction in the reliability. ML attack is also partly reduced by using a shared comparator with offset-cancellation to remove bias and save power. From simulation results, we obtain ML attack accuracy of 62% for different ML algorithms, while reliability stays above 93%. This represents a 33.5% improvement in our Figure-of-Merit. Power consumption is estimated to be 12.3µW with energy/bit of ≈ 0.16pJ.
Analysis of Entropy in a Hardware-Embedded Delay PUF
Cryptography
The magnitude of the information content associated with a particular implementation of a Physical Unclonable Function (PUF) is critically important for security and trust in emerging Internet of Things (IoT) applications. Authentication, in particular, requires the PUF to produce a very large number of challenge-response-pairs (CRPs) and, of even greater importance, requires the PUF to be resistant to adversarial attacks that attempt to model and clone the PUF (model-building attacks). Entropy is critically important to the model-building resistance of the PUF. A variety of metrics have been proposed for reporting Entropy, each measuring the randomness of information embedded within PUF-generated bitstrings. In this paper, we report the Entropy, MinEntropy, conditional MinEntropy, Interchip hamming distance and National Institute of Standards and Technology (NIST) statistical test results using bitstrings generated by a Hardware-Embedded Delay PUF called HELP. The bitstrings are generated from data collected in hardware experiments on 500 copies of HELP implemented on a set of Xilinx Zynq 7020 SoC Field Programmable Gate Arrays (FPGAs) subjected to industrial-level temperature and voltage conditions. Special test cases are constructed which purposely create worst case correlations for bitstring generation. Our results show that the processes proposed within HELP to generate bitstrings add significantly to their Entropy, and show that classical re-use of PUF components, e.g., path delays, does not result in large Entropy losses commonly reported for other PUF architectures.
Countering PUF Modeling Attacks through Adversarial Machine Learning
IEEE Computer Society Annual Symposium on VLSI (ISVLSI), 2021
A Physically Unclonable Function (PUF) is an effective option for device authentication, especially for IoT frameworks with resource-constrained devices. However, PUFs are vulnerable to modeling attacks which build a PUF model using a small subset of its Challenge-Response Pairs (CRPs). We propose an effective countermeasure against such an attack by employing adversarial machine learning techniques that introduce errors (poison) to the adversary's model. The approach intermittently provides wrong response for the fed challenges. Coordination among the communicating parties is pursued to prevent the poisoned CRPs from causing the device authentication to fail. The experimental results extracted for a PUF implemented on FPGA demonstrate the efficacy of the proposed approach in thwarting modeling attacks. We also discuss the resiliency of the proposed scheme against impersonation and Sybil attacks.