Journal of Cryptographic Engineering

, Volume 7, Issue 2, pp 113–128 | Cite as

Having no mathematical model may not secure PUFs

  • Fatemeh Ganji
  • Shahin Tajik
  • Fabian Fäßler
  • Jean-Pierre Seifert
CHES 2016


Although numerous attacks revealed the vulnerability of different PUF families to noninvasive machine learning (ML) attacks, the question is still open whether all PUFs might be learnable. Until now, virtually all ML attacks rely on the assumption that a mathematical model of the PUF functionality is known a priori. However, this is not always the case, and attention should be paid to this important aspect of ML attacks. This paper aims to address this issue by providing a provable framework for ML attacks against a PUF family, whose underlying mathematical model is unknown. We prove that this PUF family is inherently vulnerable to our novel probably approximately correct learning framework. We apply our ML algorithm on the Bistable Ring PUF (BR-PUF) family, which is one of the most interesting and prime examples of a PUF with an unknown mathematical model. We practically evaluate our ML algorithm through extensive experiments on BR-PUFs implemented on field-programmable gate arrays. In line with our theoretical findings, our experimental results strongly confirm the effectiveness and applicability of our attack. This is also interesting since our complex proof heavily relies on the spectral properties of Boolean functions, which are known to hold only asymptotically. Along with this proof, we further provide the theorem that all PUFs must have some challenge bit positions, which have larger influences on the responses than other challenge bits.


Physically unclonable functions (PUFs) Machine learning PAC learning Boosting technique Fourier analysis 



We would like to thank Prof. Dr. Frederik Armknecht for the fruitful discussion as well as pointing out the Siegenthaler’s paper. We acknowledge the effort made by Julian Fietkau, who has prepared the experimental setup required to do the K-junta test. Furthermore, the authors greatly appreciate the support that they received from Helmholtz Research School on Security Technologies.


  1. 1.
    Matlab–The Language of Technical Computing.
  2. 2.
    Almuallim, H., Dietterich, T.G.: Learning with many irrelevant features. In: Proceedings of the Ninth National Conference on Artificial Intelligence (1991)Google Scholar
  3. 3.
    Altera: Cyclone IV Device Handbook. Altera Corporation, San Jose (2014)Google Scholar
  4. 4.
    Angluin, D.: Queries and concept learning. Mach. Learn. 2(4), 319–342 (1988)MathSciNetGoogle Scholar
  5. 5.
    Armknecht, F., Maes, R., Sadeghi, A., Standaert, O.X., Wachsmann, C.: A formalization of the security features of physical functions. In: 2011 IEEE Symposium on Security and Privacy (SP), pp 397–412 (2011)Google Scholar
  6. 6.
    Armknecht, F., Moriyama, D., Sadeghi, A.R., Yung, M.: Towards a unified security model for physically unclonable functions. In: Topics in Cryptology-CT-RSA 2016: The Cryptographers’ Track at the RSA Conference, vol. 9610, p. 271. Springer (2016)Google Scholar
  7. 7.
    Arvind, V., Köbler, J., Lindner, W.: Parameterized learnability of K-juntas and related problems. In: Algorithmic Learning Theory, pp. 120–134. Springer (2007)Google Scholar
  8. 8.
    Blum, A.L., Langley, P.: Selection of relevant features and examples in machine learning. Artif. Intell. 97(1), 245–271 (1997)MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Blumer, A., Ehrenfeucht, A., Haussler, D., Warmuth, M.K.: Learnability and the Vapnik–Chervonenkis dimension. J. ACM 36(4), 929–965 (1989)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Bshouty, N.H., Jackson, J.C., Tamon, C.: Uniform-distribution attribute noise learnability. Inf. Comput. 187(2), 277–290 (2003)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Chen, Q., Csaba, G., Lugli, P., Schlichtmann, U., Rührmair, U.: The Bistable Ring PUF: a new architecture for strong physical unclonable functions. In: 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 134–141. IEEE (2011)Google Scholar
  12. 12.
    Ehrenfeucht, A., Haussler, D., Kearns, M., Valiant, L.: A general lower bound on the number of examples needed for learning. Inf. Comput. 82(3), 247–261 (1989)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Fischer, P., Simon, H.U.: On learning ring-sum-expansions. SIAM J. Comput. 21(1), 181–192 (1992)MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    Freund, Y.: Boosting a weak learning algorithm by majority. Inf. Comput. 121(2), 256–285 (1995)MathSciNetCrossRefMATHGoogle Scholar
  15. 15.
    Freund, Y., Schapire, R.E.: A decision-theoretic generalization of on-line learning and an application to boosting. J. Comput. Syst. Sci. 55(1), 119–139 (1997)MathSciNetCrossRefMATHGoogle Scholar
  16. 16.
    Friedgut, E.: Boolean functions with low average sensitivity depend on few coordinates. Combinatorica 18(1), 27–35 (1998)MathSciNetCrossRefMATHGoogle Scholar
  17. 17.
    Ganji, F., Tajik, S., Fäßler, F., Seifert, J.P.: Strong machine learning attack against PUFs with no mathematical model. In: International Conference on Cryptographic Hardware and Embedded Systems—CHES 2016, pp. 391–411. Springer (2016)Google Scholar
  18. 18.
    Ganji, F., Tajik, S., Seifert, J.P.: Let me prove it to you: RO PUFs are provably learnable. In: The 18th Annual International Conference on Information Security and Cryptology (2015)Google Scholar
  19. 19.
    Ganji, F., Tajik, S., Seifert, J.P.: Why attackers win: on the learnability of XOR arbiter PUFs. In: Trust and Trustworthy Computing, pp. 22–39. Springer (2015)Google Scholar
  20. 20.
    Ganji, F., Tajik, S., Seifert, J.P.: PAC learning of arbiter PUFs. J. Cryptogr. Eng. 6(3), 249–258 (2016)CrossRefGoogle Scholar
  21. 21.
    Gassend, B., Clarke, D., Van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 148–160 (2002)Google Scholar
  22. 22.
    Goldreich, O.: Property Testing: Current Research and Surveys, vol. 6390. Springer, Berlin (2010)MATHGoogle Scholar
  23. 23.
    Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Cryptographic Hardware and Embedded Systems—CHES 2007, pp. 63–80. Springer (2007)Google Scholar
  24. 24.
    Guijarro, D., Tarui, J., Tsukiji, T.: Finding relevant variables in PAC model with membership queries. In: International Conference on Algorithmic Learning Theory, pp. 313–322. Springer (1999)Google Scholar
  25. 25.
    Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA data mining software: an update. ACM SIGKDD Explor. Newsl. 11(1), 10–18 (2009)CrossRefGoogle Scholar
  26. 26.
    Helfmeier, C., Boit, C., Nedospasov, D., Seifert, J.P.: Cloning physically unclonable functions. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 1–6 (2013)Google Scholar
  27. 27.
    Helfmeier, C., Nedospasov, D., Tarnovsky, C., Krissler, J.S., Boit, C., Seifert, J.P.: Breaking and entering through the silicon. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 733–744. ACM (2013)Google Scholar
  28. 28.
    Helmbold, D., Sloan, R., Warmuth, M.K.: Learning integer lattices. SIAM J. Comput. 21(2), 240–266 (1992)MathSciNetCrossRefMATHGoogle Scholar
  29. 29.
    Holcomb, D.E., Burleson, W.P., Fu, K.: Initial SRAM state as a fingerprint and source of true random numbers for RFID tags. In: Proceedings of the Conference on RFID Security, vol. 7 (2007)Google Scholar
  30. 30.
    Kahn, J., Kalai, G., Linial, N.: The influence of variables on Boolean functions. In: 29th Annual Symposium on Foundations of Computer Science, pp. 68–80. IEEE (1988)Google Scholar
  31. 31.
    Kalai, A., Servedio, R.A.: Boosting in the presence of noise. In: Proceedings of the Thirty-Fifth Annual ACM Symposium on Theory of Computing, pp. 195–205. ACM (2003)Google Scholar
  32. 32.
    Kalai, G., Safra, S.: Threshold phenomena and influence: perspectives from mathematics, computer science, and economics. In: Computational Complexity and Statistical Physics, Santa Fe Institute Studies in the Science of Complexity, pp. 25–60 (2006)Google Scholar
  33. 33.
    Kearns, M.J., Vazirani, U.V.: An Introduction to Computational Learning Theory. MIT Press, Cambridge (1994)Google Scholar
  34. 34.
    Koushanfar, F.: Hardware metering: a survey. In: Tehranipoor, M., Wang, C. (eds.) Introduction to Hardware Security and Trust, pp. 103–122. Springer, New York (2012)CrossRefGoogle Scholar
  35. 35.
    Lee, J.W., Lim, D., Gassend, B., Suh, G.E., Van Dijk, M., Devadas, S.: A technique to build a secret key in integrated circuits for identification and authentication applications. In: 2004 Symposium on VLSI Circuits, 2004. Digest of Technical Papers, pp. 176–179 (2004)Google Scholar
  36. 36.
    Linial, N., Mansour, Y., Rivest, R.L.: Results on learnability and the Vapnik–Chervonenkis dimension. Inf. Comput. 90(1), 33–49 (1991)MathSciNetCrossRefMATHGoogle Scholar
  37. 37.
    Maes, R.: Physically Unclonable Functions: Constructions, Properties and Applications. Springer, Berlin (2013)CrossRefMATHGoogle Scholar
  38. 38.
    Maes, R., van der Leest, V., van der Sluis, E., Willems, F.: Secure key generation from biased PUFs. In: Cryptographic Hardware and Embedded Systems—CHES 2015, pp. 517–534. Springer (2015)Google Scholar
  39. 39.
    Mossel, E., O’Donnell, R., Servedio, R.A.: Learning functions of k relevant variables. J. Comput. Syst. Sci. 69(3), 421–434 (2004)MathSciNetCrossRefMATHGoogle Scholar
  40. 40.
    O’Donnell, R.: Analysis of Boolean Functions. Cambridge University Press, Cambridge (2014)CrossRefMATHGoogle Scholar
  41. 41.
    Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002)CrossRefGoogle Scholar
  42. 42.
    Parnas, M., Ron, D., Samorodnitsky, A.: Proclaiming dictators and juntas or testing Boolean formulae. In: Goemans, M., Jansen, K., Rolim, J.D.P., Trevisan, L. (eds.) Approximation, Randomization, and Combinatorial Optimization: Algorithms and Techniques, pp. 273–285. Springer, Berlin (2001)CrossRefGoogle Scholar
  43. 43.
    Rivest, R.L.: Learning decision lists. Mach. Learn. 2(3), 229–246 (1987)Google Scholar
  44. 44.
    Ron, D., Rubinfeld, R., Safra, M., Samorodnitsky, A., Weinstein, O.: Approximating the influence of monotone Boolean functions in \(O(\sqrt{n})\) query complexity. ACM Trans. Comput. Theory (TOCT) 4(4), 11 (2012)MATHGoogle Scholar
  45. 45.
    Rührmair, U., Busch, H., Katzenbeisser, S.: Strong PUFs: models, constructions, and security proofs. In: Sadeghi, A.R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security, pp. 79–96. Springer, Berlin (2010)CrossRefGoogle Scholar
  46. 46.
    Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 237–249 (2010)Google Scholar
  47. 47.
    Saha, I., Jeldi, R.R., Chakraborty, R.S.: Model building attacks on physically unclonable functions using genetic programming. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 41–44. IEEE (2013)Google Scholar
  48. 48.
    Schapire, R.E.: The strength of weak learnability. Mach. Learn. 5(2), 197–227 (1990)Google Scholar
  49. 49.
    Schapire, R.E., Freund, Y.: Boosting: Foundations and Algorithms. MIT Press, Cambridge (2012)MATHGoogle Scholar
  50. 50.
    Schuster, D., Hesselbarth, R.: Evaluation of Bistable Ring PUFs using single layer neural networks. In: Holz, T., Ioannidis, S. (eds.) Trust and Trustworthy Computing, pp. 101–109. Springer, Switzerland (2014)Google Scholar
  51. 51.
    Servedio, R.A., Tan, L.Y., Wright, J.: Adaptivity helps for testing juntas. In: Proceedings of the 30th Conference on Computational Complexity, pp. 264–279 (2015)Google Scholar
  52. 52.
    Siegenthaler, T.: Correlation-immunity of nonlinear combining functions for cryptographic applications (corresp.). IEEE Trans. Inf. Theory 30(5), 776–780 (1984)MathSciNetCrossRefMATHGoogle Scholar
  53. 53.
    Tajik, S., Dietz, E., Frohmann, S., Seifert, J.P., Nedospasov, D., Helfmeier, C., Boit, C., Dittrich, H.: Physical characterization of arbiter PUFs. In: Cryptographic Hardware and Embedded Systems—CHES 2014, pp. 493–509. Springer (2014)Google Scholar
  54. 54.
    Vapnik, V.: Estimation of Dependences Based on Empirical Data: Springer Series in Statistics. Springer, New York (1982)MATHGoogle Scholar
  55. 55.
    Vapnik, V., Chervonenkis, A.Y.: On the uniform convergence of relative frequencies of events to their probabilities. Theory Probab. Appl. 16(2), 264 (1971)CrossRefMATHGoogle Scholar
  56. 56.
    Weste, N.H.E., Harris, D.: CMOS VLSI Design: A Circuits and Systems Perspective, 4th edn. Addison Wesley, Reading (2010)Google Scholar
  57. 57.
    Xu, X., Rührmair, U., Holcomb, D.E., Burleson, W.P.: Security evaluation and enhancement of Bistable Ring PUFs. In: Radio Frequency Identification, pp. 3–16. Springer (2015)Google Scholar
  58. 58.
    Yamamoto, D., Takenaka, M., Sakiyama, K., Torii, N.: Security evaluation of Bistable Ring PUFs on FPGAs using differential and linear analysis. In: 2014 Federated Conference on Computer Science and Information Systems (FedCSIS), pp. 911–918 (2014)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  • Fatemeh Ganji
    • 1
  • Shahin Tajik
    • 1
  • Fabian Fäßler
    • 1
  • Jean-Pierre Seifert
    • 1
  1. 1.Security in Telecommunications, Department of Software Engineering and Theoretical Computer ScienceTechnische Universität BerlinBerlinGermany

Personalised recommendations