Why attackers lose: design and security analysis of arbitrarily large XOR arbiter PUFs

  • Nils WisiolEmail author
  • Marian Margraf
Regular Paper


In a novel analysis, we formally prove that arbitrarily many Arbiter PUFs can be combined into a stable XOR Arbiter PUF. To the best of our knowledge, this design cannot be modeled by any known oracle access attack in polynomial time. Using majority vote of arbiter chain responses, our analysis shows that with a polynomial number of votes, the XOR Arbiter PUF stability of almost all challenges can be boosted exponentially close to 1; that is, the stability gain through majority voting can exceed the stability loss introduced by large XORs for a feasible number of votes. Considering state-of-the-art modeling attacks by Becker and Rührmair et al., our proposal enables the designer to increase the attacker’s effort exponentially while still maintaining polynomial design effort. This is the first result that relates PUF design to this traditional cryptographic design principle.


Physically unclonable functions XOR Arbiter PUF Majority vote 



The authors would like to thank Christoph Graebnitz, Manuel Oswald, Tudor A. A. Soroceanu, and Benjamin Zengin for helpful comments and discussions.


  1. 1.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Standaert, F.-X., Wachsmann, C.: A formalization of the security features of physical functions. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 397–412. IEEE (2011)Google Scholar
  2. 2.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Sunar, B., Tuyls, P..: Memory leakage-resilient encryption based on physically unclonable functions. In: Matsui M (ed) Proceedings of the Advances in Cryptology–ASIACRYPT 2009: 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6–10, 2009, pp. 685–702. Springer, Berlin (2009)Google Scholar
  3. 3.
    Armknecht, F., Moriyama, D., Sadeghi, A.-R., Yung, M.: Towards a unified security model for physically unclonable functions. Proc. RSA Conf. Top. Cryptol. 9610, 271–287 (2016)MathSciNetzbMATHGoogle Scholar
  4. 4.
    Becker, G.T.: The gap between promise and reality: on the insecurity of XOR arbiter PUFs. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 535–555. Springer, Berlin (2015).
  5. 5.
    Berry, Andrew C.: The accuracy of the Gaussian approximation to the sum of independent variates. Trans. Am. Math. Soc. 49(1), 122–122 (1941)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Delvaux, J., Verbauwhede, I.: Side channel modeling attacks on 65nm arbiter PUFs exploiting CMOS device noise. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 137–142. IEEE (2013)Google Scholar
  7. 7.
    Delvaux, Jeroen, Verbauwhede, Ingrid: Fault injection modeling attacks on 65 nm arbiter and RO Sum PUFs via environmental changes. IEEE Trans. Circuits Syst. I: Regul. Pap. 61(6), 1701–1713 (2014)CrossRefGoogle Scholar
  8. 8.
    Devadas, S.: Physical unclonable functions (PUFS) and secure processors. In: Workshop on Cryptographic Hardware and Embedded Systems (2009)Google Scholar
  9. 9.
    Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and implementation of PUF-based “unclonable” RFID ICs for anti-counterfeiting and security applications. In: 2008 IEEE International Conference on RFID (Frequency Identification), IEEE RFID 2008, pp. 58–64 (2008)Google Scholar
  10. 10.
    Esseen, Carl-Gustaf: On the Liapounoff Limit of Error in the Theory of Probability. Almqvist & Wiksell, Stockholm (1942)zbMATHGoogle Scholar
  11. 11.
    Ganji, F., Krämer, J., Seifert, J.-P., Tajik, S.: Lattice basis reduction attack against physically unclonable functions. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1070–1080. ACM (2015)Google Scholar
  12. 12.
    Ganji, F., Tajik, S., Fäßler, F., Seifert, J.-P.: Strong machine learning attack against PUFs with no mathematical model. Lect. Notes Comput. Sci. (including subseries Lecture Notes in Arti cial Intelligence and Lecture Notes in Bioinformatics) 9813, 391–411 (2016)zbMATHGoogle Scholar
  13. 13.
    Ganji, F., Tajik, S., Seifert, J.-P.: Why attackers win: On the learnability of XOR arbiter PUFs. In: Trust and Trustworthy Computing, pp. 22–39. Springer (2015)Google Scholar
  14. 14.
    Ganji, Fatemeh, Tajik, Shahin, Seifert, Jean-Pierre: PAC learning of arbiter PUFs. J. Cryptogr. Eng. 6(3), 249–258 (2016)CrossRefGoogle Scholar
  15. 15.
    Gassend, B., Clarke, D., Van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 148–160. ACM (2002)Google Scholar
  16. 16.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Delay-based circuit authentication and applications. In: Proceedings of the 2003 ACM symposium on Applied computing-SAC ’03, pp. 294. ACM Press, New York (2003)Google Scholar
  17. 17.
    Gassend, Blaise, Lim, Daihyun, Clarke, Dwaine, Van Dijk, Marten, Devadas, Srinivas: Identification and authentication of integrated circuits. Concurrency and Computation: Practice and Experience 16(11), 1077–1098 (2004)CrossRefGoogle Scholar
  18. 18.
    Gassend, Blaise, Van Dijk, Marten, Clarke, Dwaine, Devadas, Srinivas: Controlled physical random functions. Secur. Noisy Data Priv. Biom. Secure Key Storage Anti-Count. 10(4), 235–253 (2007)Google Scholar
  19. 19.
    Guo, Q., Ye, J., Gong, Y., Hu, Y., Li, X.: Efficient attack on non-linear current mirror PUF with genetic algorithm. In: 2016 IEEE 25th Asian Test Symposium (ATS), pp. 49–54 (2016)Google Scholar
  20. 20.
    Kalyanaraman, M., Orshansky, M.: Novel strong PUF based on nonlinearity of MOSFET subthreshold operation. In: Proceedings of the 2013 IEEE International Symposium on Hardware-Oriented Security and Trust, HOST 2013, pp. 13–18 (2013)Google Scholar
  21. 21.
    Kumar, R., Burleson, W.: On design of a highly secure PUF based on non-linear current mirrors. In: 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 38–43. IEEE (2014)Google Scholar
  22. 22.
    Lim, D., Lee, J.W., Gassend, B., Suh, G.E., Van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Trans. Very Large Scale Integr. Syst. 13(10), 1200–1205 (2005)CrossRefGoogle Scholar
  23. 23.
    Lohrke, H., Tajik, S., Boit, C., Seifert, J.-P.: No place to hide: contactless probing of secret data on FPGAs. Cryptology ePrint Archive, Report 2016/593 (2016)Google Scholar
  24. 24.
    Majzoobi, M., Dyer, E., Elnably, A., Koushanfar, F.: Rapid FPGA delay characterization using clock synthesis and sparse sampling. In: IEEE International Test Conference (ITC), Austin, TX (2010)Google Scholar
  25. 25.
    Majzoobi, Mehrdad, Kharaya, Akshat, Koushanfar, Farinaz, Devadas, Srinivas: Automated design, implementation, and evaluation of arbiter-based PUF on FPGA using programmable delay lines. IACR Cryptol. 2014, 639 (2014)Google Scholar
  26. 26.
    Majzoobi, Mehrdad, Koushanfar, Farinaz, Srinivas, Devadas: FPGA PUF using programmable delay lines. IEEE Int. Workshop Inf. Forens. Secur. 2010, 2010 (2010)Google Scholar
  27. 27.
    Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Semi-invasive EM attack on FPGA RO PUFs and countermeasures. Workshop on Embedded Systems Security, pp. 1–9 (2011)Google Scholar
  28. 28.
    Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Side-channel analysis of PUFs and fuzzy extractors. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6740, pp. 33–47. LNCS (2011)Google Scholar
  29. 29.
    Nedospasov, D., Seifert, J.-P., Helfmeier, C., Boit, C.: Invasive PUF analysis. In: Proceedings-10th Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2013, pp. 30–38 (013)Google Scholar
  30. 30.
    Pappu, Ravikanth, Recht, Ben, Taylor, Jason, Gershenfeld, Neil: Physical one-way functions. Science 297(5589), 2026–2030 (2002)CrossRefGoogle Scholar
  31. 31.
    Ruhrmair, U., Martinez-Hurtado, J.L., Xu, X., Kraeh, C., Hilgers, C., Kononchuk, D., Finley, J.J., Burleson, W.P.: Virtual proofs of reality and their physical implementation. In: 2015 IEEE Symposium on Security and Privacy, vol. 2015-July, pp. 70–85. IEEE (2015 May)Google Scholar
  32. 32.
    Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 237–249. ACM (2010)Google Scholar
  33. 33.
    Rührmair, Ulrich, Sölter, Jan, Sehnke, Frank, Xiaolin, Xu, Mahmoud, Ahmed, Stoyanova, Vera, Dror, Gideon, Schmidhuber, Jürgen, Burleson, Wayne, Devadas, Srinivas: PUF modeling attacks on simulated and silicon data. IEEE Trans. Inf. Forens. Secur. 8(11), 1876–1891 (2013)CrossRefGoogle Scholar
  34. 34.
    Rührmair, Ulrich, Xiaolin, Xu, Sölter, Jan, Mahmoud, Ahmed, Majzoobi, Mehrdad, Koushanfar, Farinaz, Burleson, Wayne: Efficient power and timing side channels for physical unclonable functions. Cryptogr. Hardw. Embed. Syst. 8731, 476–492 (2014)zbMATHGoogle Scholar
  35. 35.
    Spenke, A., Breithaupt, R., Plaga, R.: An arbiter PUF secured by remote random reconfigurations of an FPGA. In: International Conference on Trust and Trustworthy Computing, pp. 140–158. Springer (2016)Google Scholar
  36. 36.
    Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: Proceedings of the 44th Annual Design Automation Conference, pp. 9–14. ACM (2007)Google Scholar
  37. 37.
    Tajik, S., Dietz, E., Frohmann, S., Seifert, J.-P., Nedospasov, D., Helfmeier, C., Boit, C., Dittrich, H.: Physical characterization of arbiter PUFs. In: Batina, L., Robshaw, M. (eds.) Proceedings of the Cryptographic Hardware and Embedded Systems-CHES 2014: 16th International Workshop, Busan, South Korea, September 23–26, 2014. pp. 493–509. Springer, Berlin (2014)Google Scholar
  38. 38.
    Tajik, S., Lohrke, H., Ganji, F., Seifert, J.-P., Boit, C.: Laser fault attack on physically unclonable functions. In: 2015 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 85–96. IEEE (2015)Google Scholar
  39. 39.
    Tehranipoor, M., Wang, C.: Introduction to Hardware Security and Trust, vol. 9781441980. Springer, Berlin (2012)CrossRefGoogle Scholar
  40. 40.
    Vijayakumar, A., Kundu, S.: A novel modeling attack resistant PUF design based on non-linear voltage transfer characteristics. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), 2015, DATE ’15, pp. 653–658. IEEE Conference Publications, New Jersey (2015)Google Scholar
  41. 41.
    Yu, M.D.M., Hiller, M., Delvaux, J., Sowell, R., Devadas, S., Verbauwhede, I.: A lockdown technique to prevent machine learning on PUFs for lightweight authentication. IEEE Trans. Multi-Scale Comput. Syst. 2(3), 146–159 (2016)CrossRefGoogle Scholar
  42. 42.
    Илья Сергееич  Тюрин. Уточнение верхних  оценок  констант  в  теореме  Ляпунова.  У с п е х и  м а т е м а т и ч е с к и х н а у к, 65(3):201-202, 2010Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department for Mathematics and Computer ScienceFreie Universität BerlinBerlinGermany

Personalised recommendations