Skip to main content
SpringerLink
Log in

Side-Channel Analysis of PUFs and Fuzzy Extractors

  • Conference paper
Trust and Trustworthy Computing (Trust 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6740))

Included in the following conference series:

Abstract

Embedded security systems based on Physical Unclonable Functions (PUFs) offer interesting protection properties, such as tamper resistance and unclonability. However, to establish PUFs as a high security primitive in the long run, their vulnerability to side-channel attacks has to be investigated. For this purpose, we analysed the side-channel leakage of PUF architectures and fuzzy extractor implementations. We identified several attack vectors within common PUF constructions and introduce two side-channel attacks on fuzzy extractors. Our proof-of-concept attack on an FPGA implementation of a fuzzy extractor shows that it is possible to extract the cryptographic key derived from a PUF by side-channel analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bösch, C., Guajardo, J., Sadeghi, A.-R., Shokrollahi, J., Tuyls, P.: Efficient helper data key extractor on fpgas. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 181–197. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Dai, J., Wang, L.: A study of side-channel effects in reliability-enhancing techniques. In: Proceedings of the 2009 24th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, DFT 2009, pp. 236–244. IEEE Computer Society, Washington, DC (2009)

    Chapter  Google Scholar 

  3. Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  4. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  5. Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: WOST 1999: Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, pages 2–2. USENIX Association, Berkeley (1999)

    Google Scholar 

  6. Lim, D., Lee, J.W., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Transactions on Very Large Scale Integration (VLSI) Systems 13(10), 1200–1205 (2005)

    Article  Google Scholar 

  7. Maes, R., Tuyls, P., Verbauwhede, I.: Low-overhead implementation of a soft decision helper data algorithm for sram pufs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 332–347. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Majzoobi, M., Koushanfar, F., Potkonjak, M.: Lightweight secure pufs. In: ICCAD 2008: Proceedings of the 2008 IEEE/ACM International Conference on Computer-Aided Design, pp. 670–673. IEEE Press, Piscataway (2008)

    Chapter  Google Scholar 

  9. Merli, D., Stumpf, F., Eckert, C.: Improving the quality of ring oscillator pufs on fpgas. In: 5th Workshop on Embedded Systems Security (WESS 2010). ACM Press, Scottsdale (2010)

    Google Scholar 

  10. Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002)

    Article  Google Scholar 

  11. Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and electromagnetic analysis: Improved model, consequences and comparisons. Integration 40(1), 52–60 (2007)

    Google Scholar 

  12. Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 237–249. ACM Press, New York (2010)

    Chapter  Google Scholar 

  13. Rührmair, U., Sölter, J., Sehnke, F.: On the foundations of physical unclonable functions. Cryptology ePrint Archive, Report 2009/277 (2009), http://eprint.iacr.org/

  14. Sauvage, L., Guilley, S., Mathieu, Y.: Electromagnetic radiations of fpgas: High spatial resolution cartography and attack on a cryptographic module. ACM Trans. Reconfigurable Technol. Syst., 2:4:1–4:24 (March 2009)

    Google Scholar 

  15. Skorobogatov, S.: Flash memory ‘Bumping” attacks. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 158–172. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: 44th ACM/IEEE Design Automation Conference, DAC 2007, pp. 9–14 (2007)

    Google Scholar 

  17. Tuyls, P., Škorić, B.: Strong Authentication with Physical Unclonable Functions. In: Petkovi, M., Jonker, W. (eds.) Security, Privacy and Trust in Modern Data Management. Data-Centric Systems and Applications. Springer, Heidelberg (2007)

    Google Scholar 

  18. Tuyls, P., Škorić, B., Stallinga, S., Akkermans, A.H.M., Ophey, W.: Information-theoretic security analysis of physical uncloneable functions. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 141–155. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Fraunhofer Institute for Secure Information Technology, Munich, Germany

    Dominik Merli, Dieter Schuster & Frederic Stumpf

  2. Institute for Security in Information Technology, Technische Universität München, Munich, Germany

    Georg Sigl

Authors
  1. Dominik Merli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dieter Schuster
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frederic Stumpf
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Georg Sigl
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Carnegie Mellon University, 5000 Forbes Ave, 15213, Pittsburgh, PA, USA

    Jonathan M. McCune  & Adrian Perrig  & 

  2. Hewlett-Packard Labs, Long Down Ave, BS34 8QZ, Stoke Gifford, Bristol, UK

    Boris Balacheff

  3. TU Darmstadt / Fraunhofer SIT, Mornewegstr.32, 64293, Darmstadt, Germany

    Ahmad-Reza Sadeghi

  4. University College London, Gower Street, WC1E 6BT, London, UK

    Angela Sasse

  5. Hewlett Packard Labs, Long Down Ave, BS34 8QZ, Stoke Gifford, Bristol, UK

    Yolanta Beres

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Merli, D., Schuster, D., Stumpf, F., Sigl, G. (2011). Side-Channel Analysis of PUFs and Fuzzy Extractors. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, AR., Sasse, A., Beres, Y. (eds) Trust and Trustworthy Computing. Trust 2011. Lecture Notes in Computer Science, vol 6740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21599-5_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21599-5_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21598-8

  • Online ISBN: 978-3-642-21599-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation