Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation

Delvaux, Jeroen; Verbauwhede, Ingrid

doi:10.1007/978-3-319-04852-9_6

Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation

Jeroen Delvaux¹⁷ &
Ingrid Verbauwhede¹⁷

Conference paper

1448 Accesses
27 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8366))

Abstract

Physically Unclonable Functions (PUFs) provide a unique signature for integrated circuits (ICs), similar to a fingerprint for humans. They are primarily used to generate secret keys, hereby exploiting the unique manufacturing variations of an IC. Unfortunately, PUF output bits are not perfectly reproducible and non-uniformly distributed. To obtain a high-quality key, one needs to implement additional post-processing logic on the same IC. Fuzzy extractors are the well-established standard solution. Pattern Matching Key Generators (PMKGs) have been proposed as an alternative. In this work, we demonstrate the latter construction to be vulnerable against manipulation of its public helper data. Full key recovery is possible, although depending on system design choices. We demonstrate our attacks using a 4-XOR arbiter PUF, manufactured in 65nm CMOS technology. We also propose a simple but effective countermeasure.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., Smith, A.: Secure Remote Authentication Using Biometric Data. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 147–163. Springer, Heidelberg (2005)
Chapter Google Scholar
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM J. Comput. 38(1), 97–139 (2008)
Article MATH MathSciNet Google Scholar
Hospodar, G., Maes, R., Verbauwhede, I.: Machine Learning Attacks on 65nm Arbiter PUFs: Accurate Modeling poses strict Bounds on Usability. In: Workshop on Information Forensics and Security (WIFS), pp. 37–42. IEEE (December 2012)
Google Scholar
Koeberl, P., Maes, R., Rožić, V., Van der Leest, V., Van der Sluis, E., Verbauwhede, I.: Experimental Evaluation of Physically Unclonable Functions in 65 nm CMOS. In: 2012 IEEE Conference on European Solid-State Circuits (ESSCIRC), pp. 486–489 (September 2012)
Google Scholar
Konczakowska, A., Wilamowski, B.M.: Noise in Semiconductor Devices. In: Industrial Electronics Handbook, 2nd edn. Fundamentals of Industrial Electronics, vol. 1, ch. 11. CRC Press (2011)
Google Scholar
Kuhn, K., Kenyon, C., Kornfeld, A., Liu, M., Maheshwari, A., Shih, W., Sivakumar, S., Taylor, G., Van Der Voorn, P., Zawadzki, K.: Managing Process Variation in Intel’s 45nm CMOS Technology. Intel Technology Journal 12(2), 92–110 (2008)
Google Scholar
Lee, J.W., Lim, D., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: A technique to build a secret key in integrated circuits for identification and authentication applications. In: 2004 Symposium on VLSI Circuits, pp. 176–179 (June 2004)
Google Scholar
Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Side-channel analysis of PUFs and fuzzy extractors. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) TRUST 2011. LNCS, vol. 6740, pp. 33–47. Springer, Heidelberg (2011)
Google Scholar
Paral, Z., Devadas, S.: Reliable and Efficient PUF-Based Key Generation Using Pattern Matching. In: 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 128–133 (June 2011)
Google Scholar
Paral, Z., Devadas, S., Verayo Inc.: Patent WO/2012/099657, Reliable PUF value generation by pattern matching (July 26, 2012)
Google Scholar
Rührmair, U., Devadas, S., Koushanfar, F.: Security based on Physical Unclonability and Disorder. Introduction to Hardware Security and Trust. Springer, Book Chapter (2011)
Google Scholar
Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: 2010 ACM Conference on Computer and Communications Security (CCS), pp. 237–249 (October 2010)
Google Scholar
Skorobogatov, S.: Semi-invasive attacks - a new approach to hardware security analysis, Technical Report UCAM-CL-TR-630, University of Cambridge, Computer Laboratory (April 2005)
Google Scholar
Tuyls, P., Schrijen, G.-J., Škorić, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-Proof Hardware from Protective Coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369–383. Springer, Heidelberg (2006)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

ESAT/COSIC and iMinds, KU Leuven, Kasteelpark Arenberg 10, B-3001, Leuven-Heverlee, Belgium
Jeroen Delvaux & Ingrid Verbauwhede

Authors

Jeroen Delvaux
View author publications
You can also search for this author in PubMed Google Scholar
Ingrid Verbauwhede
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Microsoft Research, Redmond, WA, USA
Josh Benaloh

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Delvaux, J., Verbauwhede, I. (2014). Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation. In: Benaloh, J. (eds) Topics in Cryptology – CT-RSA 2014. CT-RSA 2014. Lecture Notes in Computer Science, vol 8366. Springer, Cham. https://doi.org/10.1007/978-3-319-04852-9_6

Download citation

DOI: https://doi.org/10.1007/978-3-319-04852-9_6
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-04851-2
Online ISBN: 978-3-319-04852-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics