Abstract
The integration of IoT devices is becoming increasingly inevitable in the development of next-generation systems and applications. Due to such a wide adoption, IoT devices handle large quantities of private and sensitive data, and operate safety-critical systems. As such, failure to comply with security requirements would prove to be catastrophic. However, the resource-constrained nature of IoT devices is a fundamental limitation in designing their security features. To tackle the problem of implementing lightweight security functionalities that enable trusted communications, Physical Unclonable Functions (PUFs) have been proposed. Exploiting the manufacturing variations of Integrated Circuits (ICs), these primitives aim to give devices a unique identifier that no attacker can violate or clone. That said, in the past decade many studies have shown the great threat that Machine Learning (ML) poses to the security of Physical Unclonable Functions. In this paper, we provide an up-to-date situation of this field of research, as well as our current work and future directions.
This work is supported by the IoTalentum project, funded by the European Union Horizon 2020 research and innovation program within the framework of Marie Skłodowska-Curie Actions ITN-ETN with grant number 953442.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Technically, the concept of PUF can be traced back even further [11]. However, it was not properly defined yet and its use for resource-constrained devices was not envisioned.
References
Alkatheiri, M.S., Zhuang, Y.: Towards fast and accurate machine learning attacks of feed-forward arbiter PUFs. In: 2017 IEEE Conference on Dependable and Secure Computing, pp. 181–187 (2017). https://doi.org/10.1109/DESEC.2017.8073845
Becker, G.T.: The Gap between promise and reality: on the insecurity of XOR arbiter PUFs. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 535–555. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_27
Cheruvu, S., Kumar, A., Smith, N., Wheeler, D.M.: Demystifying Internet of Things Security. Apress, Berkeley, CA (2020). https://doi.org/10.1007/978-1-4842-2896-8
Delvaux, J., Gu, D., Schellekens, D., Verbauwhede, I.: Secure lightweight entity authentication with strong PUFs: mission impossible? In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 451–475. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44709-3_25
Ferens, M., Dushku, E., Kosta, S.: Securing PUFs against ml modeling attacks via an efficient challenge-response approach. In: IEEE International Workshop on the Security, Privacy, and Digital Forensics of Mobile Systems and Networks (Mobisec) (2023, in press)
Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled physical random functions. In: 18th Annual Computer Security Applications Conference, 2002. Proceedings, pp. 149–160 (2002). https://doi.org/10.1109/CSAC.2002.1176287
Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 148–160. CCS ’02, Association for Computing Machinery, New York, NY, USA (2002). https://doi.org/10.1145/586110.586132
Gassend, B., Dijk, M.V., Clarke, D., Torlak, E., Devadas, S., Tuyls, P.: Controlled physical random functions and applications 10(4) (2008). https://doi.org/10.1145/1284680.1284683
Gassend, B., Lim, D., Clarke, D., van Dijk, M., Devadas, S.: Identification and authentication of integrated circuits. Concurr. Comput. Pract. Exp. 16(11), 1077–1098 (2004). https://doi.org/10.1002/cpe.805
Lim, D., Lee, J., Gassend, B., Suh, G., van Dijk, M., Devadas, S.: Extracting secret keys from integrated circuits. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 13(10), 1200–1205 (2005). https://doi.org/10.1109/TVLSI.2005.859470
Maes, R., Verbauwhede, I.: Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions, pp. 3–37. Springer, Berlin, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14452-3_1
Majzoobi, M., Koushanfar, F., Potkonjak, M.: Lightweight secure PUFs. In: 2008 IEEE/ACM International Conference on Computer-Aided Design, pp. 670–673 (2008). https://doi.org/10.1109/ICCAD.2008.4681648
Majzoobi, M., Koushanfar, F., Potkonjak, M.: Techniques for design and implementation of secure reconfigurable PUFs. ACM Trans. Reconfigurable Technol. Syst. 2(1) (2009). https://doi.org/10.1145/1502781.1502786
Majzoobi, M., Rostami, M., Koushanfar, F., Wallach, D.S., Devadas, S.: Slender PUF protocol: a lightweight, robust, and secure authentication by substring matching. In: 2012 IEEE Symposium on Security and Privacy Workshops, pp. 33–44 (2012). https://doi.org/10.1109/SPW.2012.30
Nguyen, P.H., Sahoo, D.P., Jin, C., Mahmood, K., Rührmair, U., van Dijk, M.: The interpose PUF: secure PUF design against state-of-the-art machine learning attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(4), 243–290 (2019). https://doi.org/10.13154/tches.v2019.i4.243-290
Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002). https://doi.org/10.1126/science.1074376
Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 237–249. CCS ’10, Association for Computing Machinery, New York, NY, USA (2010). https://doi.org/10.1145/1866307.1866335
Rührmair, U., et al.: PUF modeling attacks on simulated and silicon data. IEEE Trans. Inf. Forensics Secur. 8(11), 1876–1891 (2013). https://doi.org/10.1109/TIFS.2013.2279798
Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: 2007 44th ACM/IEEE Design Automation Conference, pp. 9–14 (2007)
Wisiol, N., et al.: Splitting the interpose PUF: a novel modeling attack strategy. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(3), 97–120 (2020). https://doi.org/10.13154/tches.v2020.i3.97-120
Wu, L., Hu, Y., Zhang, K., Li, W., Xu, X., Chang, W.: FLAM-PUF: a response-feedback-based lightweight anti-machine-learning-attack PUF. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 41(11), 4433–4444 (2022). https://doi.org/10.1109/TCAD.2022.3197696
Yu, M.D., Hiller, M., Delvaux, J., Sowell, R., Devadas, S., Verbauwhede, I.: A lockdown technique to prevent machine learning on PUFs for lightweight authentication. IEEE Trans. Multi-Scale Comput. Syst. 2(3), 146–159 (2016). https://doi.org/10.1109/TMSCS.2016.2553027
Zhang, J., Shen, C., Guo, Z., Wu, Q., Chang, W.: CT PUF: configurable tristate PUF against machine learning attacks for IoT security. IEEE Internet Things J. 9(16), 14452–14462 (2022). https://doi.org/10.1109/JIOT.2021.3090475
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ferens, M., Dushku, E., Kosta, S. (2023). ML for Attack and Defense of PUFs: Current Status and Future Directions. In: Mehmood, R., et al. Distributed Computing and Artificial Intelligence, Special Sessions I, 20th International Conference. DCAI 2023. Lecture Notes in Networks and Systems, vol 741. Springer, Cham. https://doi.org/10.1007/978-3-031-38318-2_38
Download citation
DOI: https://doi.org/10.1007/978-3-031-38318-2_38
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-38317-5
Online ISBN: 978-3-031-38318-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)