Skip to main content
SpringerLink
Log in

An Attack on PUF-Based Session Key Exchange and a Hardware-Based Countermeasure: Erasable PUFs

  • Conference paper
Financial Cryptography and Data Security (FC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7035))

Included in the following conference series:

Abstract

We observe a security issue in protocols for session key exchange that are based on Strong Physical Unclonable Functions (PUFs). The problem is illustrated by cryptanalyzing a recent scheme of Tuyls and Skoric [1], which has been proposed for use in a bank card scenario. Under realistic assumptions, for example that the adversary Eve can eavesdrop the communication between the players and gains physical access to the PUF twice, she can derive previous session keys in this scheme. The observed problem seems to require the introduction of a new PUF variant, so-called “Erasable PUFs”. Having defined this new primitive, we execute some first steps towards its practical implementation, and argue that Erasable PUFs could be implemented securely via ALILE-based crossbar structures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Tuyls, P., Skoric, B.: Strong Authentication with Physical Unclonable Functions. In: Petkovic, M., Jonker, W. (eds.) Security, Privacy and Trust in Modern Data Management. Springer, Heidelberg (2007)

    Google Scholar 

  2. Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical One-Way Functions. Science 297, 2026–2030 (2002)

    Article  Google Scholar 

  3. Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA Intrinsic PUFs and Their Use for IP Protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Gassend, B.: Physical Random Functions, MSc Thesis, MIT (2003)

    Google Scholar 

  5. Kumar, S.S., Guajardo, J., Maes, R., Schrijen, G.J., Tuyls, P.: The Butterfly PUF: Protecting IP on every FPGA. In: HOST 2008, pp. 67–70 (2008)

    Google Scholar 

  6. Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling Attacks on Physical Unclonable Functions. In: ACM Conference on Computer and Communications Security, Chicago (ILL), USA (2010)

    Google Scholar 

  7. Rührmair, U., Busch, H., Katzenbeisser, S.: Strong PUFs: Models, Constructions and Security Proofs. In: Sadeghi, A.-R., Tuyls, P. (eds.) Towards Hardware Intrinsic Security: Foundation and Practice, Springer, Heidelberg (2010) (to appear)

    Google Scholar 

  8. Rührmair, U., Sölter, J., Sehnke, F.: On the Foundations of Physical Unclonable Functions. Cryptology e-Print Archive (June 2009)

    Google Scholar 

  9. Gassend, B., Lim, D., Clarke, D., van Dijk, M., Devadas, S.: Identification and authentication of integrated circuits. Concurrency and Computation: Practice & Experience 16(11), 1077–1098 (2004)

    Article  Google Scholar 

  10. Lee, J.-W., Lim, D., Gassend, B., Suh, G.E., van Dijk, M., Devadas, S.: A technique to build a secret key in integrated circuits with identification and authentication applications. In: Proceedings of the IEEE VLSI Circuits Symposium (June 2004)

    Google Scholar 

  11. Majzoobi, M., Koushanfar, F., Potkonjak, M.: Lightweight Secure PUFs. In: IC-CAD 2008, pp. 607–673 (2008)

    Google Scholar 

  12. Csaba, G., Ju, X., Ma, Z., Chen, Q., Porod, W., Schmidhuber, J., Schlichtmann, U., Lugli, P., Rührmair, U.: Application of Mismatched Cellular Nonlinear Networks for Physical Cryptography. In: IEEE CNNA - 12th International Workshop on Cellular Nonlinear Networks and their Applications (2010)

    Google Scholar 

  13. Tuyls, P., Schrijen, G.-J., Škorić, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-Proof Hardware from Protective Coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369–383. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Rührmair, U., Jaeger, C., Hilgers, C., Algasinger, M., Csaba, G., Stutzmann, M.: Security Applications of Diodes with Unique Current-Voltage Characteristics. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 328–335. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Rührmair, U., Jaeger, C., Bator, M., Stutzmann, M., Lugli, P., Csaba, G.: Cryptographic Applications of High-Capacity Crossbar Memories. IEEE Transactions on Nanotechnology 99, 1 (2010)

    Google Scholar 

  16. Jaeger, C., Algasinger, M., Rührmair, U., Csaba, G., Stutzmann, M.: Random pn-junctions for physical cryptography. Applied Physics Letters 96, 172103 (2010)

    Article  Google Scholar 

  17. Kursawe, K., Sadeghi, A.-R., Schellekens, D., Skoric, B., Tuyls, P.: Reconfigurable Physical Unclonable Functions – Enabling Technology for Tamper-Resistant Storage. In: HOST 2009, pp. 22–29 (2009)

    Google Scholar 

  18. Rührmair, U.: Oblivious Transfer based on Physical Unclonable Functions (Extended Abstract). In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 430–440. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  19. Suh, G.E., Devadas, S.: Physical Unclonable Functions for Device Authentication and Secret Key Generation. In: DAC 2007, pp. 9–14 (2007)

    Google Scholar 

  20. Nast, O., Wenham, S.R.: Elucidation of the layer exchange mechanism in the formation of polycrystalline silicon by aluminum-induced crystallization. Journal of Applied Physics 88, 124–132 (2000)

    Article  Google Scholar 

  21. Nast, O., Hartmann, A.J.: Influence of interface and Al structure on layer exchange during aluminum-induced crystallization of amorphous silicon. Journal of Applied Physics 88, 716–724 (2000)

    Article  Google Scholar 

  22. Antesberger, T., Jaeger, C., Scholz, M., Stutzmann, M.: Structural and electronic properties of ultrathin polycrystalline Si layers on glass prepared by aluminum-induced layer exchange. Appl. Phys. Lett. 91, 201909 (2007)

    Article  Google Scholar 

  23. Carter, R.J., Nemanich, R.J.: HF vapour cleaning of oxide on c-Si. Properties of Crystalline Silicon. EMIS Datareviews Series No 20, University of Virginia, USA (1999)

    Google Scholar 

  24. Majni, G., Ottaviani, G.: Growth kinetics of (111)Si through an Al layer by solid phase epitaxy. Journal of Crystal Growth 46, 119 (1979)

    Article  Google Scholar 

  25. Lim, D.: Extracting Secret Keys from Integrated Circuits. MSc Thesis, MIT (2004)

    Google Scholar 

  26. Majzoobi, M., Koushanfar, F., Potkonjak, M.: Testing Techniques for Hardware Security. In: IEEE International Test Conference (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Technische Universität München, 85748, Garching, Germany

    Ulrich Rührmair

  2. Walter Schottky Institut, Technische Universität München, 85748, Garching, Germany

    Christian Jaeger & Michael Algasinger

Authors
  1. Ulrich Rührmair
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christian Jaeger
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Algasinger
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

George Danezis

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rührmair, U., Jaeger, C., Algasinger, M. (2012). An Attack on PUF-Based Session Key Exchange and a Hardware-Based Countermeasure: Erasable PUFs. In: Danezis, G. (eds) Financial Cryptography and Data Security. FC 2011. Lecture Notes in Computer Science, vol 7035. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27576-0_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27576-0_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27575-3

  • Online ISBN: 978-3-642-27576-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation