Abstract
The hardware primitives known as Physically Unclonable Functions (PUFs) generate unique signatures based on uncontrollable variations which occur during the manufacturing process of silicon chips. These signatures are in turn used for securing Integrated Circuits either as a secret key for cryptographic modules, or as a medium for authenticating devices. Naturally being a security primitive, PUFs are the target for attacks as such it is important to mitigate such vulnerabilities. This paper in particular investigates PUFs’ vulnerability to power-based modeling attacks. Here, we expand upon our previous simulation based Cross-PUF attacks by targeting PUFs realized in real-silicon; namely, we consider PUFs deployed in Field-Programmable Gate Array (FPGA) fabrics. In Cross-PUF attacks, a model of a reference PUF is used to attack another PUF realized from the same HSPICE simulated design or the same bitstream in FPGA. We also investigate the impact of such attacks on multi-bit parallel PUFs. The HSPICE simulation results are compared vis-a-vis with the FPGA implementation outcome of these attacks confirming the effectiveness of such simulations. Finally we show that a combination of Dual Rail logic and Random Initialization logic, named DRILL, can be effectively used to thwart such power-based modeling attacks.
Similar content being viewed by others
Data Availability
All data generated or analyzed during this study are within the paper.
Notes
For the sake of brevity, we omitted the experimental results of another two algorithms, namely Decision Tree and Random Forest, since SVM provides a higher accuracy than that of those two.
References
Aghaie A, Moradi A (2021) Inconsistency of Simulation and Practice in Delay-based Strong PUFs. Cryptology ePrint Archive, Report 2021/482. https://ia.cr/2021/482
Anusha G, Kumar A, Kandpal K (2020) A fully on-chip low-dropout regulator for SoC applications. Procedia Comput Sci 171:1009–1017
Bassham L et al (2010) A statistical test suite for random and pseudorandom number generators for cryptographic applications. URL https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=906762
Becker GT, Kumar R (2014) Active and passive side-channel attacks on delay based PUF designs. International Association for Cryptologic Research Cryptology Archive p 287
Becker GT (2015) The gap between promise and reality: On the insecurity of XOR arbiter PUFs. In: Proc. International Workshop on Cryptographic Hardware and Embedded Systems. Springer, pp 535–555
Bruneau N, Danger JL, Facon A, Guilley S, Hamaguchi S, Hori Y, Kang Y, Schaub A (2018) Development of the unified security requirements of PUFs during the standardization process. In: Proc. International Conference on Security for Information Technology and Communications. Springer, pp 314–330
Chatterjee D, Mukhopadhyay D, Hazra A (2020) Interpose PUF can be PAC Learned. International Association for Cryptologic Research Cryptology ePrint Archive p 471
Cherif Z, Danger J-L, Guilley S, Bossuet L (2012) An easy-to-design PUF based on a single oscillator: the loop PUF. In: Proc. 15th Euromicro Conference on Digital System Design, pp 156–162
Delvaux J, Verbauwhede I (2013) Side channel modeling attacks on 65 nm arbiter PUFs exploiting CMOS device noise. In: Proc. Int’l Symp. on Hardware-Oriented Security and Trust (HOST), pp 137–142
Ebrahimabadi M, Younis M, Karimi N (2022) A puf-based modeling-attack resilient authentication protocol for IoT devices. IEEE Internet Things J 9(5):3684–3703
Eastland N (2021) Structure of an FPGA. URL https://digilent.com/blog/structure-of-an-fpga/
Fukushima K et al (2016) Delay PUF assessment method based on side-channel and modeling analyzes: The final piece of all-in-one assessment methodology. In: IEEE Trustcom/BigDataSE/ISPA, pp 201–207
Gassend B, Clarke D, van Dijk M, Devadas S (2002) Controlled physical random functions. In: Proc. 18th Annual Computer Security Applications Conf., pp 149–160. https://doi.org/10.1109/CSAC.2002.1176287
Gassend B, Clarke D, van Dijk M, Devadas S (2002) Silicon physical random functions. In: Proc. ACM Conference on Computer and Communications Security, pp 148–160
Guntur H, Ishii J, Satoh A (2014) Side-channel attack user reference architecture board SAKURA-G. In: Proc. IEEE 3rd Global Conference on Consumer Electronics, GCCE. Tokyo, Japan, 7-10 October 2014, pp 271–274. https://doi.org/10.1109/GCCE.2014.7031104
Herder C, Yu M, Koushanfar F, Devadas S (2014) Physical unclonable functions and applications: A tutorial. Proc IEEE 102(8):1126–1141
ISO/IEC 20897-1 (2020) Information security, cybersecurity and privacy protection – Physically unclonable functions – Part 1: Security requirements. https://www.iso.org/standard/76353.html
Jiang Q, Zhang X, Zhang N, Tian Y, Ma X, Ma JQ (2019) Two-factor authentication protocol using physical unclonable function for IoV. In: Proc. IEEE/CIC International Conference on Communications in China (ICCC), pp 195–200
Karimi N, Danger J-L, Guilley S (2018) Impact of aging on the reliability of delay PUFs. J Electron Test: Theory Appl 34(5):571–586
Kim SJ (2021) Integrated and Distributed Digital Low-Drop-Out Regulators with Event-Driven Controls and Side-Channel Attack Resistance. Columbia University
Koushanfar F (2011) Integrated circuits metering for piracy protection and digital rights management: An overview. In: Proceedings of the 21st Edition of the Great Lakes Symposium on Great Lakes Symposium on VLSI, Association for Computing Machinery, New York, NY, USA, p 449–454. https://doi.org/10.1145/1973009.1973110
Kroeger T, Cheng W, Guilley S, Danger J-L, Karimi N (2020) Cross-PUF attacks on arbiter-PUFs through their power side-channel. In: Proc. IEEE International Test Conference (ITC), pp 1–5
Kroeger T, Cheng W, Guilley S, Danger J-L, Karimi N (2021) Enhancing the resiliency of multi-bit parallel arbiter-PUF and its derivatives against power attacks. In: Bhasin S, De Santis F (eds) Constructive side-channel analysis and secure design. COSADE 2021. Lecture notes in computer science, vol 12910, pp 303–321
Kroeger T, Cheng W, Guilley S, Danger JL, Karimi N (2021) Making obfuscated PUFs secure against power side-channel based modeling attacks. In: Proc. Design Automation and Test Europe (DATE)
Kroeger T, Cheng W, Guilley S, Danger J-L, Karimi N (2022) Assessment and mitigation of power side-channel-based cross-PUF attacks on arbiter-PUFs and their derivatives. IEEE Trans Very Large Scale Integr VLSI Syst 30(2):187–200. https://doi.org/10.1109/TVLSI.2021.3129141
Labrado C, Thapliyal H, Mohanty SP (2022) Fortifying Vehicular Security through Low Overhead Physically Unclonable Functions. ACM J Emerg Technol Comput Syst 18(1):8:1–8:18. https://doi.org/10.1145/3442443
Mahmoud A, Rührmair U, Majzoobi M, Koushanfar F (2013) Combined modeling and side channel attacks on strong PUFs. International Association for Cryptologic Research Cryptology ePrint Archive 2013:632
Mangard S, Oswald E, Popp T (2006) Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer
Maiti A, Gunreddy V, Schaumont P (2013) A Systematic Method to Evaluate and Compare the Performance of Physical Unclonable Functions. Springer, New York, New York, NY, pp 245–267
Majzoobi M, Koushanfar F, Devadas S (2010) FPGA PUF using programmable delay lines. In: Proc. IEEE Int’l Workshop on Information Forensics and Security, pp 1–6
Mars A, Adi W (2018) New Concept for Physically-Secured E-Coins Circulations. In: Adaptive Hardware and Systems, pp 333–338
Nagata M, Miki T, Miura N (2022) Physical attack protection techniques for ic chip level hardware security. IEEE Transactions on Very Large Scale Integration (VLSI) Systems 30(1):5–14
Nangate 45 nm open cell library. “http://www.nangate.com”
Nguyen PH et al (2019) The Interpose PUF: Secure PUF Design against State-of-the-art Machine Learning Attacks. Trans on Cryptographic Hardware and Embedded Systems (CHES) p 243–290
Pappu R, Recht B, Taylor J, Gershenfeld N (2002) Physical one-way functions. Science 297(5589):2026–2030. https://doi.org/10.1126/science.1074376
Rührmair U et al (2010) Modeling Attacks on Physical Unclonable Functions. In: ACM Conference on Computer and Communications Security, pp 237–249
Rührmair U, Sölter J (2014) PUF modeling attacks: An introduction and overview. In: Proc. Design Automation and Test Europe (DATE), pp 1–6
Rührmair U, Xu X, Sölter J, Mahmoud A, Majzoobi M, Koushanfar F, Burleson W (2014) Efficient power and timing side channels for physical unclonable functions. In: Batina L, Robshaw M (eds) Cryptographic hardware and embedded systems – CHES 2014. Lecture notes in computer science, vol 8731. Springer, pp 476–492
Santikellur P, Bhattacharyay A, Chakraborty RS (2019) Deep learning based model building attacks on arbiter PUF compositions. Cryptology ePrint Archive
Soybali M, Ors B, Saldamli G (2011) Implementation of a PUF circuit on a FPGA. In: Proc. International Conference on New Technologies, Mobility and Security, pp 1–5
Spartan-6 FPGA Family. URL https://www.xilinx.com/products/silicon-devices/fpga/spartan-6.html
Tebelmann L, Danger JL, Pehl M (2020) Self-secured PUF: protecting the loop PUF by masking. Constructive Side-Channel Analysis and Secure Design (COSADE) 12244:293–314
Wisiol N, Mühl C, Pirnay N, Nguyen PH, Margraf M, Seifert J-P, van Dijk M, Rührmair U (2020) Splitting the interpose PUF: A novel modeling attack strategy. Trans on Cryptographic Hardware and Embedded Systems (CHES) 3:97–120
Yu W (2017) Exploiting on-chip voltage regulators as a countermeasure against power analysis attack. PhD thesis, University of South Florida. https://digitalcommons.usf.edu/cgi/viewcontent.cgi?article=8183&context=etd
Yu W, Uzun OA, Köse S (2015) Leveraging on-chip voltage regulators as a countermeasure against side-channel attacks. In: Proc. 52nd Annual Design Automation Conf., ACM, pp 1–6
Funding
This work has partly benefited from the bilateral MESRI-BMBF project “APRIORI” from the ANR Cybersecurity 2020 call. It is also part of the Horizon 2020 “SPARTA” project under grant agreement number 830892. It was also benefited from National Science Foundation Award (grant number: 1920079).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Competing Interests
The authors declare that there are no competing interests.
Conflict of Interests
The authors declare that they have no conflict of interest.
Additional information
Responsible Editor: V. D. Agrawal
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Kroeger, T., Cheng, W., Danger, JL. et al. Cross-PUF Attacks: Targeting FPGA Implementation of Arbiter-PUFs. J Electron Test 38, 261–277 (2022). https://doi.org/10.1007/s10836-022-06012-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10836-022-06012-z