research-article

On-Chip Side-Channel Analysis of the Loop PUF

Authors:
Lars Tebelmann

Technical University of Munich, Munich, Germany

Technical University of Munich, Munich, Germany
View Profile

,
Moritz Wettermann

Technical University of Munich, Munich, Germany

Technical University of Munich, Munich, Germany
View Profile

,
Michael Pehl

Technical University of Munich, Munich, Germany

Technical University of Munich, Munich, Germany
View Profile

ASHES'22: Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware SecurityNovember 2022Pages 55–63https://doi.org/10.1145/3560834.3563827

Published:07 November 2022Publication History

ASHES'22: Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security

Pages 55–63

ABSTRACT

In recent years, Side-Channel Analysis (SCA) that leverages power measurements from peripherals or on-chip power sensors has gained increasing attention. Instead of direct physical access to the victim device, these so-called remote SCA attacks can be mounted if an attacker shares resources on the same Power Distribution Network (PDN), e.g., in a multi-tenant Field Programmable Gate Array (FPGA) cloud scenario. Previous work on remote SCA focused on cryptographic algorithms such as AES and RSA. In this work, we analyze the possibility of on-chip SCA of Physical Unclonable Function (PUF) primitives and compare their efficiency to classical SCA attacks. We target the Loop PUF, that derives entropy from a configurable oscillator, where an attacker can retrieve the secret by observing oscillation frequencies. We employ a Time-to-Digital Converter (TDC) sensor, and compare two Artix-7 FPGAs with different resources to compare differences in the Signal-to-Noise Ratio (SNR). Further, we vary the relative placement of the targeted PUF and the TDC sensor. Even though the number of traces required is increased compared to classical SCA, the experiments illustrate the feasibility of extracting the secret key from a PUF-based storage from on-chip SCA.

Supplemental Material

ASHES2022-135_OnChipSCAOnLoopPUF.mkv

mkv

71.5 MB

Download

References

Michel Adami? and Andrej Trost. 2019. A Fast High-Resolution Time-to-Digital Converter Implemented in a Zynq 7010 SoC. In 2019 Austrochip Workshop on Microelectronics (Austrochip). 29--34.Google Scholar
Z. Cherif, J. Danger, S. Guilley, and L. Bossuet. 2012. An Easy-to-Design PUF Based on a Single Oscillator: The Loop PUF. In 2012 15th Euromicro Conference on Digital System Design. 156--162.Google Scholar
Rana Elnaggar, Sayak Ray, Majid Sabbagh, Bilgiday Yuce, Terry Wang, and Jason Fung. 2021. OPAL: On-the-go Physical Attack Lab to Evaluate Power Side-channel Vulnerabilities on FPGAs. In 2021 IEEE Physical Assurance and Inspection of Electronics (PAINE). 1--8.Google Scholar
M. E. S. Elrabaa, M. Al-Asli, and M. Abu-Amara. 2021. Secure Computing Enclaves Using FPGAs. IEEE Transactions on Dependable and Secure Computing, Vol. 18, 2 (2021), 593--604.Google ScholarDigital Library
D. R. E. Gnad, F. Oboril, S. Kiamehr, and M. B. Tahoori. 2016. Analysis of transient voltage fluctuations in FPGAs. In 2016 International Conference on Field-Programmable Technology (FPT). 12--19.Google Scholar
J. Gravellier, J. Dutertre, Y. Teglia, and P. Loubet-Moundi. 2019. High-Speed Ring Oscillator based Sensors for Remote Side-Channel Attacks on FPGAs. In 2019 International Conference on ReConFigurable Computing and FPGAs. 1--8.Google Scholar
Macarena C. Mart'inez-Rodr'iguez, Ignacio M. Delgado-Lozano, and Billy Bob Brumley. 2021. SoK: Remote Power Analysis. In The 16th International Conference on Availability, Reliability and Security (Vienna, Austria, 2021) (ARES 2021). Association for Computing Machinery, New York, NY, USA, Article 7, 12 pages.Google Scholar
Dominik Merli, Dieter Schuster, Frederic Stumpf, and Georg Sigl. 2011a. Semi-invasive EM Attack on FPGA RO PUFs and Countermeasures. In 6th Workshop on Embedded Systems Security (WESS'2011). ACM.Google Scholar
Dominik Merli, Dieter Schuster, Frederic Stumpf, and Georg Sigl. 2011b. Side-Channel Analysis of PUFs and Fuzzy Extractors. In Trust and Trustworthy Computing, , Jonathan M. McCune, Boris Balacheff, Adrian Perrig, Ahmad-Reza Sadeghi, Angela Sasse, and Yolanta Beres (Eds.). Number 6740 in Lecture Notes in Computer Science. Springer Berlin Heidelberg, 33--47.Google Scholar
Shayan Moini, Shanquan Tian, Daniel Holcomb, Jakub Szefer, and Russell Tessier. 2021. Remote Power Side-Channel Attacks on BNN Accelerators in FPGAs. In 2021 Design, Automation Test in Europe Conference Exhibition (DATE). 1639--1644.Google Scholar
Olivier Rioul, Patrick Solé, Sylvain Guilley, and Jean-Luc Danger. 2016. On the entropy of Physically Unclonable Functions. In 2016 IEEE International Symposium on Information Theory (ISIT). 2928--2932.Google ScholarDigital Library
F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori. 2018. An inside job: Remote power analysis attacks on FPGAs. In 2018 Design, Automation Test in Europe Conference Exhibition (DATE). 1111--1116.Google Scholar
Lars Tebelmann, Jean-Luc Danger, and Michael Pehl. 2020. Self-secured PUF: Protecting the Loop PUF by Masking. In Constructive Side-Channel Analysis and Secure Design, Guido Marco Bertoni and Francesco Regazzoni (Eds.). Springer International Publishing, 293--314.Google Scholar
Shanquan Tian, Andrew Krzywosz, Ilias Giechaskiel, and Jakub Szefer. 2020. Cloud FPGA Security with RO-Based Primitives. In 2020 International Conference on Field-Programmable Technology (ICFPT). 154--158.Google Scholar
J. Wu. 2010. Several Key Issues on Implementing Delay Line Based TDCs Using FPGAs. IEEE Transactions on Nuclear Science , Vol. 57, 3 (2010), 1543--1548.Google ScholarCross Ref
M. Zhao and G. E. Suh. 2018. FPGA-Based Remote Power Side-Channel Attacks. In 2018 IEEE Symposium on Security and Privacy (SP). 229--244.Google Scholar

Index Terms

On-Chip Side-Channel Analysis of the Loop PUF
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures

Recommendations

Self-secured PUF: Protecting the Loop PUF by Masking
Constructive Side-Channel Analysis and Secure Design
Abstract
Physical Unclonable Functions (PUFs) provide means to generate chip individual keys, especially for low-cost applications such as the Internet of Things (IoT). They are intrinsically robust against reverse engineering, and more cost-effective than ...
Read More
Leakage Sources of the ICLooPUF: Analysis of a Side-Channel Protected Oscillator-Based PUF
Constructive Side-Channel Analysis and Secure Design
Abstract
In the last years, Physical Unclonable Functions (PUFs) became a popular security primitive, which is nowadays also used in several products. As a lightweight solution for key storage, they are frequently suggested in an environment where ...
Read More
Side-Channel Analysis of the TERO PUF
Constructive Side-Channel Analysis and Secure Design
Abstract
Physical Unclonable Functions (PUFs) have the potential to provide a higher level of security for key storage than traditional Non-Volatile Memory (NVM). However, the susceptibility of the PUF primitives to non-invasive Side-Channel Analysis (SCA) ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ASHES'22: Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security
November 2022
114 pages
ISBN:9781450398848
DOI:10.1145/3560834
General Chairs:
Chip Hong Chang
NTU Singapore
,
Ulrich Rührmair
LMU Munich and U Connecticut
,
Program Chairs:
Debdeep Mukhopadhyay
IIT Kharagpur
,
Domenic Forte
U of Florida
Copyright © 2022 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 7 November 2022
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
loop puf
on-chip measurements
physical unclonable functions
remote attacks
side-channel analysis
time-to-digital converter
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate6of20submissions,30%
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 128
  Total Downloads
- Downloads (Last 12 months)74
- Downloads (Last 6 weeks)7
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

On-Chip Side-Channel Analysis of the Loop PUF

ASHES'22: Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security

ABSTRACT

Supplemental Material

References

Cited By

Index Terms

Recommendations

Self-secured PUF: Protecting the Loop PUF by Masking

Leakage Sources of the ICLooPUF: Analysis of a Side-Channel Protected Oscillator-Based PUF

Side-Channel Analysis of the TERO PUF