Security Evaluation and Enhancement of Bistable Ring PUFs RFIDSec, - - PowerPoint PPT Presentation

security evaluation and enhancement of bistable ring pufs
SMART_READER_LITE
LIVE PREVIEW

Security Evaluation and Enhancement of Bistable Ring PUFs RFIDSec, - - PowerPoint PPT Presentation

Oct 31, 2022 27 likes •262 views

Security Evaluation and Enhancement of Bistable Ring PUFs RFIDSec, June 23, 2015 (1) , Ulrich Rhrmair (2) Xiaolin Xu (1) and Wayne Burleson (1) Daniel Holcomb (1) UMass Amherst (2) HGI, U Bochum This material is based upon work supported

slide-1
SLIDE 1

Security Evaluation and Enhancement of
 Bistable Ring PUFs

Xiaolin Xu

(1), Ulrich Rührmair (2)

Daniel Holcomb

(1) and Wayne Burleson (1) (1) UMass Amherst (2) HGI, U Bochum

This material is based upon work supported by: NSF CNS-0964641 and SRC task 1836.074 Its contents are solely the responsibility of the authors and do not necessarily represent the official views of SRC or NSF.

RFIDSec, June 23, 2015

slide-2
SLIDE 2

RFIDsec 2015 Security of Bistable Ring PUF

Outline

2

  • Background
  • PUFs
  • Modeling attacks on PUFs
  • Bistable Ring PUF
  • Security Evaluation of BR PUFs
  • Modeling the BR PUF
  • Results against BR PUF and variants
  • Security Enhancement of BR PUFs
  • XORing BR PUFs to enhance the security
  • Impact on other PUF parameters
  • Conclusion and future work
slide-3
SLIDE 3

RFIDsec 2015 Security of Bistable Ring PUF

Physical Unclonable Functions

  • Map challenges to responses according to physical variations
  • Security applications include key storage and authentication

3

f

Challenges Responses

slide-4
SLIDE 4

RFIDsec 2015 Security of Bistable Ring PUF

Physical Unclonable Functions

  • Map challenges to responses according to physical variations
  • Security applications include key storage and authentication

3

f

PUF Characterized by Challenge- Response Pairs (CRPs) Challenges Responses

  • Exponential challenge space
  • Modeling attacks should not be possible
slide-5
SLIDE 5

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

S R 1 1 1 1 1 1 1 1 Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-6
SLIDE 6

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)

S R 1 1 1 1 1 1 1 1

0 0 … 0 0

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-7
SLIDE 7

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)

S R 1 1 1 1 1 1 1 1

0 0 … 0 0

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-8
SLIDE 8

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)
  • Responses: ri ∈ {0,1} (n=1 shown)

S R 1 1 1 1 1 1 1 1

Q=1

0 0 … 0 0

S R time voltage

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-9
SLIDE 9

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)
  • Responses: ri ∈ {0,1} (n=1 shown)

S R 1 1 1 1 1 1 1 1

Q=1 S R time voltage

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-10
SLIDE 10

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)
  • Responses: ri ∈ {0,1} (n=1 shown)

S R 1 1 1 1 1 1 1 1

Q=1

0 1 … 1 0

S R time voltage

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-11
SLIDE 11

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)
  • Responses: ri ∈ {0,1} (n=1 shown)

S R 1 1 1 1 1 1 1 1

Q=1 Q=0

0 1 … 1 0

R S voltage time S R time voltage

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-12
SLIDE 12

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)
  • Responses: ri ∈ {0,1} (n=1 shown)

S R 1 1 1 1 1 1 1 1

Q=1 Q=0

0 1 … 1 0

R S voltage time S R time voltage

❖ Arbiter PUF susceptible to

additive delay model

Q

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-13
SLIDE 13

RFIDsec 2015 Security of Bistable Ring PUF

PUFs and Modeling Attacks

4

(1) D. Lim. MSc Thesis, MIT, 2004 (2) U. Rührmair, et al, T-IFS, 2013

  • Challenges: Ci ∈ 2n (n= num stages)
  • Responses: ri ∈ {0,1} (n=1 shown)

S R 1 1 1 1 1 1 1 1

Q=1 Q=0

0 1 … 1 0

R S voltage time S R time voltage

❖ Arbiter PUF susceptible to

additive delay model

Q

❖ Arms race of designs versus attacks ongoing…. ❖ XOR PUF

(5), Lightweight PUF (3)

❖ SVM

(1), Evolutionary Strategies (6), Logistic Regression (6), ANN (8), Hybrid attacks (4)

(3) M. Majzoobi, et al. ICCAD 2008 (4) U. Rührmair, et al, CHES 2014 (5) G. Suh et al. DAC 2007 (6) U. Rührmair, et al, CCS 2010 (7) G. Becker, CHES 2015 (8) Schuster et al., TRUST 2015

slide-14
SLIDE 14

RFIDsec 2015 Security of Bistable Ring PUF

Bistable Ring PUFs

5

(5) Q Chen, et al. HOST, 2011

  • BR PUF(5) is composed of n-stages, where each stage has two inverting

delay elements (NOR gates as an example)

  • Each challenge vector configures a unique ring Ci ∈ 2n (n= num stages)
  • Ring has two stable states ri ∈ {0,1}
slide-15
SLIDE 15

RFIDsec 2015 Security of Bistable Ring PUF

FPGA implementation

6

BR PUF implemented on Spartan VI FPGA

# of slices 3556 # of slice flip flops 3688 # of LUTs 6318

544 gates to implement only the basic BR PUF 64-bit BR PUF implementation including peripheral logic, I/O etc

slide-16
SLIDE 16

RFIDsec 2015 Security of Bistable Ring PUF

Outline

7

  • Background
  • PUFs
  • Modeling attacks on PUFs
  • Bistable Ring PUF
  • Security Evaluation of BR PUFs
  • Modeling the BR PUF
  • Results against BR PUF and variants
  • Security Enhancement of BR PUFs
  • XORing BR PUFs to enhance the security
  • Impact on other PUF parameters
  • Conclusion and future work
slide-17
SLIDE 17

RFIDsec 2015 Security of Bistable Ring PUF

Evaluating Response of BR PUF

8

  • 1. Apply reset and challenge to configure ring
  • 2. Release reset
  • 3. Read response after allow time for stabilization
slide-18
SLIDE 18

RFIDsec 2015 Security of Bistable Ring PUF

Evaluating Response of BR PUF

8

  • 1. Apply reset and challenge to configure ring
  • 2. Release reset
  • 3. Read response after allow time for stabilization

1

slide-19
SLIDE 19

RFIDsec 2015 Security of Bistable Ring PUF

Evaluating Response of BR PUF

8

  • 1. Apply reset and challenge to configure ring
  • 2. Release reset
  • 3. Read response after allow time for stabilization
slide-20
SLIDE 20

RFIDsec 2015 Security of Bistable Ring PUF

Evaluating Response of BR PUF

8

  • 1. Apply reset and challenge to configure ring
  • 2. Release reset
  • 3. Read response after allow time for stabilization

1 1 1 1

slide-21
SLIDE 21

RFIDsec 2015 Security of Bistable Ring PUF

Evaluating Response of BR PUF

8

  • 1. Apply reset and challenge to configure ring
  • 2. Release reset
  • 3. Read response after allow time for stabilization

1 1 1 1

slide-22
SLIDE 22

RFIDsec 2015 Security of Bistable Ring PUF

Modeling the BR PUF

  • Represent each stage by two weights
  • Weights represent tendency to favor a stage output of 1
  • ver stage output of 0
  • ti represents weight of top gate in ith stage
  • bi represents weight of bottom gate in ith stage

9

Assumption: there exist weights that explain the challenge response mapping of BR PUF

ti bi

slide-23
SLIDE 23

RFIDsec 2015 Security of Bistable Ring PUF

Example

10

  • Challenge bits select weights, stage index determines signs
  • Response tells whether sum is negative or positive
  • Additive delay model (like Arbiter PUF)

t0 − b1 + t2 − t3 + b4 − b5 + t6 − t7