Lightweight obfuscation techniques for modeling attacks resistant PUFs

Mispan, Mohd Syafiq; Halak, Basel; Zwoliński, Mark

doi:10.1109/ivsw.2017.8031539

Cited by 11 publications

(10 citation statements)

References 17 publications

(30 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hence, higher non-linearity in a given PUF architecture can improve the uniqueness and randomness with increased defense against modeling attack. Other approaches to ML-resistant PUFs have been randomized challenges [42], obfuscation [12,23], and sub-string-based challenges [28]. Rostami et al presented a prover-verifier framework for successful authentication based on a subset of response substring [28].…”

Section: Strong Puf Architecturesmentioning

confidence: 99%

“…We also evaluate the performance of the cloning models when the challenge is obfuscated, as postulated in obfuscated PUF architectures such as [12,23]. We consider a simpler version of these approaches for our experiments.…”

Section: Obfuscated Puf-based Authenticationmentioning

confidence: 99%

“…It should be noted that the performance is tested only on a limited evaluation set of 200 CRPs. More complicated obfuscation techniques such as those proposed in [12,23] and less training would further degrade the performance of machine learning-based cloning attacks.…”

Section: Obfuscated Puf-based Authenticationmentioning

confidence: 99%

“…Inspired from the pioneering work of Goodfellow et al [13] on Generative Adversarial Networks (GANs), we propose a machine learning-based defense, a discriminator, to identify the possibility of cloning using any ML-based attack non-invasive attack. Extant countermeasures [23,28] to MLbased cloning have focused on creating complex cloningresistant PUF architecture. As we enter into a more realizable IoT ecosystem, complex PUF architectures may not be suitable for lightweight IoT systems.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Machine Learning Attacks and Countermeasures for PUF-Based IoT Edge Node Security

2020

View full text Add to dashboard Cite

The Internet of things (IoT) ecosystem has grown exponentially with the convergence of various technologies such as deep learning, sensor systems, and advances in computing platforms. With such a highly pervasive nature of "smart" devices, the nature of data being collected and processed can be increasingly private and require safeguards to ensure the data's integrity and security. Physically unclonable functions (PUFs) have emerged as a lightweight, viable security protocol in the Internet of Things (IoT) framework. Malicious modeling of PUF architectures has proven to be difficult due to the inherently stochastic nature of PUF architectures. In this work, we show that knowledge of the underlying PUF structure is unnecessary to clone a PUF. We tackle the problem of cloning PUF-based edge nodes in different settings such as unencrypted, encrypted, and obfuscated challenges in an IoT framework. We present a novel non-invasive, architecture-independent, machine learning attack for robust PUF designs and can handle encryption and obfuscation-based security measures on the transmitted challenge response pairs (CRPs). We show that the proposed framework can successfully clone different PUF architectures, including those encrypted using two (2) different encryption protocols in DES and AES and with varying degrees of obfuscation. We also show that the proposed approach outperforms a two-stage brute force attack model. Finally, we offer a machine learning-based countermeasure, a discriminator, which can distinguish cloned PUF devices and authentic PUFs with an average accuracy of 96%. The proposed discriminator can be used for rapidly authenticating millions of IoT nodes remotely from the cloud server. Keywords Machine learning • Internet of things • Physically unclonable functions • Edge node security This article is part of the topical collection "Hardware-Assisted Security Solutions for Electronic Systems" guest edited by

show abstract

Section: Strong Puf Architecturesmentioning

confidence: 99%

Section: Obfuscated Puf-based Authenticationmentioning

confidence: 99%

Section: Obfuscated Puf-based Authenticationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Machine Learning Attacks and Countermeasures for PUF-Based IoT Edge Node Security

2020

View full text Add to dashboard Cite

show abstract

“…Nevertheless, the authors of all five protocols deserve credit for their compliance with Kerckhoffs' principle [27], i.e., the specification of the obfuscation logic is public. On the contrary, Mispan, Su, Zwolinski, and Halak [28], [29] recently proposed three PUF-based authentication protocols of which the specification is private, i.e., they rely on the almost universally rejected paradigm of security through obscurity. To be clear: obscurity is the only protective measure, which differs from cases where obscurity augments an inherently secure system.…”

Section: A Protocol Specificationsmentioning

confidence: 99%