Localized electromagnetic analysis of RO PUFs

Merli, Dominik; Heyszl, Johann; Heinz, Benedikt; Schuster, Dieter; Stumpf, Frederic; Sigl, Georg

doi:10.1109/hst.2013.6581559

Cited by 60 publications

(37 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Side-channel attacks statistically analyze the time, power consumption, or electromagnetic emanation of the cryptographic devices to gain knowledge about integrated secrets ]. Most recently, Merli et al [2013] carried out side-channel attacks (EM analyses) on an RO PUF FPGA implementation, leading to the extraction of a full PUF model and thereby breaking the PUFs' security. The authors also point out that their proposed attack can be successful because they exploit the fact that each RO has a fixed location and a specific measurement path through a multiplexer to a counter.…”

Section: Security Analysismentioning

confidence: 99%

Reconfigurable Binding against FPGA Replay Attacks

Zhang

Lin

2015

ACM Trans. Des. Autom. Electron. Syst.

View full text Add to dashboard Cite

The FPGA replay attack, where an attacker downgrades an FPGA-based system to the previous version with known vulnerabilities, has become a serious security and privacy concern for FPGA design. Current FPGA intellectual property (IP) protection mechanisms target the protection of FPGA configuration bitstreams by watermarking or encryption or binding. However, these mechanisms fail to prevent replay attacks. In this article, based on a recently reported PUF-FSM binding method that protects the usage of configuration bitstreams, we propose to reconfigure both the physical unclonable functions (PUFs) and the locking scheme of the finite state machine (FSM) in order to defeat the replay attack. We analyze the proposed scheme and demonstrate how replay attack would fail in attacking systems protected by the reconfigurable binding method. We implement two ways to build reconfigurable PUFs and propose two practical methods to reconfigure the locking scheme. Experimental results show that the two reconfigurable PUFs can generate significantly distinct responses with average reconfigurability of more than 40%. The reconfigurable locking schemes only incur a timing overhead less than 1%.

show abstract

Section: Security Analysismentioning

confidence: 99%

Reconfigurable Binding against FPGA Replay Attacks

Zhang

Lin

2015

ACM Trans. Des. Autom. Electron. Syst.

View full text Add to dashboard Cite

show abstract

“…Side-channel attacks statistically analyze the time, power consumption or electromagnetic emanation of the cryptographic devices to gain knowledge about integrated secrets. Most recently, Merli et al carried out side channel attacks (EM analyses) on an RO PUF FPGA implementation leading to the extraction of a full PUF model and thereby breaking the PUFs security [17]. The authors also point that their proposed attack can be successful because they exploit that each RO has a fixed location and a specific measurement path through a multiplexer to a counter.…”

Section: B Side-channel Attacksmentioning

confidence: 99%

Physical Unclonable Function-Based Key Sharing via Machine Learning for IoT Security

Zhang

2020

IEEE Trans. Ind. Electron.

114

View full text Add to dashboard Cite

In many Internet of Things (IoT) applications, resources like CPU, memory, and battery power are limited and cannot afford the classic cryptographic security solutions. Silicon Physical Unclonable Function (PUF) is a lightweight security primitive that exploits manufacturing variations during the chip fabrication process for key generation and/or device authentication. Ring Oscillator (RO) PUF as one of the most popular silicon weak PUFs can generate secret bits by comparing the frequency difference between any two ROs. Previous RO PUFs improve flexibility and reliability through adding redundant ROs, which incurs unacceptable hardware overheads. In addition, traditional weak PUFs such as RO PUF generate chipunique key for each device, which restricts their application in security protocols where the same key is required to be shared in resource-constrained devices. In order to address these shortcomings, we propose a crossover RO PUF (CRO PUF) that improves flexibility, reliability and reduces hardware overheads. It is the first PUF that can generate the shared key in physically. The basic idea is to implement one-to-one input-output mapping with Lookup Table (LUT)-based interstage crossing structures in each level of inverters. Individual customization on configuration bits of interstage crossing structure and different RO selections with challenges bring high flexibility. Therefore, with the flexible configuration of interstage crossing structures and challenges, CRO PUF can generate the same shared key for resource-constrained devices, which enables a new application for lightweight key sharing protocols. Experimental results show that our proposed PUF structure has much lower hardware overheads, better uniqueness and reliability than the previous configurable RO PUFs.

show abstract

“…However, they can still be characterized by various means. For instance, RO PUFs are vulnerable to the EM side-channel attacks [55,54,53] and modeling attack [24]. Arbiter PUFs have been a target for mathematical modeling attacks.…”

Section: Related Workmentioning

confidence: 99%

On the Physical Security of Physically Unclonable Functions

Tajik

2019

T-Labs Series in Telecommunication Services

View full text Add to dashboard Cite

Localized electromagnetic analysis of RO PUFs

Cited by 60 publications

References 9 publications

Reconfigurable Binding against FPGA Replay Attacks

Reconfigurable Binding against FPGA Replay Attacks

Physical Unclonable Function-Based Key Sharing via Machine Learning for IoT Security

On the Physical Security of Physically Unclonable Functions

Contact Info

Product

Resources

About