Cryptology ePrint Archive: Report 2016/606

Strong Machine Learning Attack against PUFs with No Mathematical Model

Fatemeh Ganji and Shahin Tajik and Fabian Fler and Jean-Pierre Seifert

Abstract: Although numerous attacks revealed the vulnerability of different PUF families to non-invasive Machine Learning (ML) attacks, the question is still open whether all PUFs might be learnable. Until now, virtually all ML attacks rely on the assumption that a mathematical model of the PUF functionality is known a priori. However, this is not always the case, and attention should be paid to this important aspect of ML attacks. This paper aims to address this issue by providing a provable framework for ML attacks against a PUF family, whose underlying mathematical model is unknown. We prove that this PUF family is inherently vulnerable to our novel PAC (Probably Approximately Correct) learning framework. We apply our ML algorithm on the Bistable Ring PUF (BR-PUF) family, which is one of the most interesting and prime examples of a PUF with an unknown mathematical model. We practically evaluate our ML algorithm through extensive experiments on BR-PUFs implemented on Field-Programmable Gate Arrays (FPGA). In line with our theoretical findings, our experimental results strongly confirm the effectiveness and applicability of our attack. This is also interesting since our complex proof heavily relies on the spectral properties of Boolean functions, which are known to hold only asymptotically. Along with this proof, we further provide the theorem that all PUFs must have some challenge bit positions, which have larger influences on the responses than other challenge bits.

Category / Keywords: Machine Learning, PAC Learning, Boosting Technique, Fourier Analysis, Physically Unclonable Functions (PUFs)

Original Publication (in the same form): IACR-CHES-2016

Date: received 10 Jun 2016

Contact author: stajik at sec t-labs tu-berlin de

Available format(s): PDF | BibTeX Citation

Version: 20160614:172002 (All versions of this report)

Short URL: ia.cr/2016/606

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]