Cryptology ePrint Archive: Report 2014/287

Active and Passive Side-Channel Attacks on Delay Based PUF Designs

Georg T. Becker and Raghavan Kumar

Abstract: Physical Unclonable Functions (PUFs) have emerged as a lightweight alternative to traditional cryptography. The fact that no secret key needs to be stored in non-volatile memory makes PUFs especially well suited for embedded systems in which securely generating and storing secret keys is difficult and expensive. Compared to traditional cryptography, PUFs are often believed to be more resistant to implementation attacks.

In this paper we will take a closer look at this assumption. Using a controlled Arbiter PUF as an example, we show that just like traditional cryptography strong PUFs are susceptible to implementation attacks. By combining machine learning with with side-channel analysis we are able to attack designed based on Arbiter PUFs that on are resistant to normal machine learning attacks. We use two different side-channels for our attacks: a passive power side-channel and an active fault attack based on altering the supply voltage of the controlled PUF. Even in the presence of considerable noise both attacks can accurately model the Controlled Arbiter PUF. Hence, the assumption that PUFs are generally more resistant against side-channel attacks is not necessarily true and side-channel resistance needs to be considered when PUF designs are evaluated.

Category / Keywords: Side-channel analysis, machine learning, Physical Unclonable Function, Arbiter-PUF, fault attack, CPA

Date: received 24 Apr 2014

Contact author: Georg Becker at rub de

Available format(s): PDF | BibTeX Citation

Version: 20140426:220821 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]