In this paper we will take a closer look at this assumption. Using a controlled Arbiter PUF as an example, we show that just like traditional cryptography strong PUFs are susceptible to implementation attacks. By combining machine learning with with side-channel analysis we are able to attack designed based on Arbiter PUFs that on are resistant to normal machine learning attacks. We use two different side-channels for our attacks: a passive power side-channel and an active fault attack based on altering the supply voltage of the controlled PUF. Even in the presence of considerable noise both attacks can accurately model the Controlled Arbiter PUF. Hence, the assumption that PUFs are generally more resistant against side-channel attacks is not necessarily true and side-channel resistance needs to be considered when PUF designs are evaluated.
Category / Keywords: Side-channel analysis, machine learning, Physical Unclonable Function, Arbiter-PUF, fault attack, CPA Date: received 24 Apr 2014 Contact author: Georg Becker at rub de Available format(s): PDF | BibTeX Citation Version: 20140426:220821 (All versions of this report) Short URL: ia.cr/2014/287