Paper 2016/322

On the Security of PUF Protocols under Bad PUFs and PUFs-inside-PUFs Attacks

Ulrich Rührmair

Abstract

We continue investigations on the use of so-called Strong PUFs as a cryptographic primitive in realistic attack models, in particular in the “Bad/Malicious PUF Model”. We obtain the following results: – Bad PUFs and Simplification: As a minor contribution, we simplify a recent OT-protocol for malicious PUFs by Dachman-Soled et al. [4] from CRYPTO 2014. We can achieve the same security properties under the same assumptions, but use only one PUF instead of two. – PUFs-inside-PUFs, Part I: We propose the new, realistic adversarial models of PUF modifications and PUFs-inside-PUF attacks, and show that the earlier protocol of Dachman-Soled et al. [4] is vulnerable against PUFs-inside-PUFs attacks (which lie outside the original framework of [4]). – PUFs-inside-PUFs, Part II: We construct a new PUF-based OT-protocol, which is secure against PUFs-inside-PUFs attacks if the used bad PUFs are stateless. Our protocol introduces the technique of interleaved challenges. – PUFs-inside-PUFs, Part III: In this context, we illustrate why the use of interactive hashing in our new protocol appears necessary, and why a first protocol attempt without interactive hashing fails.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
Strong PUFsPUF ProtocolsBad PUFsMalicious PUFsPUFs-inside-PUFs Attacks
Contact author(s)
ruehrmair @ ilo de
History
2016-03-30: last of 4 revisions
2016-03-22: received
See all versions
Short URL
https://ia.cr/2016/322
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/322,
      author = {Ulrich Rührmair},
      title = {On the Security of PUF Protocols under Bad PUFs and PUFs-inside-PUFs Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2016/322},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/322}},
      url = {https://eprint.iacr.org/2016/322}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.