Cryptology ePrint Archive: Report 2019/312

Side-Channel Analysis of the TERO PUF

Lars Tebelmann and Michael Pehl and Vincent Immler

Abstract: Physical Unclonable Functions (PUFs) have the potential to provide a higher level of security for key storage than traditional Non-Volatile Memory (NVM). However, the susceptibility of the PUF primitives to non-invasive Side-Channel Analysis (SCA) is largely unexplored. While resistance to SCA was indicated for the Transient Effect Ring Oscillator (TERO) PUF, it was not backed by an actual assessment. To investigate the physical security of the TERO PUF, we first discuss and study the conceptual behavior of the PUF primitive to identify possible weaknesses. We support our claims by conducting an EM-analysis of a TERO design on an FPGA. When measuring TERO cells with an oscilloscope in the time domain, a Short Time Fourier Transform (STFT) based approach allows to extract the relevant information in the frequency domain. By applying this method we significantly reduce the entropy of the PUF. Our analysis shows the vulnerability of not only the originally suggested TERO PUF implementation but also the impact on TERO designs in general. We discuss enhancements of the design that potentially prevent the TERO PUF from exposing the secret and point out that regarding security the TERO PUF is similar to the more area-efficient Ring Oscillator PUF.

Category / Keywords: TERO PUF, Side-Channel Analysis, Non-Invasive, EM Side-Channel, Physical Unclonable Function

Original Publication (in the same form): In: Polian I., Stöttinger M. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2019. Lecture Notes in Computer Science, vol 11421. Springer, Cham

Date: received 20 Mar 2019, last revised 22 Mar 2019

Contact author: lars tebelmann at tum de

Available format(s): PDF | BibTeX Citation

Version: 20190322:130557 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]