Paper 2021/958

When the Decoder Has to Look Twice: Glitching a PUF Error Correction

Jonas Ruchti, Michael Gruber, and Michael Pehl

Abstract

Physical Unclonable Functions (PUFs) have been increasingly used as an alternative to non-volatile memory for the storage of cryptographic secrets. Research on side channel and fault attacks with the goal of extracting these secrets has begun to gain interest but no fault injection attack targeting the necessary error correction within a PUF device has been shown so far. This work demonstrates one such attack on a hardware fuzzy commitment scheme implementation and thus shows a new potential attack threat existing in current PUF key storage systems. After presenting evidence for the overall viability of the profiled attack by performing it on an FPGA implementation, countermeasures are analysed: we discuss the efficacy of hashing helper data with the PUF-derived key to prevent the attack as well as codeword masking, a countermeasure effective against a side channel attack. The analysis shows the limits of these approaches. First, we demonstrate the criticality of timing in codeword masking by confirming the attack's effectiveness on ostensibly protected hardware. Second, our work shows a successful attack without helper data manipulation and thus the potential for sidestepping helper data hashing countermeasures.

Note: Under review for publication.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in Tches 2022
Keywords
physical unclonable functionfuzzy commitment schemefault attacksafe error attackclock glitchmasking
Contact author(s)
j ruchti @ tum de
m pehl @ tum de
History
2022-04-21: last of 2 revisions
2021-07-22: received
See all versions
Short URL
https://ia.cr/2021/958
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/958,
      author = {Jonas Ruchti and Michael Gruber and Michael Pehl},
      title = {When the Decoder Has to Look Twice: Glitching a PUF Error Correction},
      howpublished = {Cryptology ePrint Archive, Paper 2021/958},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/958}},
      url = {https://eprint.iacr.org/2021/958}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.