Georg T. Becker scite author profile

In this paper we demonstrate the first real-world cloning attack on a commercial PUF-based RFID tag. The examined commercial PUFs can be attacked by measuring only 4 protocol executions, which takes less than 200 ms. Using a RFID smartcard emulator, it is then possible to impersonate, i.e., "clone" the PUF. While attacking the 4-way PUF used by these tags can be done using traditional machine learning attacks, we show that the tags can still be attacked if they are configured as presumably secure XOR PUFs. We achieved this by using a new reliability-based machine learning attack that uses a divide-and-conquer approach for attacking the XOR PUFs. This new divide-and-conquer approach results in only a linear increase in needed number of challenge and responses for increasing numbers of XORs. This is in stark contrast to the state-of-the-art machine learning attacks on XOR PUFs that are shown to have an exponential increase in challenge and responses. Hence, it is now possible to attack XOR PUF constructs that were previously believed to be secure against machine learning attacks. Since XOR Arbiter PUFs are one of the most popular and promising electrical strong PUF designs, our reliability-based machine learning attack raises doubts that secure and lightweight electrical strong PUFs can be realized in practice.

show abstract

Stealthy Dopant-Level Hardware Trojans

Becker

et al. 2013

View full text Add to dashboard Cite

On the Pitfalls of Using Arbiter-PUFs as Building Blocks

Becker

2015

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

111

View full text Add to dashboard Cite

Physical unclonable functions (PUFs) have emerged as a promising solution for securing resource-constrained embedded devices such as RFID tokens. PUFs use the inherent physical differences of every chip to either securely authenticate the chip or generate cryptographic keys without the need of nonvolatile memory. However, PUFs have shown to be vulnerable to model building attacks if the attacker has access to challenge and response pairs. In these model building attacks, machine learning is used to determine the internal parameters of the PUF to build an accurate software model. Nevertheless, PUFs are still a promising building block and several protocols and designs have been proposed that are believed to be resistant against machine learning attacks. In this paper, we take a closer look at two such protocols, one based on reverse fuzzy extractors and one based on pattern matching. We show that it is possible to attack these protocols using machine learning despite the fact that an attacker does not have access to direct challenge and response pairs. The introduced attacks demonstrate that even highly obfuscated responses can be used to attack PUF protocols. Hence, this paper shows that even protocols in which it would be computationally infeasible to compute enough challenge and response pairs for a direct machine learning attack can be attacked using machine learning.Index Terms-Evolution strategies (ES), machine learning, physical unclonable functions (PUFs), reverse fuzzy extractor.

show abstract

On the Scaling of Machine Learning Attacks on PUFs with Application to Noise Bifurcation

Tobisch

Becker

2015

View full text Add to dashboard Cite

Side-channel based watermarks for integrated circuits

Becker

Kasper

Moradi

et al. 2010

View full text Add to dashboard Cite

Intellectual property (IP) right violations are an increasing problem for hardware designers. Illegal copies of IP cores can cause multi-million dollar damages and are thus considered a serious threat. One possible solution to this problem can be digital watermarking schemes for integrated circuits. We propose a new watermarking technique that employs sidechannels as building blocks and can easily and reliably be detected by methods adapted from side-channel analysis. The main idea is to embed a unique signal into a side-channel of the device that serves as a watermark. This enables circuit designers to check integrated circuits for unauthorized use of their watermarked cores. The watermark is hidden below the noise floor of the side channel and is thus hidden from third parties. Furthermore, the proposed schemes can be implemented with very few gates and are thus even harder to detect and to remove. The proposed watermarks can also be realized in a programmable fashion to leak a digital signature.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Georg T. Becker

The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs

Stealthy Dopant-Level Hardware Trojans

On the Pitfalls of Using Arbiter-PUFs as Building Blocks

On the Scaling of Machine Learning Attacks on PUFs with Application to Noise Bifurcation

Side-channel based watermarks for integrated circuits

Contact Info

Product

Resources

About