PUFs in Security Protocols: Attack Models and Security Evaluations

Rührmair, Ulrich; Dijk, Marten van

doi:10.1109/sp.2013.27

Cited by 109 publications

(93 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To reiterate, the "attacks" presented in points 5 and 6 are not attacks on the protocols presented in this paper. It was already known (from the work of [CF01,CKL03]) and mentioned in our work before [RvD13] appeared, that our protocols are not secure in other attack models. Indeed in the standard model (i.e., when no honest PUF exists and malicious PUFs can always communicate with their creators) our protocols can not be UC secure as UC security is impossible in the standard model.…”

Section: Our Contributionmentioning

confidence: 89%

“…A recent paper by van Dijk and Ruhrmair [RvD13] claims certain "attacks" on protocols presented in this paper. We discuss their claims in this section.…”

Section: Our Contributionmentioning

confidence: 93%

“…The "attacks" on our protocols are noted in points 3, 5 and 6 in the Our Results subsection of Section I of [RvD13]. We will discuss the attacks mentioned in points 5 and 6 first.…”

Section: Our Contributionmentioning

confidence: 99%

“…As is clearly stated by the authors of [RvD13] themselves in their paper multiple times 5 , attacks in points 5 and 6 are "[..] outside the original attack models of the respective papers." This means that their attacks use properties of PUFs not present in our model, and therefore, have no consequence on the security of our protocols.…”

Section: Our Contributionmentioning

confidence: 99%

See 3 more Smart Citations

Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions

Ostrovsky

Scafuro²,

Visconti

et al. 2013

Advances in Cryptology – EUROCRYPT 2013

View full text Add to dashboard Cite

Physically Uncloneable Functions (PUFs) [Pap01] are noisy physical sources of randomness. As such, they are naturally appealing for cryptographic applications, and have caught the interest of both theoreticians and practitioners. A major step towards understanding and securely using PUFs was recently taken in [Crypto 2011] where Brzuska, Fischlin, Schröder and Katzenbeisser model PUFs in the Universal Composition (UC) framework of Canetti [FOCS 2001]. Their model considers trusted PUFs only, and thus real-world adversaries can not create malicious PUFs, and can access the physical object only via the prescribed procedure. However, this does not accurately reflect real-life scenarios, where an adversary could be able to create and use malicious PUFs, or access the PUF through other procedures.The goal of this work is to extend the model proposed in [Crypto 2011] in order to capture such real-world attacks. The main contribution of this work is the study of the Malicious PUFs model. Namely, we extend the PUF functionality of Brzuska et al. so that it allows the adversary to create arbitrarily malicious PUFs. Then, we provide positive results in this, more realistic, model. We show that, under computational assumptions, it is possible to UC-securely realize any functionality. Furthermore, we achieve unconditional (not UC) security with malicious PUFs, by showing a statistically hiding statistically binding commitment scheme that uses one PUF only, and such PUF can be malicious.As an additional contribution, we investigate another attack model, where adversaries access to a trusted PUF in a different way (i.e., not following the prescribed procedure). Technically this attack translates into the fact that the simulator cannot observe the queries made to an honest PUF. In this model, queries are oblivious to the simulator, and we call it the "Oblivious Query" model. We are able to achieve unconditionally UC-secure computation, even in this more severe model. This protocol is secure against stronger adversaries compared to the ones of Brzuska et al.Finally, we show the impossibility of UC secure computation in the combination of the above two new models, where the real-world adversary can create malicious PUFs and maliciously access to honest PUFs.Our work sheds light on the significant power and applicability of PUFs in the design of cryptographic protocols modeling adversaries that misbehave with PUFs.

show abstract

Section: Our Contributionmentioning

confidence: 89%

“…A recent paper by van Dijk and Ruhrmair [RvD13] claims certain "attacks" on protocols presented in this paper. We discuss their claims in this section.…”

Section: Our Contributionmentioning

confidence: 93%

“…The "attacks" on our protocols are noted in points 3, 5 and 6 in the Our Results subsection of Section I of [RvD13]. We will discuss the attacks mentioned in points 5 and 6 first.…”

Section: Our Contributionmentioning

confidence: 99%

Section: Our Contributionmentioning

confidence: 99%

See 2 more Smart Citations

Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions

Ostrovsky

Scafuro²,

Visconti

et al. 2013

Advances in Cryptology – EUROCRYPT 2013

View full text Add to dashboard Cite

show abstract

“…The physical behavior of a PUF can be modeled mathematically [RvD13,MRMK13]. This way, an equivalent circuit to a specific PUF can be designed to replace the genuine device.…”

Section: Robustnessmentioning

confidence: 99%

Modeling and Design of Ring Oscillators and their Application in Radiation Environments

Sáenz¹

View full text Add to dashboard Cite

Random Nanofracture‐Enabled Physical Unclonable Function

Zhang

Shu

Zhang

et al. 2021

Adv Materials Technologies

View full text Add to dashboard Cite

measures are primarily based on digital cryptographic signature or physical identification tag. [8][9][10] Digital cryptographic keys generated by pseudo-random mathematic functions need to be programmed into nonvolatile memory, accompanied with complicate tamper resilient devices to protect the keys from side-channel attacks. [11] Physical identification tags such as radiofrequency identification tags (RFID), [1,12] holograms, [13,14] graphical tags, [15] watermarks, [16] security inks, [17,18] barcode, [19][20][21] and chemical tag [9,22] have already been introduced to the consumer products for property protection. Nonetheless, these tags are made in deterministic processes, thus are vulnerable to clone attacks due to the low complexity and high predictability. More complex molecular tags could be adopted with an increase in cost, and can only be accessible in specialized laboratory. [23][24][25] To combat the rising tide of counterfeiting, physical unclonable function (PUF, or physical one-way function) has been introduced. [26,27] PUF is made from an indeterministic stochastic process, whose fingerprint-like response is difficult to predict upon external stimulus, thereby naturally immune to the clone attack. The sufficiently large complexity of PUF also renders it effective against brute force reverse engineering and tamper attack. [28] Conventional integrated circuit (IC) based PUFs typically utilize the inherent variations in the gate and wire time delays (e.g., arbiter PUF [29,30] and ring oscillator PUF [31] ) or local mismatches (e.g., SRAM PUF, [32] latch PUF, [33] flip-flop PUF [34] ) as the source of randomness. IC based PUF is convenient for on-chip integration owing to its CMOS compatibility, but is vulnerable to model building attack due to the relatively low complexity and large bit error rate. Emerging technologies with higher degree of complexity such as phase change memory, [35] interfacial magnetic anisotropy, [36] carbon nanotube field effect transistor, [37][38][39][40] memristor [41][42][43][44][45] are proposed with an exponential increase in cost and fabrication difficulty. Chemically synthesized PUFs can afford large encoding capacity, small footprint and low production cost by measuring readily detectable characteristics such as scattering speckle image, [26,[46][47][48] fingerprint like textures, [49][50][51] fluorescence or lasing [25,[52][53][54][55][56] surface enhanced Raman signature, [57][58][59][60] and unpredictable defects and patterns in 2D materials. [61,62] The complexity of chemical PUFs can easily be scaled Physical unclonable function (PUF) is promising for anticounterfeiting and security applications. In this paper, a PUF concept is demonstrated based on the stochastic generation of nanodot matrix via mechanical stripping of a gold film kirigami with arrayed nanoscale split-ring cuts. The random occurrence of nanofracture of metallic nanoconnection at split-ring parts results in unpredictable remaining (labeled as "1") or peeling-off (labeled as "0") of nanodots in ea...

show abstract

PUFs in Security Protocols: Attack Models and Security Evaluations

Cited by 109 publications

References 25 publications

Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions

Universally Composable Secure Computation with (Malicious) Physically Uncloneable Functions

Modeling and Design of Ring Oscillators and their Application in Radiation Environments

Random Nanofracture‐Enabled Physical Unclonable Function

Contact Info

Product

Resources

About