Fig 5 - uploaded by Fatemeh Ganji

Content may be subject to copyright.

# The settling time of the BR-PUF response: (a) the PUF response after a transient time reaches a stable logical state "1". (b) after a transient time the PUF response is "0". (c) the PUF response does not settle and oscillates for an undefined time period.

Source publication

Although numerous attacks revealed the vulnerability of different PUF families to non-invasive Machine Learning (ML) attacks, the question is still open whether all PUFs might be learnable. Until now, virtually all ML attacks rely on the assumption that a mathematical model of the PUF functionality is known a priori. However, this is not always the...

## Context in source publication

**Context 1**

... this time period the response is in a valid logi- cal level (either "0" or "1") and does not change, and afterwards by doing majority voting on the responses generated for a given challenge the stable CRPs can be collected. However, in the case of BR-PUF family, for a given challenge the settling time of the response to a valid logical level is not known a priori, see figure 5. Furthermore, it is not known whether the response to a given challenge would not be unstable after observ- ing the stable response during some time period (see section 3.1). ...

## Similar publications

Security is one of the most challenging issues in software defined networking (SDN). The security risks in SDN are caused by the inability to detect the contents of the packets. In addition, file transferring to SDN is a vulnerable area that requires more protection against malicious activities at the network level. On the SDN data plane, i.e. the...

## Citations

... We showed that, under the assumption that the nonlinear effects were relatively small, the PUF still acts as a polynomial in the challenge components b i , with the degree of the polynomial determined by the highest order of polarization susceptibility, and thus can be learned with access to polynomially many CRPs in polynomial time (Eqs. 17,18). ...

It is shown that a class of optical physical unclonable functions (PUFs) can be learned to arbitrary precision with arbitrarily high probability, even in the presence of noise, given access to polynomially many challenge-response pairs and polynomially bounded computational power, under mild assumptions about the distributions of the noise and challenge vectors. This extends the results of Rh\"uramir et al. (2013), who showed a subset of this class of PUFs to be learnable in polynomial time in the absence of noise, under the assumption that the optics of the PUF were either linear or had negligible nonlinear effects. We derive polynomial bounds for the required number of samples and the computational complexity of a linear regression algorithm, based on size parameters of the PUF, the distributions of the challenge and noise vectors, and the probability and accuracy of the regression algorithm, with a similar analysis to one done by Bootle et al. (2018), who demonstrated a learning attack on a poorly implemented version of the Learning With Errors problem.

... This context, where intra-chip distances are reduced, 293 but inter-chip distances (although higher) allow differ-294 ent PUF to share 50% of bits (on average) makes mathe-295 matical models for PUF feasible [16]. Different authors 296 have addressed this open issue from different perspec-297 tives, although works on this topic are still sparse. ...

... Models for bistable ring (BR) PUF [14] or twisted 304 bistable ring (TBR) PUF [15] (both PUF based on feed-305 back loops made of multiplexers and NOR gates which 306 must achieve a stable state -the key-) have been re-307 ported. Typical solutions are based on support vector 308 machines (SVM) [18] Finally, some authors are reporting exploratory work 364 on how generic models could be achieved [16]. In this 365 approach, no analytic mathematical model is proposed, 366 but a general algebraic framework that describes the 367 properties that these models should meet and how feasi-368 ble they are [17]. ...

... While, in gateways, we highly 397 an electromagnetic excitation [13]. Second, as binary 403 (Boolean) logical circuits managing binary words [16]. ...

Future Industry 4.0 scenarios are characterized by seamless integration between computational and physical processes. To achieve this objective, dense platforms made of small sensing nodes and other resource constraint devices are ubiquitously deployed. All these devices have a limited number of computational resources, just enough to perform the simple operation they are in charge of. The remaining operations are delegated to powerful gateways that manage sensing nodes, but resources are never unlimited, and as more and more devices are deployed on Industry 4.0 platforms, gateways present more problems to handle massive machine-type communications. Although the problems are diverse, those related to security are especially critical. To enable sensing nodes to establish secure communications, several semiconductor companies are currently promoting a new generation of devices based on Physical Unclonable Functions, whose usage grows every year in many real industrial scenarios. Those hardware devices do not consume any computational resource but force the gateway to keep large key-value catalogues for each individual node. In this context, memory usage is not scalable and processing delays increase exponentially with each new node on the platform. In this paper, we address this challenge through predictor-corrector models, representing the key-value catalogues. Models are mathematically complex, but we argue that they consume less computational resources than current approaches. The lightweight models are based on complex functions managed as Laurent series, cubic spline interpolations, and Boolean functions also developed as series. Unknown parameters in these models are predicted, and eventually corrected to calculate the output value for each given key. The initial parameters are based on the Kane Yee formula. An experimental analysis and a performance evaluation are provided in the experimental section, showing that the proposed approach causes a significant reduction in the resource consumption.

... A literature survey reveals that strong PUFs are more commonly subjected to ML-based modeling attack nowadays [6,24,50]. In such a scheme, the attacker relies on the PUF model considering that it is trained using subset of the PUF CRPs. ...

This paper presents a thorough analysis of two distinct Physically Unclonable Functions (PUF), namely RO-PUF (Ring oscillator-based PUF) and RS-LPUF (RS Latch-based PUF), prototyped on FPGA. It is shown that the implemented PUFs possess significantly enhanced performance when compared to state-of-the-art. It is also identified that the enhancements are achieved through the incorporation of Programmable Delay Lines of FPGA Look-Up Tables, Temporal Majority Voting (TMV) scheme, and placed macro techniques for routing and placements of PUF units. The prototypes developed on Xilinx Artix-7 FPGAs are used for validation over the rated temperature range of 0 − 85°with ±5% variation in the supply voltage. The proposed schemes when evaluated experimentally also achieve good uniformity, bit-aliasing, uniqueness, and reliability. Finally, it is shown that the proposed designs outperform the existing conventional PUFs in the area and speed trade-off. CCS Concepts: • Security and privacy → Security in hardware; Embedded systems security; • Hardware security implementation → Hardware-based security protocols.

... 3). To this end, we develop a systematic methodology through the concept of influential stages [7] to identify which PUF stages should be rolled to flip the responses of the PUF to given challenges. These stages are then reconfigured. ...

... More precisely, adding the attribute noise can have a significant impact on the outputs of the function, but only if influential challenge bits are affected by the attribute noise; otherwise, the output of the function is not flipped [18]. Therefore, before rolling a PUF, it is crucial to determine the influential stages, for instance, by applying an approach proposed in [7], see Fig. 2. ...

The era of PUFs has been characterized by the efforts put into research and the development of PUFs that are resilient against attacks, in particular , machine learning (ML) attacks. Due to the lack of systematic and provable methods for this purpose, we have witnessed the ever-continuing competition between PUF designers/ manufacturers, cryptanalysts, and of course, adversaries that maliciously break the security of PUFs. This is despite a series of acknowledged principles developed in cryptography and complexity theory, under the umbrella term "hardness amplifica-tion". This paper aims at narrowing the gap between these studies and hardware security, specifically for applications in the domain of PUFs. To this end, this paper provides an example of somewhat hard PUFs and demonstrates how to build a strongly secure construction out of these considerably weaker primitives. Our theoretical findings are discussed in an exhaustive manner and supported by the silicon results captured from real-world PUFs 1 .

... In these attacks, the adversary intentionally collects a subset of all CRPs of the PUF to train the model and uses them to derive a numerical model that can accurately predict the responses of unknown challenges. We note that previous works have most often utilized ML based model as a way to attack the strong PUF architectures [18,6,7,19]. The model of a PUF instance is built based on CRPs or some side channel information by using Logistic Regression (LR) [19], Support Vector Machine (SVM) [11] and Evolution Strategies (ES) [6]. ...

... We note that previous works have most often utilized ML based model as a way to attack the strong PUF architectures [18,6,7,19]. The model of a PUF instance is built based on CRPs or some side channel information by using Logistic Regression (LR) [19], Support Vector Machine (SVM) [11] and Evolution Strategies (ES) [6]. In order to resist ML-based modeling attacks, many defense mechanisms are proposed which can be broadly divided into CRP obfuscation [5,17,9,26,27], and nonlinearity addition to the PUF structures [29,22]. ...

... Hence, accurately predicting the value of weight w is lead to the successful modeling of APUF. This can be achieved quite successfully by using several ML algorithms such as LR [19], SVM [11], and (ES) [6]. ...

Physical unclonable function is a promising hardware security primitive that is more suitable for device authentication and key generation applications. However, it is found to be vulnerable to modeling attacks when an attacker has access to challenge and response pairs. In this paper, we examine the machine learning (ML) and deep learning (DL) based modeling attacks on Interpose PUF (IPUF) and also propose two efficient countermeasures based on obfuscating challenge that protects the IPUF against these modeling attacks. We begin by analyzing building blocks of IPUF such as Arbiter PUF (APUF) and XOR Arbiter PUF (XAPUF) against modeling attacks. Subsequently, we show that the IPUF is possible to attack by changing the input position configuration of switch elements in the APUF and reducing the number of arbiter chains in the XAPUF. Finally, we implement the proposed countermeasures on Nexys 4 FPGA boards and collect real measurements. Experimental results show that the implemented countermeasures can mitigate ML and DL modeling attacks significantly.

... In this case, it has been proven that, in general, the challenge bits have different amounts of influence on the response of a PUF to a given challenge. Moreover, [19] has reintroduced property testing in the PUF-related literature. ...

The current chapter aims at establishing a relationship between artificial intelligence (AI) and hardware security. Such a connection between AI and software security has been confirmed and well-reviewed in the relevant literature. The main focus here is to explore the methods borrowed from AI to assess the security of a hardware primitive, namely physically unclonable functions (PUFs), which has found applications in cryptographic protocols, e.g., authentication and key generation. Metrics and procedures devised for this are further discussed. Moreover, By reviewing PUFs designed by applying AI techniques, we give insight into future research directions in this area.

... An adversary who creates a well-trained model can accurately predict the responses of unknown challenges. We note that previous works have most often utilized machine learning based model as a way to attack the PUF circuits [35,37,38] . The model of a PUF instance is built based on CRPs or some side channel information by using Logistic Regression (LR) [37] , Support Vector Machine (SVM) [35] and Evolution Strategies (ES) [38] . ...

... We note that previous works have most often utilized machine learning based model as a way to attack the PUF circuits [35,37,38] . The model of a PUF instance is built based on CRPs or some side channel information by using Logistic Regression (LR) [37] , Support Vector Machine (SVM) [35] and Evolution Strategies (ES) [38] . In order to resist ML based modeling attacks, many defense mechanisms are proposed which can be broadly divided into CRP obfuscation [39] , and non-linearity addition to the PUF structures [40,41] . ...

In recent years, Physically Unclonable Functions (PUFs) have emerged as a promising technique for hardware based security primitives because of its inherent uniqueness and low cost. In this paper, we present an area efficient hybrid PUF design on field-programmable gate array (FPGA). Our approach combines units of conventional RS Latch-based PUF (RS-LPUF) and Arbiter-based PUF (A-PUF) which is then augmented by the programmable delay lines (PDLs) and Temporal Majority Voting (TMV) for performance enhancement. The area of the hybrid PUF is relatively high when compared to few conventional PUF designs, but is significantly small when compared to other composite and hybrid PUF designs reported so far. The measured results on the Xilinx Spartan-6 FPGA demonstrate PUF signatures exhibits good uniqueness, reliability, and uniformity with no occurrence of bit-aliasing.

... However, meeting the requirement of unpredictability is a difficult undertaking. Multiple attacks have been shown to be feasible by taking advantage of CRPs as input to powerful machine learning techniques (see, e.g., [24,56]). ...

One of the main challenges in the internet of things (IoT) will be to guarantee the security of products and services enabled by it. A fundamental assumption in any cryptosystem is that secret-key material remains securely stored and unknown to attackers. To this end, physical unclonable functions have been proposed to store cryptographic secrets without the need to use non-volatile memory. In this work, we show that microelectromechanical systems (MEMS) sensors, ubiquitous in the IoT, can be used to generate a stable nearly fully entropic bit string that can be used as a secret or private key in a cryptographic algorithm. We provide experimental evidence of the stability of our methods by analyzing data from 468 off-the-shelf 3-axis MEMS gyroscopes subjected to different temperatures in the range typically required for consumer applications and standardized aging tests. The investigations are carried out on module level so that packaging influences are considered. We derive unique fingerprints from the sensors based on their characteristics, and we show that the false rejection rate (FRR) and the false acceptance rate (FAR) are below \(1 \times 10^{-6}\) for all applied test conditions. By adding up the values of FRR and the FAR, the highest probability for an authentication error is \(4.1 \times 10^{-6}\). Furthermore, we extract stable keys from the fingerprints. The extracted key length lies in a range between 27 and 150 bits depending on the applied test conditions and the used entropy estimation method.

... To further study the resistance for ML attack, a more powerful evaluation scheme suite was used. This test can be regarded as a provable framework for ML attacks against a PUF family, whose underlying mathematical model is unknown [31]. ...

... Numerous ML attacks, including LR and ES, rely on the assumption that a mathematical model of the PUF functionality is known in advance. Paper [31] provided a provable framework for ML attacks against a PUF family, whose underlying mathematical model is unknown. The author suggested that the number of Boolean variables k affecting the Boolean function should be computed. ...

An arbiter physical unclonable function (APUF) has exponential challenge‐response pairs and is easy to implement on field‐programmable gate arrays (FPGAs). However, modeling attacks based on machine learning have become a serious threat to APUFs. Although the modeling‐attack resistance of an MA‐APUF has been improved considerably by architecture modifications, the response generation method of an MA‐APUF results in low uniqueness. In this study, we demonstrate three design problems regarding the low uniqueness that APUF‐based strong PUFs may exhibit, and we present several foundational principles to improve the uniqueness of APUF‐based strong PUFs. In particular, an improved MA‐APUF design is implemented in an FPGA and evaluated using a well‐established experimental setup. Two types of evaluation metrics are used for evaluation and comparison. Furthermore, evolution strategies, logistic regression, and K‐junta functions are used to evaluate the security of our design. The experiment results reveal that the uniqueness of our improved MA‐APUF is 81.29% (compared with that of the MA‐APUF, 13.12%), and the prediction rate is approximately 56% (compared with that of the MA‐APUF (60%‐80%).

... They further analyzed the PUFs in the context of security protocols in [128]. We note that previous works have most often utilized machine learning based models as a way to attack many PUF circuits [32,43,127]. The model of a PUF instance is built based on CRPs or some side channel information by using Logistic Regression (LR) [127], Support Vector Machine (SVM) [55] or Evolutionary Strategies (ES) [43]. ...

... We note that previous works have most often utilized machine learning based models as a way to attack many PUF circuits [32,43,127]. The model of a PUF instance is built based on CRPs or some side channel information by using Logistic Regression (LR) [127], Support Vector Machine (SVM) [55] or Evolutionary Strategies (ES) [43]. In order to resist modeling attacks, many defense mechanisms are proposed. ...

Internet of Things (IoT) is a vast and rapidly growing technology right now
in the world of innovation. Billions of new electronic devices are going to be
connected to the internet in wide-ranging applications. With this massive increase
in adoption and utilization of new technology, security vulnerabilities are growing
exponentially as well. Traditionally, conventional cryptographic primitives are
used in order to provide security of these devices. The security of the cryptographic
protection relies on the secrecy of the key. Typically, secret keys, which are
used as device identification (IDs), are stored in non-volatile memories (NVMs),
and combine cryptographic primitives to implement information encryption and
authentication. However, through such traditional technique, secret keys are
vulnerable to various kinds of attacks and can be easily obtained or cloned.
Further, maintaining such secrets in NVMs is difficult and expensive. In addition,
random key generation and key exchange are also very challenging in secure IoT
applications.
Physically Unclonable Function (PUF) promises to be a critical hardware security
primitive to provide an alternative method to create unique signatures (IDs)
from complex physical characteristics of ICs rather than storing the IDs in
non-volatile memories. Eventually these IDs can be used to authenticate
devices and also to generate secret keys for cryptographic functions. A True
Random Number generator (TRNG) is another important hardware security
primitive that generates high entropy random numbers (keys) from a physical
process for use in key exchange/agreement, encryption, and digital signature,
etc. The IoT infrastructure adopts a large number of these hardware-based
security primitives in order to securely exchange data in an effective and
resource efficient manner. Furthermore, one of the major requirements of PUF
and TRNG intended for IoT applications is that the device area must be
efficiently utilized. Unfortunately, the huge area consumption of many PUF
and TRNG implementations on Field-Programmable Gate Arrays (FPGAs) made
them infeasible in IoT environments. Therefore, we undertake the study and
development of new techniques to design, develop and implement highly efficient
PUFs and TRNG for FPGAs in the context of IoT applications in this thesis.
In the first part of this thesis, we study different techniques for improving
performance characteristics of PUFs. In this context, we carry out the design,
development, implementation and evaluation of four major types of PUFs has for
IoT security. These PUFs fall in three categories: memory based, delay based or
hybrid PUFs. The first design we study is RS-Latch based which is a memory
based PUF. Next two designs are Ring oscillator and Arbiter based, and fall in
the category of delay based PUF. The fourth design is a hybrid of RS Latch
and Arbiter PUF designs. All the four designs have been thoroughly tested on
FPGA devices. The enhancement in performance of the new designs is achieved
through the incorporation of various novel techniques. Performance metrics of
these designs have been presented and compared to the state of the art PUFs.
It has also been shown that the proposed designs yield the most area-efficient
conventional and hybrid PUFs reported so far. Moreover, the proposed PUFs are
resistant to temperature, supply voltage, and correlated process variations making
them attractive for IoT applications.
In the second part of this thesis, we design and develop a ring oscillators based
true random number generation on FPGA. The quality of generated true random
bits can be improved by employing different new techniques. Subsequently
experimental evaluation and comparisons with existing techniques are presented.
Further, our proposed implementation provides a very good area-throughput
trade-off and high entropy rate of the produced output bits when compared to
the existing state-of-the-art.
Lastly, in the third part of this work, we focus on efficient FPGA implementation
of elliptic curve based authenticated key agreement protocol for IoT devices
using PUF and TRNG. In this context, we design and develop a novel hardware
architecture for Binary Edwards Curve (BEC) point multiplication. Subsequently,
an FPGA design of elliptic curve based key agreement protocol (ECMQV) using
PUF and TRNG is presented. The obtained implementation results show that the
proposed architecture yields a better performance when compared to the existing
state-of-the-art.