Monday, June 25, 2012

Study Group: Side-channels and PUFs

The last study group was chaired by Simon Hoerder and Philipp Grabher where the focus was on selected topics of Physically Unclonable Functions (PUFs). So what is the big deal with these PUFs? A PUF is a physical structure, in which, a unique challenge-response pair depends on manufacturing variations. The challenge-response pair is unique for each chip and can not be controlled during the manufacturing process, i.e., when it is used in a clever way, it can be useful, for instance, for authentication purposes. In this case each chip has some kind of unique "fingerprint". That's the most common way of using PUFs, e.g., as lightweight authentication mechanism in RFID tags.

In the first part, Simon introduced the basic definition of PUFs and definitions of PUF categories, like Strong PUFs, Controlled PUFs and Weak PUFs. Following the paper "Modelling Attacks on Physical Unclonable Functions" by Ulrich Rührmair, Frank Sehnke, Jan Sölter and Gideon Dror, Simon presented attacks on selected delay-based PUFs. Considering different types of PUFs like Arbiter PUF, XOR Arbiter PUF, Lightweight Secure PUF, Feed-Forwared Arbiter PUFs and Ring Oscilator PUFs, it is possible to build a model, using machine learning algorithms like Support Vector Machine, Logistic Regression, Evolution Strategies. In other words, gathering enough challenge-response pairs from a PUF and apply certain machine learning algorithms it is possible to predict other challenge-response pairs without any further access to the physical structure.

The next paper "A Formal Foundation for the Security Features of Physical Functions" by Frederik Armknecht, Roel Maes, Ahmad-Reza Sadeghi, Francois-Xavier Standaert and Christian Wachsmann, introduced us to a formal approach of PUFs, e.g., we discussed topics like existential physical unclonability, selective physical unclonability and weak/strong unpredictability.

The second part covered by Philipp focused more on practical attacks on PUFs. The discussion was based on two papers: "Semi-invasive EM attack on FPGA RO PUFs and countermeasures" and "Side-Channel Analysis of PUFs and Fuzzy Extractor" both by Dominik Merli, Dieter Schuster, Frederic Stumpf and Georg Sigl. Although a good PUF design should remain resistant against invasive and semi-invasive attacks (any modification of the PUF structure should change its behaviour), the first paper shows that sometimes this case doesn't hold and, e.g., titled Ring Oscillator based PUF is vulnerable to semi-invasive electromagnetic (EM) analysis attacks. In the second paper, the threat of side-channel attacks is being discussed when mounted on various PUF implementations.

All in all, Physically Unclonable Functions is an active filed of research, and there is not doubt that we see in the future many more interesting results both in theoretical as well as in practical implementations.

No comments:

Post a Comment