Modeling attacks on physical unclonable functions

Ulrich Rührmair, Frank Sehnke, Jan Sölter, Gideon Dror, Srinivas Devadas, Jürgen Schmidhuber

Research output: Chapter in Book/Report/Conference proceedingConference contribution

793 Scopus citations

Abstract

We show in this paper how several proposed Physical Unclonable Functions (PUFs) can be broken by numerical modeling attacks. Given a set of challenge-response pairs (CRPs) of a PUF, our attacks construct a computer algorithm which behaves indistinguishably from the original PUF on almost all CRPs. This algorithm can subsequently impersonate the PUF, and can be cloned and distributed arbitrarily. This breaks the security of essentially all applications and protocols that are based on the respective PUF. The PUFs we attacked successfully include standard Arbiter PUFs and Ring Oscillator PUFs of arbitrary sizes, and XOR Arbiter PUFs, Lightweight Secure PUFs, and Feed-Forward Arbiter PUFs of up to a given size and complexity. Our attacks are based upon various machine learning techniques including Logistic Regression and Evolution Strategies. Our work leads to new design requirements for secure electrical PUFs, and will be useful to PUF designers and attackers alike. Copyright 2010 ACM.
Original languageEnglish (US)
Title of host publicationProceedings of the ACM Conference on Computer and Communications Security
Pages237-249
Number of pages13
DOIs
StatePublished - Dec 16 2010
Externally publishedYes

Fingerprint

Dive into the research topics of 'Modeling attacks on physical unclonable functions'. Together they form a unique fingerprint.

Cite this