Paper 2016/606
Strong Machine Learning Attack against PUFs with No Mathematical Model
Fatemeh Ganji, Shahin Tajik, Fabian Fäßler, and Jean-Pierre Seifert
Abstract
Although numerous attacks revealed the vulnerability of different PUF families to non-invasive Machine Learning (ML) attacks, the question is still open whether all PUFs might be learnable. Until now, virtually all ML attacks rely on the assumption that a mathematical model of the PUF functionality is known a priori. However, this is not always the case, and attention should be paid to this important aspect of ML attacks. This paper aims to address this issue by providing a provable framework for ML attacks against a PUF family, whose underlying mathematical model is unknown. We prove that this PUF family is inherently vulnerable to our novel PAC (Probably Approximately Correct) learning framework. We apply our ML algorithm on the Bistable Ring PUF (BR-PUF) family, which is one of the most interesting and prime examples of a PUF with an unknown mathematical model. We practically evaluate our ML algorithm through extensive experiments on BR-PUFs implemented on Field-Programmable Gate Arrays (FPGA). In line with our theoretical findings, our experimental results strongly confirm the effectiveness and applicability of our attack. This is also interesting since our complex proof heavily relies on the spectral properties of Boolean functions, which are known to hold only asymptotically. Along with this proof, we further provide the theorem that all PUFs must have some challenge bit positions, which have larger influences on the responses than other challenge bits.
Metadata
- Available format(s)
- Publication info
- Published by the IACR in CHES 2016
- Keywords
- Machine LearningPAC LearningBoosting TechniqueFourier AnalysisPhysically Unclonable Functions (PUFs)
- Contact author(s)
- stajik @ sec t-labs tu-berlin de
- History
- 2016-06-14: received
- Short URL
- https://ia.cr/2016/606
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/606, author = {Fatemeh Ganji and Shahin Tajik and Fabian Fäßler and Jean-Pierre Seifert}, title = {Strong Machine Learning Attack against {PUFs} with No Mathematical Model}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/606}, year = {2016}, url = {https://eprint.iacr.org/2016/606} }