Abstract
The Internet of things (IoT) ecosystem has grown exponentially with the convergence of various technologies such as deep learning, sensor systems, and advances in computing platforms. With such a highly pervasive nature of “smart” devices, the nature of data being collected and processed can be increasingly private and require safeguards to ensure the data’s integrity and security. Physically unclonable functions (PUFs) have emerged as a lightweight, viable security protocol in the Internet of Things (IoT) framework. Malicious modeling of PUF architectures has proven to be difficult due to the inherently stochastic nature of PUF architectures. In this work, we show that knowledge of the underlying PUF structure is unnecessary to clone a PUF. We tackle the problem of cloning PUF-based edge nodes in different settings such as unencrypted, encrypted, and obfuscated challenges in an IoT framework. We present a novel non-invasive, architecture-independent, machine learning attack for robust PUF designs and can handle encryption and obfuscation-based security measures on the transmitted challenge response pairs (CRPs). We show that the proposed framework can successfully clone different PUF architectures, including those encrypted using two (2) different encryption protocols in DES and AES and with varying degrees of obfuscation. We also show that the proposed approach outperforms a two-stage brute force attack model. Finally, we offer a machine learning-based countermeasure, a discriminator, which can distinguish cloned PUF devices and authentic PUFs with an average accuracy of 96%. The proposed discriminator can be used for rapidly authenticating millions of IoT nodes remotely from the cloud server.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Aman MN, Chua KC, Sikdar B. Hardware Primitives-Based Security Protocols for the Internet of Things. In: Cryptographic Security Solutions for the Internet of Things, 2019:117–141. IGI Global
Aman, MN, Taneja S, Sikdar B, Chua KC, Alioto M. Token-based security for the Internet of Things with dynamic energy-quality tradeoff. IEEE Internet Things J. 2018;6(2):2843–2859.
Bokefode JD, Bhise AS, Satarkar PA, Modani DG. Developing a secure cloud storage system for storing IoT data by applying role based encryption. Proc Comput Sci. 2016;89:43–50.
Braeken A. PUF based authentication protocol for IoT. Symmetry. 2018;10(8):352.
Cam-Winget N, Sadeghi A, Jin Y. Can IoT be secured: Emerging challenges in connecting the unconnected. In: Proceedings of the 53rd Annual Design Automation Conference, 2016:122. ACM
Chatterjee U, Chakraborty RS, Mukhopadhyay D. A PUF-based secure communication protocol for IoT. ACM Trans Embed Comput Syst (TECS). 2017;16(3):67.
Chatterjee U, Govindan V, Sadhukhan R, Mukhopadhyay D, Chakraborty RS, Mahata D, Prabhu MM. Building PUF based authentication and key exchange protocol for IoT without explicit crps in verifier database. IEEE Transactions on Dependable and Secure Computing. 2018.
Coppersmith D. The data encryption standard (DES) and its strength against attacks. IBM J Res Dev. 1994;38(3):243–50.
Daemen J, Rijmen V. The design of Rijndael: AES-the advanced encryption standard. Berlin: Springer; 2013.
Dodis Y, Reyzin L, Smith A. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin C, Camenisch JL, editors. Advances in cryptology. Berlin, Heidelberg: EUROCRYPT 2004; 2004. p. 523–40.
Ganji F, Tajik S, Fäßler F, Seifert JP. Strong machine learning attack against PUFs with no mathematical model. Cryptology ePrint Archive, Report 2016/606 (2016). https://eprint.iacr.org/2016/606.
Gao Y, Li G, Ma H, Al-Sarawi SF, Kavehei O, Abbott D, Ranasinghe DC. Obfuscated challenge-response: A secure lightweight authentication mechanism for puf-based pervasive devices. In: 2016 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops), 2016:1–6. IEEE
Goodfellow I, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, Bengio Y. Generative adversarial nets. Ad Neural Inform Process Syst. 2014;2014:2672–80.
Herder C, Yu MD, Koushanfar F, Devadas S. Physical unclonable functions and applications: a tutorial. Proc IEEE. 2014;102(8):1126–41. https://doi.org/10.1109/JPROC.2014.2320516.
Idriss T, Idriss H, Bayoumi M. A PUF-based paradigm for IoT security. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), 2016:700–705. IEEE
Ishai Y, Prabhakaran M, Sahai A, Wagner D. Private circuits II: keeping secrets in tamperable circuits. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2006:308–327. Springer
Islam SA, Katkoori S. High-level synthesis of key based obfuscated RTL datapaths. In: 2018 19th International Symposium on Quality Electronic Design (ISQED), 2018:407–412. https://doi.org/10.1109/ISQED.2018.8357321
Islam SA, Sah LK, Katkoori S. Empirical word-level analysis of arithmetic module architectures for hardware trojan susceptibility. In: 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), 2018:109–114. https://doi.org/10.1109/AsianHOST.2018.8607170
Laguduva V, Islam SA, Aakur S, Katkoori S, Karam R. Machine learning based iot edge node security attack and countermeasures. In: 2019 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), 2019:670–675. IEEE
Maes R, Tuyls P, Verbauwhede I. Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In: Cryptographic hardware and embedded systems-CHES 2009, 2009:332–347. Springer
Mahmoud A, Rührmair U, Majzoobi M, Koushanfar F. Combined modeling and side channel attacks on strong PUFs. Cryptology ePrint Archive, Report 2013/632 (2013). https://eprint.iacr.org/2013/632.
Meguerdichian S, Potkonjak M. Device aging-based physically unclonable functions. In: 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC), 2011:288–289. IEEE
Mispan MS, Halak B, Zwolinski M. Lightweight obfuscation techniques for modeling attacks resistant PUFs. In: 2017 IEEE 2nd International Verification and Security Workshop (IVSW), 2017:19–24. https://doi.org/10.1109/IVSW.2017.8031539
Ostrovsky R, Scafuro A, Visconti I, Wadia A. Universally composable secure computation with (malicious) physically uncloneable functions. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2013:702–718. Springer
Pappu R, Recht B, Taylor J, Gershenfeld N. physical one-way functions. Science. 2002;297(5589):2026–30. https://doi.org/10.1126/science.1074376. http://science.sciencemag.org/content/297/5589/2026.
Ramnath VL, Aakur SN, Katkoori S. Latent space modeling for cloning encrypted PUF-based authentication. In: IFIP International Internet of Things Conference, 2019:142–158. Springer
Ray S, Bhunia S, Jin Y, Tehranipoor M. security validation in IoT space. In: 2016 IEEE 34th VLSI Test Symposium (VTS), 2016:1–1. IEEE
Rostami M, Majzoobi M, Koushanfar F, Wallach DS, Devadas S. Robust and reverse-engineering resilient puf authentication and key-exchange by substring matching. IEEE Trans Emerg Top Comput. 2014;2(1):37–49. https://doi.org/10.1109/TETC.2014.2300635.
Rostami M, Majzoobi M, Koushanfar F, Wallach DS, Devadas S. Robust and reverse-engineering resilient PUF authentication and key-exchange by substring matching. IEEE Trans Emerg Top Comput. 2014;2(1):37–49.
Rührmair U. Oblivious transfer based on physical unclonable functions. In: Acquisti A, Smith SW, Sadeghi AR, editors. Trust and trustworthy computing. Berlin Heidelberg: Springer; 2010. p. 430–40.
Rührmair U, Holcomb DE. PUFs at a glance. In: 2014 Design, Automation Test in Europe Conference Exhibition (DATE), 2014:1–6 . https://doi.org/10.7873/DATE.2014.360
Rührmair U, Sehnke F, Sölter J, Dror G, Devadas S, Schmidhuber J. modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS ’10, 2010:237–249. ACM, New York, NY, USA. https://doi.org/10.1145/1866307.1866335.
Rührmair U, Xu X., Sölter J, Mahmoud A. Koushanfar F, Burleson W. Power and timing side channels for pufs and their efficient exploitation. Cryptology ePrint Archive, Report 2013/851 (2013). https://eprint.iacr.org/2013/851.
Sehgal A, Perelman V, Kuryla S, Schonwalder J. Management of resource constrained devices in the internet of things. IEEE Commun Mag. 2012;50(12):144–9.
Srivastava N. Improving neural networks with dropout. Univ Toronto. 2013;182(566):7.
Stergiou C, Psannis KE, Kim BG, Gupta B. Secure integration of IoT and cloud computing. Fut Gen Comput Syst. 2018;78:964–75.
Suh GE, Devadas S. Physical unclonable functions for device authentication and secret key generation. In: 2007 44th ACM/IEEE Design Automation Conference, 2007:9–14
Suo H, Wan J, Zou C, Liu J. Security in the internet of things: a review. In: 2012 international conference on computer science and electronics engineering, vol. 3, 2012:648–651. IEEE
Vijayakumar A, Patil VC, Prado CB, Kundu S. Machine learning resistant strong PUF: Possible or a pipe dream? In: 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2016:19–24. https://doi.org/10.1109/HST.2016.7495550
Wang X, Zhang J, Schooler EM, Ion M. Performance evaluation of attribute-based encryption: Toward data privacy in the IoT. In: 2014 IEEE International Conference on Communications (ICC), 2014:725–730. IEEE
Yang K, Forte D, Tehranipoor M. Protecting endpoint devices in IoT supply chain. In: Proceedings of the IEEE/ACM International Conference on Computer-Aided Design, 2015:351–356. IEEE Press
Ye J, Hu Y, Li X. RPUF: Physical unclonable function with randomized challenge to resist modeling attack. In: 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST), 2016:1–6. https://doi.org/10.1109/AsianHOST.2016.7835567
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the topical collection “Hardware-Assisted Security Solutions for Electronic Systems” guest edited by Himanshu Thapliyal, Saraju P. Mohanty, Wujie Wen and Yiran Chen.
Rights and permissions
About this article
Cite this article
Laguduva, V.R., Katkoori, S. & Karam, R. Machine Learning Attacks and Countermeasures for PUF-Based IoT Edge Node Security. SN COMPUT. SCI. 1, 282 (2020). https://doi.org/10.1007/s42979-020-00303-y
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-020-00303-y