CRO-PUF: Resilience to machine learning and differential power attacks

Abstract

Internet-connected electrical appliances in the Internet of Things (IoT) exchange vital data daily. IoT devices use cryptographic techniques with secret keys to encrypt and decrypt data, ensuring data integrity and preventing unauthorized access. The security of these keys is crucial. Physically Unclonable Functions (PUFs) provide unique and unclonable keys, but many PUFs struggle with key randomness and are vulnerable to attacks like Machine Learning-related Modeling (MLMo) and Differential Power Analysis (DPA) attacks. This work introduces a Crossover Ring Oscillator (CRO) PUF for robust cryptographic key generation. The proposed CRO offers the optimal key selection technique to choose the most resilient keys, demonstrating significant resistance against MLMo and DPA attacks. We evaluate CRO PUF’s keys’ resistance against MLMo attacks using six widely used classifier techniques: Decision Tree (DT), Random Forest (RF), Support Vector Machine (SVM), Naive Bayes (NB), K-Nearest Neighbors (KNN), and Logistic Regression (LR). The results indicate that the optimal-selected keys can withstand MLMo attacks, achieving extreme resilience, and also show robustness against DPA attacks. The hardware overhead of the CRO PUF is lower than that of other lightweight PUFs, while maintaining resilience against both MLMo and DPA attacks, highlighting its efficiency and lightweight nature.