Ahmed Bendary , Wendson A.S. Barbosa , Andrew Pomerance , C. Emre Koksal
{"title":"Evaluating the Unpredictability of Multi-Bit Strong PUF Classes","authors":"Ahmed Bendary , Wendson A.S. Barbosa , Andrew Pomerance , C. Emre Koksal","doi":"10.1016/j.jisa.2025.104234","DOIUrl":null,"url":null,"abstract":"<div><div>With advances in machine learning (ML), cybersecurity solutions and security primitives are becoming increasingly vulnerable to successful attacks. Strong Physical Unclonable Functions (PUFs) emerge as a potential countermeasure that offers high resistance to such attacks. In this paper, we introduce a generalized attack model that leverages the collective responses of multiple PUF chips within the same class to improve the prediction accuracy of responses for unobserved challenges, in contrast to traditional single-chip approaches. Furthermore, we propose an information-theoretic framework for assessing the unpredictability of multi-bit strong PUF classes, demonstrating that the Entropy Rate is a pivotal metric for evaluating their resilience against ML attacks. Our proposed entropy rate estimation serves as a model-agnostic, information-theoretic lower bound on the unpredictability that holds regardless of the attack strategy used, including ML-based ones. We argue that the Uniqueness measure, defined in terms of entropy, provides a more precise and consistent evaluation compared to traditional metrics based on Hamming distance. Additionally, we present a computationally efficient method for calculating the finite-order Entropy Rate of the hybrid Boolean network (HBN) PUF, addressing the challenges posed by high dimensionality. The experimental results validate the high unpredictability and resistance of the HBN PUF class against ML attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104234"},"PeriodicalIF":3.7000,"publicationDate":"2025-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625002716","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
With advances in machine learning (ML), cybersecurity solutions and security primitives are becoming increasingly vulnerable to successful attacks. Strong Physical Unclonable Functions (PUFs) emerge as a potential countermeasure that offers high resistance to such attacks. In this paper, we introduce a generalized attack model that leverages the collective responses of multiple PUF chips within the same class to improve the prediction accuracy of responses for unobserved challenges, in contrast to traditional single-chip approaches. Furthermore, we propose an information-theoretic framework for assessing the unpredictability of multi-bit strong PUF classes, demonstrating that the Entropy Rate is a pivotal metric for evaluating their resilience against ML attacks. Our proposed entropy rate estimation serves as a model-agnostic, information-theoretic lower bound on the unpredictability that holds regardless of the attack strategy used, including ML-based ones. We argue that the Uniqueness measure, defined in terms of entropy, provides a more precise and consistent evaluation compared to traditional metrics based on Hamming distance. Additionally, we present a computationally efficient method for calculating the finite-order Entropy Rate of the hybrid Boolean network (HBN) PUF, addressing the challenges posed by high dimensionality. The experimental results validate the high unpredictability and resistance of the HBN PUF class against ML attacks.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.