当随机是坏的:选择crp保护puf免受建模攻击

IF 2.7 3区 计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE
Mieszko Ferens;Edlira Dushku;Sokol Kosta
{"title":"当随机是坏的:选择crp保护puf免受建模攻击","authors":"Mieszko Ferens;Edlira Dushku;Sokol Kosta","doi":"10.1109/TCAD.2024.3506217","DOIUrl":null,"url":null,"abstract":"Resource-constrains are a significant challenge when designing secure IoT devices. To address this problem, the physical unclonable function (PUF) has been proposed as a lightweight security primitive capable of hardware fingerprinting. PUFs can provide device identification capabilities by exploiting random manufacturing variations, which can be used for authentication with a verifier that identifies a device through challenge-response interactions with its PUF. However, extensive research has shown that PUFs are inherently vulnerable to machine learning (ML) modeling attacks. Such attacks use challenge-response samples to train ML algorithms to learn the underlying parameters that define the physical PUF. In this article, we present a defensive technique to be used by the verifier called selective challenge-response pairs (CRPs). We propose generating challenges selectively, instead of randomly, to negatively affect the parameters of ML models trained by attackers. Specifically, we provide three methods: 1) binary-coded with padding (BP); 2) random shifted pattern (RSP); and 3) binary shifted pattern (BSP). We characterize them based on Hamming distance patterns, and evaluate their applicability based on their effect on the uniqueness, uniformity, and reliability of the underlying PUF implementation. Furthermore, we analyze and compare their resilience to ML modeling with the traditional random challenges on the well-studied XOR PUF, feed-forward PUF, and lightweight secure PUF, showing improved resilience of up to 2 times the number of CRPs. Finally, we suggest using our method on the interpose PUF to counter reliability-based attacks which can overcome selective CRPs and show that up to 4 times the number of CRPs can be exchanged securely.","PeriodicalId":13251,"journal":{"name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","volume":"44 5","pages":"1648-1661"},"PeriodicalIF":2.7000,"publicationDate":"2024-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"When Random Is Bad: Selective CRPs for Protecting PUFs Against Modeling Attacks\",\"authors\":\"Mieszko Ferens;Edlira Dushku;Sokol Kosta\",\"doi\":\"10.1109/TCAD.2024.3506217\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Resource-constrains are a significant challenge when designing secure IoT devices. To address this problem, the physical unclonable function (PUF) has been proposed as a lightweight security primitive capable of hardware fingerprinting. PUFs can provide device identification capabilities by exploiting random manufacturing variations, which can be used for authentication with a verifier that identifies a device through challenge-response interactions with its PUF. However, extensive research has shown that PUFs are inherently vulnerable to machine learning (ML) modeling attacks. Such attacks use challenge-response samples to train ML algorithms to learn the underlying parameters that define the physical PUF. In this article, we present a defensive technique to be used by the verifier called selective challenge-response pairs (CRPs). We propose generating challenges selectively, instead of randomly, to negatively affect the parameters of ML models trained by attackers. Specifically, we provide three methods: 1) binary-coded with padding (BP); 2) random shifted pattern (RSP); and 3) binary shifted pattern (BSP). We characterize them based on Hamming distance patterns, and evaluate their applicability based on their effect on the uniqueness, uniformity, and reliability of the underlying PUF implementation. Furthermore, we analyze and compare their resilience to ML modeling with the traditional random challenges on the well-studied XOR PUF, feed-forward PUF, and lightweight secure PUF, showing improved resilience of up to 2 times the number of CRPs. Finally, we suggest using our method on the interpose PUF to counter reliability-based attacks which can overcome selective CRPs and show that up to 4 times the number of CRPs can be exchanged securely.\",\"PeriodicalId\":13251,\"journal\":{\"name\":\"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems\",\"volume\":\"44 5\",\"pages\":\"1648-1661\"},\"PeriodicalIF\":2.7000,\"publicationDate\":\"2024-11-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10767354/\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10767354/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

摘要

在设计安全的物联网设备时,资源限制是一个重大挑战。为了解决这个问题,提出了物理不可克隆函数(PUF)作为能够进行硬件指纹识别的轻量级安全原语。PUF可以通过利用随机制造变化来提供设备识别功能,这可以用于验证者的身份验证,验证者通过与PUF的挑战响应交互来识别设备。然而,广泛的研究表明,puf本质上容易受到机器学习(ML)建模攻击。这种攻击使用挑战响应样本来训练ML算法,以学习定义物理PUF的底层参数。在本文中,我们提出了一种被验证者使用的防御技术,称为选择性挑战-响应对(CRPs)。我们建议选择性地生成挑战,而不是随机地,对攻击者训练的ML模型的参数产生负面影响。具体来说,我们提供了三种方法:1)填充二进制编码(BP);2)随机移位模式(RSP);3)二进制移位模式(BSP)。我们基于汉明距离模式来描述它们,并基于它们对底层PUF实现的唯一性、一致性和可靠性的影响来评估它们的适用性。此外,我们在充分研究的XOR PUF、前馈PUF和轻量级安全PUF上分析并比较了它们对ML建模的弹性,并将其与传统随机挑战进行了比较,显示出提高的弹性可达crp数量的2倍。最后,我们建议在插入PUF上使用我们的方法来对抗基于可靠性的攻击,这些攻击可以克服选择性的crp,并表明可以安全地交换多达4倍数量的crp。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
When Random Is Bad: Selective CRPs for Protecting PUFs Against Modeling Attacks
Resource-constrains are a significant challenge when designing secure IoT devices. To address this problem, the physical unclonable function (PUF) has been proposed as a lightweight security primitive capable of hardware fingerprinting. PUFs can provide device identification capabilities by exploiting random manufacturing variations, which can be used for authentication with a verifier that identifies a device through challenge-response interactions with its PUF. However, extensive research has shown that PUFs are inherently vulnerable to machine learning (ML) modeling attacks. Such attacks use challenge-response samples to train ML algorithms to learn the underlying parameters that define the physical PUF. In this article, we present a defensive technique to be used by the verifier called selective challenge-response pairs (CRPs). We propose generating challenges selectively, instead of randomly, to negatively affect the parameters of ML models trained by attackers. Specifically, we provide three methods: 1) binary-coded with padding (BP); 2) random shifted pattern (RSP); and 3) binary shifted pattern (BSP). We characterize them based on Hamming distance patterns, and evaluate their applicability based on their effect on the uniqueness, uniformity, and reliability of the underlying PUF implementation. Furthermore, we analyze and compare their resilience to ML modeling with the traditional random challenges on the well-studied XOR PUF, feed-forward PUF, and lightweight secure PUF, showing improved resilience of up to 2 times the number of CRPs. Finally, we suggest using our method on the interpose PUF to counter reliability-based attacks which can overcome selective CRPs and show that up to 4 times the number of CRPs can be exchanged securely.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
5.60
自引率
13.80%
发文量
500
审稿时长
7 months
期刊介绍: The purpose of this Transactions is to publish papers of interest to individuals in the area of computer-aided design of integrated circuits and systems composed of analog, digital, mixed-signal, optical, or microwave components. The aids include methods, models, algorithms, and man-machine interfaces for system-level, physical and logical design including: planning, synthesis, partitioning, modeling, simulation, layout, verification, testing, hardware-software co-design and documentation of integrated circuit and system designs of all complexities. Design tools and techniques for evaluating and designing integrated circuits and systems for metrics such as performance, power, reliability, testability, and security are a focus.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信