International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Combining Optimization Objectives: New Modeling Attacks on Strong PUFs

Johannes Tobisch , Max Planck Institute for Security and Privacy, Bochum, Germany
Anita Aghaie , Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany
Georg T. Becker , DCSO, Berlin, Germany
DOI: 10.46586/tches.v2021.i2.357-389
Search ePrint
Search Google
Abstract: Strong Physical Unclonable Functions (PUFs), as a promising security primitive, are supposed to be a lightweight alternative to classical cryptography for purposes such as device authentication. Most of the proposed candidates, however, have been plagued by modeling attacks breaking their security claims. The Interpose PUF (iPUF), which has been introduced at CHES 2019, was explicitly designed with state-of-the-art modeling attacks in mind and is supposed to be impossible to break by classical and reliability attacks. In this paper, we analyze its vulnerability to reliability attacks. Despite the increased difficulty, these attacks are still feasible, against the original authors’ claim. We explain how adding constraints to the modeling objective streamlines reliability attacks and allows us to model all individual components of an iPUF successfully. In order to build a practical attack, we give several novel contributions. First, we demonstrate that reliability attacks can be performed not only with covariance matrix adaptation evolution strategy (CMA-ES) but also with gradient-based optimization. Second, we show that the switch to gradient-based reliability attacks makes it possible to combine reliability attacks, weight constraints, and Logistic Regression (LR) into a single optimization objective. This framework makes modeling attacks more efficient, as it exploits knowledge of responses and reliability information at the same time. Third, we show that a differentiable model of the iPUF exists and how it can be utilized in a combined reliability attack. We confirm that iPUFs are harder to break than regular XOR Arbiter PUFs. However, we are still able to break (1,10)-iPUF instances, which were originally assumed to be secure, with less than 107 PUF response queries.
Video from TCHES 2021
  title={Combining Optimization Objectives: New Modeling Attacks on Strong PUFs},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2021, Issue 2},
  author={Johannes Tobisch and Anita Aghaie and Georg T. Becker},