Set-based Obfuscation for Strong PUFs against Machine Learning Attacks

TL;DR

This paper introduces a set-based obfuscation method for strong PUFs that effectively resists machine learning attacks with minimal hardware overhead, maintaining high security even against extensive CRP collection.

Contribution

The proposed Random Set-based Obfuscation (RSO) method enhances PUF security by dynamically updating response sets and obfuscating challenges, significantly reducing attack success rates.

Findings

Prediction accuracy drops to ~50% under attack

RSO maintains security with low hardware overhead

Effective against various machine learning models

Abstract

Strong physical unclonable function (PUF) is a promising solution for device authentication in resourceconstrained applications but vulnerable to machine learning attacks. In order to resist such attack, many defenses have been proposed in recent years. However, these defenses incur high hardware overhead, degenerate reliability and are inefficient against advanced machine learning attacks such as approximation attacks. In order to address these issues, we propose a Random Set-based Obfuscation (RSO) for Strong PUFs to resist machine learning attacks. The basic idea is that several stable responses are derived from the PUF itself and pre-stored as the set for obfuscation in the testing phase, and then a true random number generator is used to select any two keys to obfuscate challenges and responses with XOR operations. When the number of challenge-response pairs (CRPs) collected by the attacker exceeds the given threshold, the set will be updated immediately. In this way, machine learning attacks can be prevented with extremely low hardware overhead. Experimental results show that for a 64x64 Arbiter PUF, when the size of set is 32 and even if 1 million CRPs are collected by attackers, the prediction accuracies of Logistic regression, support vector machines, artificial neural network, convolutional neural network and covariance matrix adaptive evolutionary strategy are about 50% which is equivalent to the random guessing.