Early RTL Analysis for SCA Vulnerability in Fuzzy Extractors of Memory-Based PUF Enabled Devices

TL;DR

This paper presents an early RTL analysis method to identify timing side-channel vulnerabilities in fuzzy extractors used in PUF-enabled devices, aiming to prevent potential security breaches during hardware design.

Contribution

It introduces a novel approach for early detection of timing SCA vulnerabilities in FEs at RTL stage, enhancing security in PUF-based hardware implementations.

Findings

Feasibility demonstrated on BCH and Reed-Solomon decoders

Early RTL analysis can identify timing leakages effectively

Method helps prevent security breaches in PUF devices

Abstract

Physical Unclonable Functions (PUFs) are gaining attention in the cryptography community because of the ability to efficiently harness the intrinsic variability in the manufacturing process. However, this means that they are noisy devices and require error correction mechanisms, e.g., by employing Fuzzy Extractors (FEs). Recent works demonstrated that applying FEs for error correction may enable new opportunities to break the PUFs if no countermeasures are taken. In this paper, we address an attack model on FEs hardware implementations and provide a solution for early identification of the timing Side-Channel Attack (SCA) vulnerabilities which can be exploited by physical fault injection. The significance of this work stems from the fact that FEs are an essential building block in the implementations of PUF-enabled devices. The information leaked through the timing side-channel during the error correction process can reveal the FE input data and thereby can endanger revealing secrets. Therefore, it is very important to identify the potential leakages early in the process during RTL design. Experimental results based on RTL analysis of several Bose-Chaudhuri-Hocquenghem (BCH) and Reed-Solomon decoders for PUF-enabled devices with FEs demonstrate the feasibility of the proposed methodology.