A novel reliability attack of Physical Unclonable Functions

TL;DR

This paper introduces a new reliability-based attack on PUFs that can break even those protected by majority voting, highlighting vulnerabilities in current defense strategies.

Contribution

It presents a novel reliability representation and an attack method that successfully compromises highly reliable PUFs protected by majority voting.

Findings

Reliability-based ML attacks can crack majority-voting protected PUFs.

A new reliability representation enables more effective attacks.

Majority voting does not fully prevent reliability-based attacks.

Abstract

Physical Unclonable Functions (PUFs) are emerging as promising security primitives for IoT devices, providing device fingerprints based on physical characteristics. Despite their strengths, PUFs are vulnerable to machine learning (ML) attacks, including conventional and reliability-based attacks. Conventional ML attacks have been effective in revealing vulnerabilities of many PUFs, and reliability-based ML attacks are more powerful tools that have detected vulnerabilities of some PUFs that are resistant to conventional ML attacks. Since reliability-based ML attacks leverage information of PUFs' unreliability, we were tempted to examine the feasibility of building defense using reliability enhancing techniques, and have discovered that majority voting with reasonably high repeats provides effective defense against existing reliability-based ML attack methods. It is known that majority voting reduces but does not eliminate unreliability, we are motivated to investigate if new attack methods exist that can capture the low unreliability of highly but not-perfectly reliable PUFs, which led to the development of a new reliability representation and the new representation-enabled attack method that has experimentally cracked PUFs enhanced with majority voting of high repetitions.