Effect of Aging on PUF Modeling Attacks based on Power Side-Channel Observations
Trevor Kroeger1,a, Wei Cheng2,b, Sylvain Guilley2,3,c, Jean-Luc Danger2,3,d and Naghmeh Karimi1,e
1CSEE Department University of Maryland Baltimore County Baltimore, MD 21250
2LTCI, CNRS, Télécom ParisTech Université Paris-Saclay 75 013 Paris, France
3Think Ahead Business Line Secure-IC S.A.S.75 015 Paris, France
aTrevor.Kroeger@umbc.edu
bWei.Cheng@umbc.edu
cSylvain.Guilley@telecom-paristech.fr
dJean-Luc.Danger@telecom-paristech.fr
eNaghmeh.Karimi@secure-ic.com
ABSTRACT
Thanks to the imperfections in manufacturing process, Physically Unclonable Functions (PUFs) produce their unique outputs for given input signals (challenges) fed to identical circuitry designs. PUFs are often used as hardware primitives to provide security, e.g., for key generation or authentication purposes. However, they can be vulnerable to modeling attacks that predict the output for an unknown challenge, based on a set of known challenge/response pairs (CRPs). In addition, an attacker may benefit from power side-channels to break a PUFs’ security. Although such attacks have been extensively discussed in literature, the effect of device aging on the efficacy of these attacks is still an open question. Accordingly, in this paper, we focus on the impact of aging on Arbiter-PUFs and one of its modelingresistant counterparts, the Voltage Transfer Characteristic (VTC) PUF. We present the results of our SPICE simulations used to perform modeling attack via Machine Learning (ML) schemes on the devices aged from 0 to 20 weeks. We show that aging has a significant impact on modeling attacks. Indeed, when the training dataset for ML attack is extracted at a different age than the evaluation dataset, the attack is greatly hindered despite being performed on the same device. We show that the ML attack via power traces is particularly efficient to recover the responses of the anti-modeling VTC PUF, yet aging still contributes to enhance its security.
Keywords: Physically Unclonable Function, ISO/IEC 20897, Modeling Attacks, Side-Channel Attacks, Device Aging.