Authentication by Substring Matching M Majzoobi M Rostami F Koushanfar D Wallach and S Devadas International Workshop on Trustworthy Embedded Devices San Francisco May 2012 ID: 404331
Download Presentation The PPT/PDF document "Slender PUF Protocol" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Slender PUF Protocol Authentication by Substring Matching
M. Majzoobi, M. Rostami, F. Koushanfar, D. Wallach, and S. Devadas* International Workshop on Trustworthy Embedded Devices, San Francisco, May 2012
1
ACES Lab, Rice
University
*Computation Structures Group, MITSlide2
Traditional digital key-based authentication
Keys stored in non-volatile memoryVerifier sends random number (challenge)Prover signs the number by it’s secret key and sends a responseLimitation
Extra cost of non-volatile memory Physical and side channel attacksIntensive cryptographic algorithms
2
Challenge
Verifier
ProverSlide3
Physical unclonable functions(PUFs)
PUFs based on the inherent, hard to forge, physical disorders Two major types*:Weak PUFStrong PUF3
*Ruhrmair, et al., Book chapter in ‘Intro to Hardware Security and Trust’, Springer’11Slide4
Security based on PUFs:Weak PUFs
Also called Physically Obfuscated Keys (POKs)Limited Challenge-Response PairsBased on ring-oscillators Generate standard digital key for security appsWhen challenged by one (or very few) fixed challenge(s) generates Response(s) depending on its physical disorderResponse(s) is used to generate secret key
Intensive cryptographic algorithm is still needed4
Ruhrmair, et al., Book chapter in ‘
Intro to Hardware Security and Trust’, Springer’11Slide5
Strong PUFs*
Directly used for challenge response authenticationProvide large Challenge-Response Pairs (CRPs)Often exponential w.r.t. system elementsNeither an adversary nor manufacturer should correctly predict the response to a randomly chosen challenge with a high probability**
5*Ruhrmair, et al., Book chapter in ‘
Intro to Hardware Security and Trust’, Springer’11**Gassend, et al., CCS’02Slide6
Delay-based Strong PUF
Compare two paths with an identical delay in design*, **Each challenge selects a unique pair of delay pathsRandom process variation determines which path is fasterAn arbiter outputs 1-bit digital responseMultiple bits can be obtained by either duplicate the circuit or use different challenges
…
c-bit
Challenge
Rising
Edge
1
if top
path is
faster,
else
0
D
Q
1
1
0
0
1
1
0
0
1
1
0
0
1
0
1
0
0
1
0
1
G
Response
*
Suh
and Devadas, DAC 2007
6
*
Gassend
, et al. , SAC’03
**Lee, et al., VLSI Symp’04Slide7
An arbiter PUF can be modeled easily*
Fast modeling compromised security **
Model building
7
*
Majzoobi, Koushanfar,
Potkonjak
, TRETS’08
**
Ruhrmair
, et al., CCS’10Slide8
Lightweight safeguarding of PUFs
Protect against machine learning attacks byBlocking controllability and observability*
Transform challenges
Input network
Block controllability
Block observability
Output network
*
Majzoobi, et
al., ICCAD
‘08
8Slide9
XORed delay-based PUF
Block observability by lossy compressionSwapping the challenge order to improve statistical properties*9
*Majzoobi, et al., ICCAD ‘08Slide10
XORed
delay-based PUFs
Improvement in randomness of responsesStrict Avalanche Criterion
Any transition in the input causes a transition in the output with a probability of 0.5Balances the impact of challenge on output
10Slide11
Model building attack on Xored-PUF
Use XORed PUFs to guard against modeling Harder, but still breakable *Logistic regression, evolutionary strategies Two order of magnitude more CRPs needed 11
*
Ruhrmair
, et al., CCS’10Slide12
Problem with just Xoring
Still breakable Cannot increase XOR layers indefinitely Accumulates error5% 20% for 4 XORA solution* to guard against modeling while robust against errorsUsing error correction codes (ECC) and hashing
Computationally intensive!Not suitable for low-power embedded devices
12
*Gassend, et al., CCS’02Slide13
Desired properties of protocolRobust against model building attacks
Robust against PUF errorsUltra low-power No Hashing No error correction codes 13Slide14
14
Slender PUF
Protocol
Slide15
Communicating partiesProver
Has PUFWill be authenticated Verifier Has a compact soft model of the PUFCompute challenge/response pairsWill authenticate the prover
15
Challenge
Verifier
ProverSlide16
Xored delay-based PUF model
PUF secrets Set of delaysThe secret sharing is performed initially Electronic fuse burned to disable access*
16
Probing here for
model building
*Majzoobi, Koushanfar,
Potkonjak
, TRETS’08Slide17
Malicious parties
Dishonest proverDoes not have access to the PUFWants to pass the authenticationEavesdropper Taps the communication between prover and verifierTries to learn the secretDishonest verifierDoes not have access to the PUF soft model Tries to actively trick the prover to leak information
17Slide18
Slender PUF Protocol
18
Verifier
ProverSlide19
Slender PUF Protocol
19
Verifier
ProverSlide20
Slender PUF Protocol
20
Verifier
ProverSlide21
Slender PUF Protocol
21
Verifier
Prover
The same
seed for both sides
Random if only one of them is honestSlide22
Slender PUF Protocol
22
Verifier
Prover
PRNG
PRNG
Generate challenge stream from seed
The same challenge for both sidesSlide23
Slender PUF Protocol
23Slide24
Slender PUF Protocol
24Slide25
Slender PUF Protocol
25
PUF modeling errorSlide26
26
The index is not transmitted Slide27
27
It reveals minimum information
n
about original response sequence Slide28
Model building attacks
Set
Lsub = 500, L
= 102499% threshold for authentication
99% accuracy in modelingXORed PUF attack: 500,000 CRPs needed500,000 /500=1000 rounds neededHe doesn’t have
ind
…
28Slide29
Brute-force modeling attack
Set Lsub = 500, L = 1024500000/500=1000 rounds of protocol neededIn each one, ind is unknown1024500000/500
= 10241000 models needed to be built
Strict avalanche criteria to avoid correlation attacks
29
2
10000Slide30
Guessing attackDishonest Prover
Honest Prover Perr : PUF error rate30Slide31
Replay attack
Eavesdropping and replying the responsesNonce scheme prevents it If prover and verifier nonces are 128-bit: Size of database for 50%: 2127Very low probability! 31Slide32
Implementation
Same challenge streams should not be usedWe need : PRNG (pseudo random number generator)Challenge stream generation TRNG (true random number generator)Nonce Index of substring (ind
) ind is generated first
PUF is only challenged when necessary
32Slide33
Slender PUF protocol:System overview
33Slide34
TRNG and PRNG
TRNG:PUF basedBased on flip-flop meta-stability 34
M. Majzoobi, et al., CHES, 2011
PRNG:
Need not to be cryptographically secure
LFSR is enough Slide35
Slender PUF Protocol
Previously known protocol*, just SHA-2
Slender PUF
Overhead comparison
35
*Gassend, et al., CCS’02Slide36
Conclusions
Authentication protocol based on PUFs Protect against model building Revealing a partial section of the PUF responses
Based on string matching Resilient against PUF error, without: Error correction
HashingExponentiation
36