Date: Thursday 27 March 2014
Time: 16:00 - 17:30
Location / Room: Konferenz 6

Organiser:
Ulrich Rührmair, TU München, DE

Chair:
Ulf Schlichtmann, TU München, DE

PUFs are an emerging and promising security primitive. However, some strong attacks on their core security features have been reported recently, for example on their unclonability. We discuss the reach, but also the limits of these attacks, aiming at a well-balanced treatment, and also evaluate the future perspectives of the field.

Time	Label	Presentation Title Authors
16:00	12.2.1	PUFS AT A GLANCE Speakers: Ulrich Rührmair1 and Daniel E. Holcomb2 1TU München, DE; 2University of Michigan, US Abstract Physical Unclonable Functions (PUFs) are a new, hardware-based security primitive, which has been introduced just about a decade ago. In this paper, we provide a brief and easily accessible overview of the area. We describe the typical security features, implementations, attacks, protocols uses, and applications of PUFs. Special focus is placed on the two most prominent PUF types, so-called "Weak PUFs" and "Strong PUFs", and their mutual differences.
16:15	12.2.2	PUF MODELING ATTACKS: AN INTRODUCTION AND OVERVIEW Speakers: Ulrich Rührmair1 and Jan Sölter2 1TU München, DE; 2Freie Universität Berlin, DE Abstract Machine learning (ML) based modeling attacks are the currently most relevant and effective attack form for so-called Strong Physical Unclonable Functions (Strong PUFs). We provide an overview of this method in this paper: We discuss the basic conditions under which it is applicable; the ML algorithms that have been used in this context; the latest and most advanced results on simulated and silicon data; the right interpretation of existing results; and possible future research directions.
16:30	12.2.3	HYBRID SIDE-CHANNEL / MACHINE-LEARNING ATTACKS ON PUFS: A NEW THREAT? Speakers: Xiaolin Xu and Wayne Burleson, Umass, Amherst, US Abstract Machine Learning (ML) is a well-studied strategy in modeling Physical Unclonable Functions (PUFs) but reaches its limits while applied on instances of high complexity. To address this issue, side-channel attack is combined to help reduce the computational workload of ML modeling attacks and make it more applicable. In this work, we present the currently known hybrid side-channel attacks on PUFs. A taxonomy is proposed based on the characteristics of different side-channel attacks. The practical reach of some published side-channel attacks is discussed. Both challenges and opportunities for PUF attackers are introduced. Countermeasures against some certain side- channel attacks are also analyzed. To better understand the side-channel attacks on PUFs, three different methodologies of implementing side-channel attacks are compared. At the end of this paper, we bring forward some open problems for this research area.
16:45	12.2.4	PHYSICAL VULNERABILITIES OF PHYSICALLY UNCLONABLE FUNCTIONS Speakers: Clemens Helfmeier, Dmitry Nedospasov, Shahin Tajik, Christian Boit and Jean-Pierre Seifert, Technische Universität Berlin, DE Abstract In recent years one of the most popular areas of research in hardware security has been Physically Unclonable Functions (PUF). PUFs provide primitives for implementing tamper detection, encryption and device fingerprinting. One particularly common application is replacing Non-volatile Memory (NVM) as key storage in embedded devices like smart cards and secure microcontrollers. Though a wide array of PUF have been demonstrated in the academic literature, vendors have only begun to roll out PUFs in their end-user products. Moreover, the improvement to overall system security provided by PUFs is still the subject of much debate. This work reviews the state of the art of PUFs in general, and as a replacement for key storage in particular. We review also techniques and methodologies which make the physical response characterization and physical/digital cloning of PUFs possible.
17:00	12.2.5	PROTOCOL ATTACKS ON ADVANCED PUF PROTOCOLS AND COUNTERMEASURES Speakers: Marten van Dijk1 and Ulrich Rührmair2 1University of Connecticut, US; 2TU München, DE Abstract In recent years, PUF-based schemes have not only been suggested for the basic security tasks of tamper sensitive key storage or system identification, but also for more complex cryptographic protocols like oblivious transfer (OT), bit commitment (BC), or key exchange (KE). These more complex protocols are secure against adversaries in the stand-alone, good PUF model. In this survey, a shortened version of [17], we explain the stronger bad PUF model and PUF re-use model. We argue why these stronger attack models are realistic, and that existing protocols, if used in practice, will need to face these. One consequence is that the design of advanced cryptographic PUF protocols needs to be strongly reconsidered. It suggests that Strong PUFs require additional hardware properties in order to be broadly usable in such protocols: Firstly, they should ideally be erasable, meaning that single PUF-responses can be erased without affecting other responses. If the area efficient implementation of this feature turns out to be difficult, new forms of Controlled PUFs [3] (such as Logically Erasable and Logically Reconfigurable PUFs [6]) may suffice in certain applications. Secondly, PUFs should be certifiable, meaning that one can verify that the PUF has been produced faithfully and has not been manipulated in any way afterwards. The combined implementation of these features represents a pressing and challenging problem for the PUF hardware community.
17:15	12.2.6	QUO VADIS, PUF? TRENDS AND CHALLENGES OF EMERGING PHYSICAL-DISORDER BASED SECURITY Speakers: Masoud Rostami1, Farinaz Koushanfar2, James Wendt3 and Miodrag Potkonjak3 1Rice University, US; 2Rice Unviersity, US; 3UCLA, US Abstract Physical unclonable Function (PUF) has emerged as a popular and widely studied security primitive based on the randomness of the underlying physical medium.To date, most of the research emphasis have been placed on finding new ways to measure randomness, hardware realization and analysis of a few initially proposed structures, and conventional secret-key based protocols. In this work, we suggest our subjective analysis of the emerging and future trends in this area that aim to change the scope, widen the application domain, and make lasting impact. We emphasize on development of new PUF-based primitives and paradigms, robust protocols, public-key protocols, digital PUF, new technologies, implementation, metrics and tests for evaluation/validation, as well as relevant attacks and countermeasures.
17:30		End of session