TY - GEN
T1 - EM side-channel analysis of BCH-based error correction for PUF-based key generation
AU - Tebelmann, Lars
AU - Pehl, Michael
AU - Sigl, Georg
N1 - Publisher Copyright:
© 2017 Copyright held by the owner/author(s).
PY - 2017/11/3
Y1 - 2017/11/3
N2 - Physical Unclonable Functions (PUFs) provide a cost-efficient way to store a secure key on a device. But the noisy secret from a PUF must be corrected to generate a stable key. Since the error correction processes secret material, it is a target of attacks. Previous work has shown that single bits of a key can be extracted using a power sidechannel attacks. This work enhances the attack idea. Non-invasive measurement of electromagnetic radiation together with a differential power analysis is shown to be sufficient to extract not only single bits but even the complete key from an error correction used for PUF-based key generation. The efficiency of the basic attack is significantly improved over state of the art using public available preknowledge on the PUF, an advanced correlation method, and parallel manipulation of helper data. The attack is practically demonstrated on an FPGA implementation with concatenated BCH and repetition codes. The results show that, compared to state of the art, a significant improvement by a factor of more than 100 in terms of trace reduction can be achieved.
AB - Physical Unclonable Functions (PUFs) provide a cost-efficient way to store a secure key on a device. But the noisy secret from a PUF must be corrected to generate a stable key. Since the error correction processes secret material, it is a target of attacks. Previous work has shown that single bits of a key can be extracted using a power sidechannel attacks. This work enhances the attack idea. Non-invasive measurement of electromagnetic radiation together with a differential power analysis is shown to be sufficient to extract not only single bits but even the complete key from an error correction used for PUF-based key generation. The efficiency of the basic attack is significantly improved over state of the art using public available preknowledge on the PUF, an advanced correlation method, and parallel manipulation of helper data. The attack is practically demonstrated on an FPGA implementation with concatenated BCH and repetition codes. The results show that, compared to state of the art, a significant improvement by a factor of more than 100 in terms of trace reduction can be achieved.
KW - Electromagnetic emission
KW - Error correcting codes
KW - Fuzzy commitment scheme
KW - Physical unclonable functions
KW - Side-channel analysis
UR - http://www.scopus.com/inward/record.url?scp=85037082745&partnerID=8YFLogxK
U2 - 10.1145/3139324.3139328
DO - 10.1145/3139324.3139328
M3 - Conference contribution
AN - SCOPUS:85037082745
T3 - ASHES 2017 - Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2017
SP - 43
EP - 52
BT - ASHES 2017 - Proceedings of the 2017 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2017
PB - Association for Computing Machinery, Inc
T2 - 1st Workshop on Attacks and Solutions in Hardware Security, ASHES 2017
Y2 - 3 November 2017
ER -