Side-channel analysis of PUFs and fuzzy extractors

Dominik Merli; Dieter Schuster; Frederic Stumpf; Georg Sigl

doi:10.1007/978-3-642-21599-5_3

Side-channel analysis of PUFs and fuzzy extractors

Dominik Merli, Dieter Schuster, Frederic Stumpf, Georg Sigl

Chair of Security in Information Technology

Fraunhofer Institute for Secure Information Technology SIT

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

105 Scopus citations

Abstract

Embedded security systems based on Physical Unclonable Functions (PUFs) offer interesting protection properties, such as tamper resistance and unclonability. However, to establish PUFs as a high security primitive in the long run, their vulnerability to side-channel attacks has to be investigated. For this purpose, we analysed the side-channel leakage of PUF architectures and fuzzy extractor implementations. We identified several attack vectors within common PUF constructions and introduce two side-channel attacks on fuzzy extractors. Our proof-of-concept attack on an FPGA implementation of a fuzzy extractor shows that it is possible to extract the cryptographic key derived from a PUF by side-channel analysis.

Original language	English
Title of host publication	Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings
Publisher	Springer Verlag
Pages	33-47
Number of pages	15
ISBN (Print)	9783642215988
DOIs	https://doi.org/10.1007/978-3-642-21599-5_3
State	Published - 2011

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6740 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Keywords

FPGA
Fuzzy Extractor
Helper Data
Physical Unclonable Function (PUF)
Side-Channel Analysis (SCA)

Access to Document

10.1007/978-3-642-21599-5_3

Cite this

Merli, D., Schuster, D., Stumpf, F., & Sigl, G. (2011). Side-channel analysis of PUFs and fuzzy extractors. In Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings (pp. 33-47). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6740 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-642-21599-5_3

Merli, Dominik ; Schuster, Dieter ; Stumpf, Frederic et al. / Side-channel analysis of PUFs and fuzzy extractors. Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings. Springer Verlag, 2011. pp. 33-47 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{cadae710ad3b4668b049042ce2b09b42,

title = "Side-channel analysis of PUFs and fuzzy extractors",

abstract = "Embedded security systems based on Physical Unclonable Functions (PUFs) offer interesting protection properties, such as tamper resistance and unclonability. However, to establish PUFs as a high security primitive in the long run, their vulnerability to side-channel attacks has to be investigated. For this purpose, we analysed the side-channel leakage of PUF architectures and fuzzy extractor implementations. We identified several attack vectors within common PUF constructions and introduce two side-channel attacks on fuzzy extractors. Our proof-of-concept attack on an FPGA implementation of a fuzzy extractor shows that it is possible to extract the cryptographic key derived from a PUF by side-channel analysis.",

keywords = "FPGA, Fuzzy Extractor, Helper Data, Physical Unclonable Function (PUF), Side-Channel Analysis (SCA)",

author = "Dominik Merli and Dieter Schuster and Frederic Stumpf and Georg Sigl",

year = "2011",

doi = "10.1007/978-3-642-21599-5_3",

language = "English",

isbn = "9783642215988",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "33--47",

booktitle = "Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings",

}

Merli, D, Schuster, D, Stumpf, F & Sigl, G 2011, Side-channel analysis of PUFs and fuzzy extractors. in Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6740 LNCS, Springer Verlag, pp. 33-47. https://doi.org/10.1007/978-3-642-21599-5_3

Side-channel analysis of PUFs and fuzzy extractors. / Merli, Dominik; Schuster, Dieter; Stumpf, Frederic et al.
Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings. Springer Verlag, 2011. p. 33-47 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6740 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Side-channel analysis of PUFs and fuzzy extractors

AU - Merli, Dominik

AU - Schuster, Dieter

AU - Stumpf, Frederic

AU - Sigl, Georg

PY - 2011

Y1 - 2011

N2 - Embedded security systems based on Physical Unclonable Functions (PUFs) offer interesting protection properties, such as tamper resistance and unclonability. However, to establish PUFs as a high security primitive in the long run, their vulnerability to side-channel attacks has to be investigated. For this purpose, we analysed the side-channel leakage of PUF architectures and fuzzy extractor implementations. We identified several attack vectors within common PUF constructions and introduce two side-channel attacks on fuzzy extractors. Our proof-of-concept attack on an FPGA implementation of a fuzzy extractor shows that it is possible to extract the cryptographic key derived from a PUF by side-channel analysis.

AB - Embedded security systems based on Physical Unclonable Functions (PUFs) offer interesting protection properties, such as tamper resistance and unclonability. However, to establish PUFs as a high security primitive in the long run, their vulnerability to side-channel attacks has to be investigated. For this purpose, we analysed the side-channel leakage of PUF architectures and fuzzy extractor implementations. We identified several attack vectors within common PUF constructions and introduce two side-channel attacks on fuzzy extractors. Our proof-of-concept attack on an FPGA implementation of a fuzzy extractor shows that it is possible to extract the cryptographic key derived from a PUF by side-channel analysis.

KW - FPGA

KW - Fuzzy Extractor

KW - Helper Data

KW - Physical Unclonable Function (PUF)

KW - Side-Channel Analysis (SCA)

UR - http://www.scopus.com/inward/record.url?scp=85037371734&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-21599-5_3

DO - 10.1007/978-3-642-21599-5_3

M3 - Conference contribution

AN - SCOPUS:85037371734

SN - 9783642215988

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 33

EP - 47

BT - Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings

PB - Springer Verlag

ER -

Merli D, Schuster D, Stumpf F, Sigl G. Side-channel analysis of PUFs and fuzzy extractors. In Trust and Trustworthy Computing - 4th International Conference, TRUST 2011, Proceedings. Springer Verlag. 2011. p. 33-47. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-21599-5_3

Side-channel analysis of PUFs and fuzzy extractors

Abstract

Publication series

Keywords

Access to Document

Other files and links

Fingerprint

Cite this