Examination of Double Arbiter PUFs on Security against Machine Learning Attacks

Abstract

Security is important for the functioning of Internet-of-Things (IoTs). Many IoT devices are closely physically approachable by the crowd, making cryptographic key-based security protocols vulnerable to side-channel attacks. Physical Unclonable Functions (PUF) are emerging as a promising keyless solution by utilizing inherent variations of integrated circuits (ICs) to produce different responses from different devices. While physically unclonable, some PUFs were reported to be mathematically clonable by machine learning (ML) methods. XOR PUFs are a group of PUFs mathematically clonable when a large number of challenge-response pairs (CRPs) are available to attackers. Double Arbiter PUFs (DAPUFs) were developed for increased security against machine learning attacks over XOR PUFs, and studies showed that DAPUFs are highly secure against attacks using Support Vector Machine (SVM). In this paper, we investigate how secure DAPUFs are against neural network-based attack methods and compare the DAPUFs’ performance with that of XOR PUFs. The results confirm with existing studies on DAPUFs’ higher security when compared with XOR PUFs, but also discovered that DAPUFs are not secure against neural network-based attacks if attackers can obtain a large number of CRPs, revealing a security vulnerability of those DAPUFs we examined in this study.