Attacking Delay-based PUFs with Minimal Adversary Model
Hongming Fei, Owen Millwood, Prosanta Gope, Jack Miskelly, Biplab Sikdar
TL;DR
The paper tackles the security evaluation of delay-based PUFs by proposing a universal, minimal-information attack framework. It introduces Mixture-of-PUF-Experts (MoPE) and its multi-gate extension (MMoPE) to model diverse PUF types under a Minimal Viable Adversary, using limited information beyond CRPs. Empirical results show successful attacks on XOR-APUFs (including single and multi-XOR variants), homogeneous and heterogeneous FF-APUFs, and Interpose PUFs, across simulated and silicon data, with notable improvements in multi-PUF scenarios. The framework provides a practical, fair benchmark for PUF security and offers designers a tool to assess resilience without exposing internal designs, while highlighting the trade-offs between memory, time, and cross-PUF generalization.
Abstract
Physically Unclonable Functions (PUFs) provide a streamlined solution for lightweight device authentication. Delay-based Arbiter PUFs, with their ease of implementation and vast challenge space, have received significant attention; however, they are not immune to modelling attacks that exploit correlations between their inputs and outputs. Research is therefore polarized between developing modelling-resistant PUFs and devising machine learning attacks against them. This dichotomy often results in exaggerated concerns and overconfidence in PUF security, primarily because there lacks a universal tool to gauge a PUF's security. In many scenarios, attacks require additional information, such as PUF type or configuration parameters. Alarmingly, new PUFs are often branded `secure' if they lack a specific attack model upon introduction. To impartially assess the security of delay-based PUFs, we present a generic framework featuring a Mixture-of-PUF-Experts (MoPE) structure for mounting attacks on various PUFs with minimal adversarial knowledge, which provides a way to compare their performance fairly and impartially. We demonstrate the capability of our model to attack different PUF types, including the first successful attack on Heterogeneous Feed-Forward PUFs using only a reasonable amount of challenges and responses. We propose an extension version of our model, a Multi-gate Mixture-of-PUF-Experts (MMoPE) structure, facilitating multi-task learning across diverse PUFs to recognise commonalities across PUF designs. This allows a streamlining of training periods for attacking multiple PUFs simultaneously. We conclude by showcasing the potent performance of MoPE and MMoPE across a spectrum of PUF types, employing simulated, real-world unbiased, and biased data sets for analysis.