Exposing Vulnerabilities in Counterfeit Prevention Systems Utilizing Physically Unclonable Surface Features

TL;DR

Counterfeit risks threaten public health and safety, and paper-PUFs offer a cost-effective authentication approach based on intrinsic microscopic paper surface features. The authors formalize a four-stage operational framework and experimentally demonstrate both physical denial-of-service and digital forgery attacks that can disrupt or defeat paper-PUF-based authentication. Through stage-by-stage threat analysis and practical attacks, the work reveals critical vulnerabilities and provides guidance for resilient system design, including potential countermeasures like revocable hashing and cryptographic protections. The study underscores the gap between theoretical unclonability and real-world deployment, shaping future secure counterfeit-prevention solutions.

Abstract

Counterfeit products pose significant risks to public health and safety through infiltrating untrusted supply chains. Among numerous anti-counterfeiting techniques, leveraging inherent, unclonable microscopic irregularities of paper surfaces is an accurate and cost-effective solution. Prior work of this approach has focused on enabling ubiquitous acquisition of these physically unclonable features (PUFs). However, we will show that existing authentication methods relying on paper surface PUFs may be vulnerable to adversaries, resulting in a gap between technological feasibility and secure real-world deployment. This gap is investigated through formalizing an operational framework for paper-PUF-based authentication. Informed by this framework, we reveal system-level vulnerabilities across both physical and digital domains, designing physical denial-of-service and digital forgery attacks to disrupt proper authentication. The effectiveness of the designed attacks underscores the strong need for security countermeasures for reliable and resilient authentication based on paper PUFs. The proposed framework further facilitates a comprehensive, stage-by-stage security analysis, guiding the design of future counterfeit prevention systems. This analysis delves into potential attack strategies, offering a foundational understanding of how various system components, such as physical features and verification processes, might be exploited by adversaries.

Figures (8)

• Figure 1: Visualization of physically unclonable features (PUFs) of papers in the form of (a) an RGB image, (b) a topographical map, (c) a confocal microscope scan, reproduced from rehberger2007topographical, and (d) a 2D projection of a matrix of 3D microscopic normal vectors (referred to as the norm map). The literature has demonstrated that the intricate microstructures of paper have strong authentication performance in counterfeit prevention systems. This work reveals critical security vulnerabilities in state-of-the-art paper-PUF-based authentication systems, which must be addressed before widespread deployment.
• Figure 2: Illustration of a paper-PUF-based authentication system deployed in a pharmaceutical supply chain: (a) A patient, Alice, receives a medicine package from a manufacturer, Bob. She uses an open-source app to verify the medicine's authenticity by comparing extracted PUF features with those pre-stored in Bob's reference database. Mallory, the adversary, has two primary goals: (1) To disrupt authentication through physically sabotaging the PUF verification region, introducing ambiguity between genuine wear and tear and malicious tampering, and (2) to authenticate counterfeit medicines as genuine through infiltrating Bob's system. (b) A genuine medicine package, containing a PUF verification region on the paper packaging, is treated as a single inseparable entity so that the authenticity of the medicine is tied to its packaging. We use this paper-PUF-based authentication system to explore realistic adversarial possibilities.
• Figure 3: The norm map based anti-counterfeiting system framework $\mathcal{A} = (f,\phi,\mathcal{D},\delta)$ is divided into operational stages 1--4. We characterize the set of all potential vulnerabilities using this operational framework and highlight the most vulnerable links using red dashed arrows. Physical denial-of-service attacks aim to sabotage image acquisition and preprocessing. Spoofing attacks inject malicious inputs that authenticate counterfeit products as genuine. Synthetic generation attacks leverage state-of-the-art generative models to create fake features capable of passing authentication. Template leakage attacks seek to overwrite or extract stored reference features. Reverse engineering attacks estimate input images based on leaked reference features. Hill-climbing attacks iteratively adjust query features to digitally forge a PUF that successfully passes authentication.
• Figure 4: Geometrically aligned images of paper patches after the following physical attacks: (a) scratching, (b) physical patching, (c) scribbling with 25% and 50% attack strengths, respectively, and (d) crumpling.
• Figure 5: Impact of physical denial-of-service attacks to correlation under matched (in black) and unmatched cases (in red) (a) without attack, and with (b) scratching attack, (c) physical patching attack, and (d) scribbling attack. All three physical DoS attacks (performed at the 25% attack strength) successfully narrow the gaps between the histograms of matched and unmatched cases, thereby reducing authentication accuracy.

Theorems & Definitions (1)

• proof