Simple electromagnetic analysis attack based on geometric leak on ASIC implementation of ring-oscillator PUF
- PDF / 8,884,598 Bytes
- 12 Pages / 595.276 x 790.866 pts Page_size
- 86 Downloads / 190 Views
REGULAR PAPER
Simple electromagnetic analysis attack based on geometric leak on ASIC implementation of ring-oscillator PUF Mitsuru Shiozaki1
· Takeshi Fujino1
Received: 9 April 2020 / Accepted: 18 August 2020 © Springer-Verlag GmbH Germany, part of Springer Nature 2020
Abstract Physically unclonable functions (PUFs) are assumed to provide high tamper resistance against counterfeiting and hardware attacks since PUFs extract inherent physical properties from random and uncontrollable variations in manufacturing. Recent studies have reported on the vulnerabilities of PUFs to physical and mathematical attacks. This paper focuses on the security evaluation of a ring-oscillator PUF (RO PUF) against electromagnetic analysis (EMA) attacks. We designed an RO PUF with a 180-nm CMOS process to evaluate the threats of EMA attacks. The power consumption of this RO PUF is reduced as much as possible to reduce EM leaks, and EMA resistance is enhanced in the layout design. We present the results of EMA attacks on our RO PUF and discuss the threats of such attacks on the application-specific integrated circuit implementation of RO PUFs. We also propose an EMA attack based on geometric leak (Sugawara in: Cryptographic Hardware and Embedded Systems-CHES 2013—15th International Workshop, Santa Barbara, CA, USA, August 20–23, 2013, Proceedings, 2013. https://doi.org/10.1007/978-3-642-40349-1_10) for RO PUFs. All components of an RO PUF are usually arranged in a matrix or array. The geometric periodicity in the layout of RO PUFs leaks secret PUF responses. Though previous studies required identifying oscillation frequency of each RO from measured EMA traces, the proposed attack, called simple EMA attack based on geometric leak, reveals a PUF response from one measured EM trace directly. This attack correctly predicted 94.2% of PUF responses of our RO PUF. We present how a PUF response is revealed from a measured EM trace, suggesting that such an attack poses a serious threat to RO PUFs. Keywords Physically unclonable function (PUF) · Ring-oscillator (RO) PUF · Side-channel attacks (SCAs) · Electromagnetic analysis (EMA) · Simple electromagnetic analysis (SEMA) · Geometric leak
1 Introduction The use of physically unclonable functions (PUFs) [3,16] is gaining attention as a new cryptographic technique. PUFs are assumed to provide high tamper resistance against counterfeiting and hardware attacks since they extract inherent physical properties from random and uncontrollable variations in manufacturing. Vulnerabilities to physical and mathematical attacks with the aim of cloning a PUF have also been reported [5,12–15,18]. Therefore, the security evaluation of PUFs is important.
B
Mitsuru Shiozaki [email protected] Takeshi Fujino [email protected]
1
This paper focuses on the security evaluation of a ringoscillator PUF (RO PUF) [22], one of most popular PUFs, against electromagnetic analysis (EMA) attacks [2,17]. Even though identically designed ROs have been implemented, they oscillate at different frequencies. An RO P
Data Loading...
