Does Sophisticating Double Arbiter PUF Design Ensure its Security? Performance and Security Assessments on 5-1 DAPUF

• Published in: 2020 IEEE International Conference on Big Data (Big Data) pp. 1788 - 1795
• Main Authors: Alamro, Meznah A., Mursi, Khalid T., Zhuang, Yu, Alkatheiri, Mohammed Saeed, Aseeri, Ahmad O.
• Format: Conference Proceeding
• Language: English
• Published: IEEE 10.12.2020
• Subjects: Authentication; Big Data; Circuit stability; Double Arbiter PUF; Field programmable gate arrays; FPGA; Hardware Security; Internet of Things; Machine learning; Physical Unclonable Functions; Resilience; Security; Stability analysis
• DOI: 10.1109/BigData50022.2020.9378194

Double Arbiter PUFs (DAPUFs) were developed as a variant to XOR PUFs to improve resilience against machine learning attacks. A recent study on DAPUFs of sizes up to 4-1 DAPUFs showed that all examined DAPUFs were vulnerable to machine learning attacks when attackers have access to a large number of challenge-response pairs (CRPs) [1], [10]. In this paper, we implemented the 5-1 DAPUF on field programmable gate arrays (FPGAs), larger than all previously implemented DAPUFs, and carried out performance evaluations of 5-1 DAPUFs on various properties including response randomness, uniqueness, stability, and security vulnerability. Experimental study on 5-1 DAPUFs shows that responses from the same 5-1 DAPUF circuit to different challenges are adequately highly distinguishable from each other while responses generated on different devices to the same challenges are different enough. 5-1 DAPUF also records the highest randomness among all tested sizes of DAPUFs. However, the stability issue is exacerbated in 5-1 DAPUF, a drawback that is also revealed in earlier studies of DAPUFs. Machine learning attack experiments show that 5-1 DAPUF is more resilient than other DAPUFs, but its responses could still be modeled when an attacker is able to accumulate a large number of CRPs.