International Association
for Cryptologic Research

We show in this paper how several proposed Strong

Physical Unclonable Functions (PUFs) can be broken by numerical

modeling attacks. Given a set of challenge-response pairs

(CRPs) of a Strong PUF, our attacks construct a computer

algorithm which behaves indistinguishably from the original PUF

on almost all CRPs. This algorithm can subsequently impersonate

the PUF, and can be cloned and distributed arbitrarily. This

breaks the security of almost all applications and protocols that

are based on the respective PUF.

The PUFs we attacked successfully include standard Arbiter

PUFs and Ring Oscillator PUFs of arbitrary sizes, and XOR

Arbiter PUFs, Lightweight Secure PUFs, and Feed-Forward

Arbiter PUFs of up to a given size and complexity. The attacks

are based upon various machine learning techniques, including

a specially tailored variant of Logistic Regression and Evolution

Strategies.

Our results were obtained on a large number of CRPs

coming from numerical simulations, as well as four million CRPs

collected from FPGAs and ASICs. The performance on silicon

CRPs is very close to simulated CRPs, confirming a conjecture

from earlier versions of this work. Our findings lead to new

design requirements for secure electrical PUFs, and will be useful

to PUF designers and attackers alike.