International Association
for Cryptologic Research

Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. They are typically employed to generate device-unique secret keys. As PUF output bits are noisy and possibly biased or correlated, on-chip digital post-processing is required. Fuzzy

extractors are used to generate reproducible and uniformly distributed keys. Traditionally, they employ an error-correcting code and a cryptographic hash function. Pattern matching key generators

have been proposed as an alternative. In this work, we demonstrate the latter construction to be vulnerable against manipulation of the public helper data. Full key recovery might be possible, although depending on some design choices and one system parameter. We demonstrate our attacks using a 4-XOR arbiter PUF, manufactured in 65nm CMOS technology. We also propose a simple but efficient countermeasure.