Get an update on changes of the IACR web-page here. For questions, contact newsletter (at) iacr.org. You can also receive updates via:
To receive your credentials via mail again, please click here.
You can also access the full news archive.
In this paper, a brief survey of eminent ultralightweight authentication protocols has been presented & then a four-layer security model, which comprises of various passive and active attacks, has been proposed. Cryptanalysis of these protocols has also been performed under the implications of the proposed security model
After the analysis, we found that these protocols do not possess the desirable security attributes.
greatly increases the success rate of DPA attacks in the presence of high noise. The experimental results on both simulated power traces and real power traces are also provided as an evidence.
channel attacks on Strong Physical Unclonable Functions (Strong
PUFs). We illustrate our method by the example of the two
currently most secure (CCS 2010, IEEE T-IFS 2013) electrical
Strong PUFs, so-called XOR Arbiter PUFs and Lightweight
PUFs, and successfully attack them at sizes and complexities
far beyond the reach of pure modeling techniques (CCS 2010,
IEEE T-IFS 2013).
Our approach makes use of the first power and timing
side channels on PUFs reported in the literature. Both provide
information on the single outputs of the many parallel Arbiter
PUFs inside an XOR Arbiter PUF or Lightweight PUF, and
indicate how many of these single outputs (in sum) were equal
to one (and how many were equal to zero) before they entered
the final XOR gate. Taken for itself, this side channel information
is of little value. But if combined with suitably adapted machine
learning techniques, it substantially changes attack performance:
It reduces the empirically estimated complexities for modeling the
above two PUFs from exponential (CCS 2010, IEEE T-IFS) to
low degree polynomial.
The practical viability of our attacks is firstly demonstrated
by SPICE simulations, and by subsequent ML experiments on
numerically simulated CRPs. We thereby confirm attacks on the
two above PUFs for up to 16 XORs and challenge bitlengths
of up to 512. Secondly, we execute a full experimental proof-ofconcept
for our timing side channel, successfully attacking FPGA implementations of the two above PUF types for 8, 12, and 16
XORs, and bitlengths 64, 128, 256 and 512. We implement these
sizes for the first time in the literature in silicon, and subsequently attack them successfully by our new methods. We remark that in recent works (CCS 2010, IEEE T-IFS 2013), 8 XOR architectures
with bitlength 512 had been explicitly suggested as secure and
beyond the reach of current attacks.
Finally, we discuss efficient countermeasures against our power
and timing side channels. They could and should be used to secure
future Arbiter PUF generations against the latter.
Our ideas seem to be particularly suitable for signature schemes whose security, in the random oracle model, is based on standard worst-case computational assumptions. Our signatures are shorter than any previous proposal for provably-secure signatures based on standard lattice problems: at the 128-bit level we improve signature size from (more than) 16500 bits to around 9000 to 12000 bits.