A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication

Yu, Meng-Day; Hiller, Matthias; Delvaux, Jeroen; Sowell, Richard; Devadas, Srinivas; Verbauwhede, Ingrid

Author(s)

Hiller, Matthias; Delvaux, Jeroen; Sowell, Richard; Verbauwhede, Ingrid; Yu, Meng-Day; ... Show more

Downloadlockdown.pdf (439.2Kb)

OPEN_ACCESS_POLICY

Terms of use

Creative Commons Attribution-Noncommercial-Share Alike http://creativecommons.org/licenses/by-nc-sa/4.0/

Metadata

Show full item record

Abstract

We present a lightweight PUF-based authentication approach that is practical in settings where a server authenticates a device, and for use cases where the number of authentications is limited over a device's lifetime. Our scheme uses a server-managed challenge/response pair (CRP) lockdown protocol: unlike prior approaches, an adaptive chosen-challenge adversary with machine learning capabilities cannot obtain new CRPs without the server's implicit permission. The adversary is faced with the problem of deriving a PUF model with a limited amount of machine learning training data. Our system-level approach allows a so-called strong PUF to be used for lightweight authentication in a manner that is heuristically secure against today's best machine learning methods through a worst-case CRP exposure algorithmic validation. We also present a degenerate instantiation using a weak PUF that is secure against computationally unrestricted adversaries, which includes any learning adversary, for practical device lifetimes and read-out rates. We validate our approach using silicon PUF data, and demonstrate the feasibility of supporting 10, 1,000, and 1M authentications, including practical configurations that are not learnable with polynomial resources, e.g., the number of CRPs and the attack runtime, using recent results based on the probably-approximately-correct (PAC) complexity-theoretic framework.

Date issued

2016-04

URI

http://hdl.handle.net/1721.1/110985

Department

Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory; Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Journal

IEEE Transactions on Multi-Scale Computing Systems

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Citation

Yu, Meng-Day, et al. “A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication.” IEEE Transactions on Multi-Scale Computing Systems 2, 3 (July 2016): 146–159 © 2016 Institute of Electrical and Electronics Engineers (IEEE)

Version: Author's final manuscript

ISSN

2332-7766

Collections

MIT Open Access Articles

DSpace@MIT