A Modeling Attack Resistant Scheme Based on Fault Injection

摘要

Physical Unclonable Function (PUFs) as security primitive is an ideal solution to realize lightweight security authentication in the Internet of Things (IoTs) applications. Unfortunately, Strong PUFs such as Arbiter PUFs is subject to modeling attack, modeling attack can create the mathematical models of PUFs based on collected Challenge-Response Pairs (CRPs). In order to enhance the resistance of PUFs against modeling attack, a number of countermeasures have been proposed successively, however, they have limited resistance against modeling attack and is too costly for resource-constraint pervasive devices. In this paper, we propose a lightweight obfuscation techniques based on Fault Injection to resist modeling attack. In our scheme, the mapping of CRPs is broken by injecting random faults into the responses. Even if there is enough CRPs, modeling attack can't create accurate mathematical models, due to the mapping of CRPs is randomization. We implemented our obfuscation scheme based on an improved Arbiter PUFs, and evaluated the modeling attack resistance of basic Arbiter PUFs, improved Arbiter PUFs, and our obfuscation scheme. The experimental result indicates that the prediction accuracy of the improved Arbiter PUF is decreased from about 98% to about 86% and further reduced to about 65% by injecting 25% faults, which is based on the training set of 500,000 CRPs. Hence, the obfuscation techniques based on fault injection can provide an effective protection against modeling attack.