LAUSR

A physical unclonable function (PUF) generates hardware intrinsic volatile secrets by exploiting uncontrollable manufacturing randomness. Several PUF candidates use challenge-response pairs (CRPs) to enhance their security. A practically plausible idea for PUF is to use the technique called n-Choose-k-Sum (nCk) structure/topology, exemplified by the memristive device based on strong PUF (mrSPUF). The previous analysis claimed that nCk-PUF is resilient to modeling attacks. This paper provides numerical security evaluations on simulated CRPs – we first construct a mathematical model of nCk-PUF, and then analyze the possibility of modeling attacks using machine learning (ML). Our analysis demonstrates that our modeling attacks could break the unpredictability of nCk-PUF even though the non-linearity of nCk-PUF could be increased due to XOR-operations on its circuit. Our analysis demonstrates that our modeling attacks could break the unpredictability of nCk-PUF even though the non-linearity of nCk-PUF could be increased due to XOR-operations on its circuit. Consequently, our analysis suggest that n-Choose-k-Sum PUFs (including mrSPUF) sharing similar topology could be insecure. It should be careful when utilizing nCk-PUF for strong PUF applications, and it is suggested to add some security blocks to protect the challenge-response interface, such as the Lockdown-PUF with additional random number generator (RNG), TREVERSE with additional Hash.