The hardware primitives known as Physically Unclonable Functions (PUFs) generate unique signatures based on uncontrollable variations which occur during the manufacturing process of silicon chips. These signatures are in turn used for securing Integrated Circuits either as a secret key for cryptographic modules, or as a medium for authenticating devices. Naturally being a security primitive, PUFs are the target for attacks as such it is important to mitigate such vulnerabilities. This paper in particular investigates PUFs’ vulnerability to power-based modeling attacks. Here, we expand upon our previous simulation based Cross-PUF attacks by targeting PUFs realized in real-silicon; namely, we consider PUFs deployed in Field-Programmable Gate Array (FPGA) fabrics. In Cross-PUF attacks, a model of a reference PUF is used to attack another PUF realized from the same HSPICE simulated design or the same bitstream in FPGA. We also investigate the impact of such attacks on multi-bit parallel PUFs. The HSPICE simulation results are compared vis-a-vis with the FPGA implementation outcome of these attacks confirming the effectiveness of such simulations. Finally we show that a combination of Dual Rail logic and Random Initialization logic, named DRILL, can be effectively used to thwart such power-based modeling attacks.

被称为物理不可克隆函数 (PUF) 的硬件原语基于硅芯片制造过程中发生的不可控变化生成独特的签名。这些签名又用于保护集成电路的安全，既可以作为密码模块的密钥，也可以作为验证设备的媒介。作为一种安全原语，PUF 自然是攻击的目标，因此减轻此类漏洞非常重要。本文特别研究了 PUF 对基于功率的建模攻击的脆弱性。在这里，我们通过针对在真实硅中实现的 PUF 扩展了我们之前基于模拟的 Cross-PUF 攻击；即，我们考虑部署在现场可编程门阵列 (FPGA) 结构中的 PUF。在跨 PUF 中攻击时，参考 PUF 的模型用于攻击从相同 HSPICE 模拟设计或 FPGA 中相同比特流实现的另一个 PUF。我们还调查了此类攻击对多位并行 PUF 的影响。将 HSPICE 仿真结果与这些攻击的 FPGA 实现结果进行了对比，确认了此类仿真的有效性。最后，我们展示了双轨逻辑和随机初始化逻辑的组合，称为 DRILL，可以有效地用于阻止这种基于功率的建模攻击。