Author/Creator ORCID




Computer Science and Electrical Engineering


Engineering, Computer

Citation of Original Publication


This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please see http://aok.lib.umbc.edu/specoll/repro.php or contact Special Collections at speccoll(at)umbc.edu
Distribution Rights granted to UMBC by the author.
Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission.


Integrated Circuits (ICs) have made their way into many critical systems that service transportation, medical, and military industries; areas that are targeted for maximum disruption of operations and daily life. Whether the motive is monetary or political, it is clear that ICs require protection from malicious intent. To aid in the protection of devices various techniques have been developed to identify, authenticate, and track them. One of the principal security primitives used in the aforementioned techniques are Physical Unclonable Functions (PUFs). PUFs produce unique signatures based on the uncontrollable physical variations which occur during the fabrication of ICs. A PUF's output (response) is produced when the PUF is given an input (challenge). Together these inputs and outputs are known as Challenge Response Pairs (CRPs). A PUF's CRPs are used for authenticating devices or for IC metering purposes, aiding in the prevention of over-production and IC cloning. The arbiter-PUF is one of the most popular PUFs broadly adopted by industry because of its large number of CRPs. Owing to their usefulness in securing ICs, PUFs are also the focus of attacks. They are vulnerable to modeling attacks in which the adversary tries to model the PUF's behavior to predict its response for unseen challenges. There are two forms of modeling attacks: CRP-based modeling attacks and power-based modeling attacks.When attacking a PUF using its power side-channel, the PUF response is predicted based on the PUF's power consumption. This research focuses on the power- based modeling attacks perpetrated against the arbiter-PUF family, and presents PUFs that are resilient against power-based attacks via inserting the proposed countermeasures. First, investigations are performed on the resiliency of the state-of-the- art PUFs that were proposed in literature recently to counter modeling attacks such as analog variants and challenge obfuscation based PUFs. These PUFs are shown to be successfully compromised through their power side-channel. These investigations are taken one step further by performing Cross-PUF attacks, where the power traces of one PUF can be used to model another PUF fabricated from the same GDSII file. This research shows, for the first time, that such attacks are highly successful in exposing a previously unexplored vulnerability of PUFs. Further investigations of power-based modeling attacks are performed by characterizing the effects that temperature and aging have on both Self-PUF and Cross-PUF attacks. Exploration of modeling the power is extended to multi-bit response parallel PUFs to show their vulnerability against power-based attacks. The results of these investigations showed that the response could still be discerned from the power consumption of the device. Because of the phenomenon being exploited in the power-based modeling attacks this research shows that these attacks work not only on the arbiter-PUF, but also its derivatives. To further improve the understanding of the various power-based modeling attacks, this research uses the Signal-to-Noise Ratio (SNR) to characterize and assess the vulnerability of the target PUFs to modeling attacks. Finally, to enhance the resiliency of the targeted PUFs against power-based modeling attacks, a number of circuit-level countermeasures, based on reducing the SNR and/or confusing the model, are proposed. These countermeasures appear to be highly successful in protecting the PUF against the power-based modeling attack. The results have been extracted first using HSpice simulations, and then the experiments (the attacks and countermeasures) were performed on FPGA fabric to verify the findings in silicon.