EM Side-Channel Analysis of BCH-based Error Correction for PUF-based Key Generation

Physical Unclonable Functions (PUFs) provide a cost-efficient way to store a secure key on a device. But the noisy secret from a PUF must be corrected to generate a stable key. Since the error correction processes secret material, it is a target of attacks. Previous work has shown that single bits of a key can be extracted using a power sidechannel attacks. This work enhances the attack idea. Non-invasive measurement of electromagnetic radiation together with a differential power analysis is shown to be sufficient to extract not only single bits but even the complete key from an error correction used for PUF-based key generation. The efficiency of the basic attack is significantly improved over state of the art using public available preknowledge on the PUF, an advanced correlation method, and parallel manipulation of helper data. The attack is practically demonstrated on an FPGA implementation with concatenated BCH and repetition codes. The results show that, compared to state of the art, a significant improvement by a factor of more than 100 in terms of trace reduction can be achieved.      «

Physical Unclonable Functions (PUFs) provide a cost-efficient way to store a secure key on a device. But the noisy secret from a PUF must be corrected to generate a stable key. Since the error correction processes secret material, it is a target of attacks. Previous work has shown that single bits of a key can be extracted using a power sidechannel attacks. This work enhances the attack idea. Non-invasive measurement of electromagnetic radiation together with a differential power analysis is sho...     »