Apologies and Announcements Website will be up within this weekend Apologies for delay in initiating the discussion Please finalize your assignment groups asap Groups can have no more than 6 members Recommended to have at least 4 members Groups cannot contain unregistered students Course list finalized – will be put up to help identify group members Course members who are unable to join a group will be clubbed Must authenticate your sensors so that tampering can be detected! Couldn’t you have told me earlier?! Authentication by Secret Questions Give me your A/C number and answer the following questions 1. What is your date of birth? 2. What is your pet’s name? 3. How many marks did you get in 10th standard exams? 4. How many cars do you own? 5. … BANK USER SBI31415926535 1. 05th August 2000 2. Mr. Bud Bud 3. err … couldn’t hear you clearly 4. None, so give me that loan already! 5. … Authentication by Secret Questions Using PUFs Give me your device ID and answer the following questions 1. 10111100 2. 00110010 3. 10001110 4. 00010100 5. … TS271828182845 SERVER How to ensure that these answers are unique and unpredictable? DEVICE 1. 2. 3. 4. 5. 1 0 1 0 … Physically Unclonable Functions 0.50ms These tiny differences are difficult to predict or clone 0.55ms Then these could act as the fingerprints for the devices! A simple Multiplexer PUF “select” bit 0 p ms delay q ms delay Multiplexers are basically switching circuits 1 Correct. However, the devices are consistent, i.e., their delays do not change (too much) over time. It is difficult to deliberately create another mux that exhibits the same delays Arbiter PUFs If the top signal reaches the finish line first, the “answer” to this question is 0, else if the bottom signal reaches first, the “answer” is 1 Question: 1011 1 0 1 1 ? Arbiter PUFs If the top signal reaches the finish line first, the “answer” to this question is 0, else if the bottom signal reaches first, the “answer” is 1 Question: 1011 1 0 1 1 1? Arbiter PUFs If the top signal reaches the finish line first, the “answer” to this question is 0, else if the bottom signal reaches first, the “answer” is 1 Question: 0110 0 1 1 0 0? Some FAQs Does it matter whether the “red” signal reaches first or the “blue”? No, the color does not matter – the color was added just for explanation Why go into all this fuss of having multiple multiplexers? It was expected that it would make it more difficult to predict the answers. Also, it increases the number of possible questions. Is it compulsory to have only 4 multiplexers? Absolutely not. It depends on how long are your “questions” It is common to have 64 multiplexers Actually … That would make the total number of challenges 264 > 18 Quintillion!! By the way, people usually call the questions “challenges” and the answers “responses” Good … even if an attacker knows the responses to a few challenges, there is no way to guess the other answers. Right? Right? Hello! Melbo!! A Twist in the Tale An attacker can see responses on a few challenges and use ML to predict responses on all other challenges ο Does not matter if using 32-bit or 64-bit challenges All mux-es are different so π1 ≠ π2 ≠ β― , π1 ≠ π2 ≠ β― π0 π1 π0 π‘0π’ π2 π1 π63 π2 π‘1π π‘0π π0 π‘1π’ π1 π‘ππ’ is the (unknown) time at which the upper signal leaves the π-th mux. π‘ππ is the time at which the lower signal leaves the π-th mux. π‘2π’ π‘2π π2 … … π63 π’ π‘63 π π‘63 π63 A Twist in the Tale π’ π Observe that the answer is 0 if π‘63 < π‘63 and 1 otherwise π’ π π’ π Also note that π‘1 and π‘1 depend on π‘0 , π‘0 , π1 , π1 , π1 , π 1 and π1 π1 dictates which previous delay π‘0π’ or π‘0π will get carried forward in which branch, and π1 , π1 , π1 , π 1 give us the delay introduced by the 1-th mux itself π0 π1 π0 π‘0π’ π2 π1 π2 π‘1π π‘0π π0 π‘1π’ π63 π1 π‘2π’ π‘2π π2 … … π63 π’ π‘63 π π‘63 π63 A Twist in the Tale 10 π1 ⋅ π‘0π’ + π1 + π011 ⋅ π‘0π + π 1 π‘1π’ = 1 − π‘1π = 1 − 01 ⋅ π‘0π’ + π1 1 0 π1 ⋅ π‘0π + π1 + π1 π0 π1 01 π0 π‘0π’ π2 π1 π2 π‘1π π‘0π π0 π‘1π’ π63 π1 π‘2π’ π‘2π π2 … … π63 π’ π‘63 π π‘63 π63 A little bit of Math ο Let us use the shorthand Δπ = π‘ππ’ − π‘ππ to denote the lag Recall: all that matters is whether the top signal reaches first or not Thus, all that matters is whether Δ63 < 0 or not π’ π‘0 π + π1 − π‘0 π π‘0 π’ π‘0 Δ1 = 1 − π1 ⋅ − π1 + π1 ⋅ + π 1 − − π1 = 1 − π1 ⋅ Δ0 + π1 − π1 + π1 ⋅ −Δ0 + π 1 − π1 = 1 − 2π1 ⋅ Δ0 + π1 − π1 + π 1 − π1 ⋅ π1 + π1 − π1 To make notation simpler, let ππ β 1 − 2ππ ππ creates bits that take values −1, +1 instead Δ1 = Δ0 ⋅ π1 + πΌ1 ⋅ π1 + π½1 of 0,1 – that’s it! πΌ1 = π1 − π1 + π1 − π 1 /2 π½1 = π1 − π1 − π1 + π 1 /2 A little bit of Math ο Note that a similar relation holds for any stage Δπ = ππ ⋅ Δπ−1 + πΌπ ⋅ ππ + π½π where πΌπ = ππ − ππ + ππ − π π /2 and π½π = ππ − ππ − ππ + π π /2 We can safely take Δ−1 = 0 (absorb initial delays into π0 , π0 , π0 , π 0 ) We can keep going on recursively Δ0 = πΌ0 ⋅ π0 + π½0 (since Δ−1 = 0) Δ1 = Δ0 ⋅ π1 + πΌ1 ⋅ π1 + π½1 – now plugin value of Δ0 to get Δ1 = πΌ0 ⋅ π1 ⋅ π0 + πΌ1 + π½0 ⋅ π1 + π½1 Δ2 = πΌ0 ⋅ π2 ⋅ π1 ⋅ π0 + πΌ1 + π½0 ⋅ π2 ⋅ π1 + πΌ2 + π½1 ⋅ π2 + π½2 We can begin to see a pattern here Linear Models We have Δ63 = π€0 ⋅ π₯0 + π€1 ⋅ π₯1 + β― + π€63 ⋅ π₯63 + π½63 = π° β€ π± + π Exactly, this is why people where stopped using arbiter π₯π = ππ ⋅ ππ+1 ⋅ … ⋅ π63 PUFs for authentication after this was revealed π€0 = πΌ0 π€π = πΌπ + π½π−1 for π > 0 This means that if someone If Δ63 < 0, upper signal wins and answer is 0 can find the π°, π parameters, they would be able to predict If Δ63 > 0, lower signal wins and answer is 1 response to any challenge!! Thus, answer is simply sign π° β€ π±+π +1 2 This is nothing but a linear classifier! Linear/hyperplane Classifiers The model is a single vector π° of dimension π (features are also π-dim), and a scalar term (called bias) π Predict on a test point π± by checking if π° β€ π± + π > 0 Decision boundary: hyperplane (where π° β€ π± + π = 0) The vector π° is called the normal or perpendicular vector of the hyperplane – why? Consider any two vectors π±, π² on the hyperplane i.e. π° β€ π± + π = 0 = π° β€ π² + π. This means π° β€ (π± − π²) = 0. Note that the vector π± − π² is parallel to the hyperplane and π° perpendicular to all such vectors The bias term π if changed, shifts the plane – it can be thought of as a threshold as well – how large does π° β€ π± have to be in order for decision to be 1 π° XOR PUF XOR: given a bunch of 0/1 bits, output is 1 if odd number of bits are 1 else if even number of bits (includes no bits) are 1, output is 0 XOR is basically addition modulo 2 π1 + β― + ππΎ %2 Cracking the XOR PUF It turns out that the XOR PUF can also be cracked using a linear model although one of a larger dimensionality Key insight: if we have a bunch of +1/−1 values, their product is +1 if and only if an even number of them are -1 else the product is -1 We can crack the individual PUFs using linear models i.e., for i-th PUF β€ 1 + sign π°π π± 2 Remember: sign value of +1 corresponds to bit 1 and -1 corresponds to bit 0 Note: π sign π°πβ€ π± is +1 if an even number of the sign values are -1 However, XOR is concerned with parity of +1 bits Solution: Flip the signs! Cracking the XOR PUF The product − π −sign π°πβ€ π± = −1 πΎ+1 π sign π°πβ€ π± is -1 if an even number of the sign values are +1 else the product is +1 The extra −1 is there since XOR is 0 if there are an even number of 1s Here, πΎ is the number of PUFs 1+ −1 πΎ+1 β€ sign π° π π π± Thus, the output of π the sign values are +1 else the output is 1 is 0 if an even number of This is exactly what we wanted! All we need to do find a way to compute π sign π°πβ€ π± Although it does not seem so right away, there is a linear model hidden here Observation: β€ sign π° π π π± = sign Find a way to simplify π π°πβ€ π± π π°πβ€ π± Cracking the XOR PUF Let’s take a toy example in 2 dims with π°1β€ π± ⋅ π°2β€ π± where π°1 = π, π , π°2 = π, π , π± = π₯, π¦ ∈ β2 π°1β€ π± ⋅ π°2β€ π± = ππ₯ + ππ¦ ⋅ ππ₯ + ππ¦ = ππ ⋅ π₯ 2 + ππ + ππ ⋅ π₯π¦ + ππ ⋅ π¦ 2 = π β€ π, where π = ππ, ππ + ππ, ππ , π = π₯ 2 , π₯π¦, π¦ 2 ∈ β3 Thus, we can just learn a linear model in 3D instead of 2D Exercise: extend this intuition to more than 2 classifiers and higher dims Try to do optimizations to reduce the dimensionality of π Note: we are not assured that the linear model we learn will be of this form i.e., for some π, π, π, π we get ππ, ππ + ππ, ππ However, we are assured that a linear model with 0 error does exist
