Practical security analysis of PUF-based two-player protocols

U. Rührmair, M. Van Dijk

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

In recent years, PUF-based schemes have not only been suggested for the basic tasks of tamper sensitive key storage or the identification of hardware systems, but also for more complex protocols like oblivious transfer (OT) or bit commitment (BC), both of which possess broad and diverse applications. In this paper, we continue this line of research. We first present an attack on two recent OT- and BC-protocols which have been introduced at CRYPTO 2011 by Brzuska et al. [1,2]. The attack quadratically reduces the number of CRPs which malicious players must read out in order to cheat, and fully operates within the original communication model of [1,2]. In practice, this leads to insecure protocols when electrical PUFs with a medium challenge-length are used (e.g., 64 bits), or whenever optical PUFs are employed. These two PUF types are currently among the most popular designs. Secondly, we discuss countermeasures against the attack, and show that interactive hashing is suited to enhance the security of PUF-based OT and BC, albeit at the price of an increased round complexity. © 2012 International Association for Cryptologic Research.
Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems, CHES 2012 - 14th International Workshop, Proceedings
Pages251-267
DOIs
Publication statusPublished - 2012
Externally publishedYes
Event14th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2012 - , Belgium
Duration: 9 Sept 201212 Sept 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference14th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2012
Country/TerritoryBelgium
Period9/09/1212/09/12

Fingerprint

Dive into the research topics of 'Practical security analysis of PUF-based two-player protocols'. Together they form a unique fingerprint.

Cite this