hardware security using strong puf array model for side ... · several attacks have been reported...
TRANSCRIPT
![Page 1: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/1.jpg)
1 Associate Professor, 2 Lecturer, 3 & 4 Scholars 1,2,3&4 Department of ECE, 1,3&4 Sri Krishna college of Engineering and Technology,
Coimbatore, Tamilnadu, India. 2 Sri Krishna Polytechnic College, Coimbatore, Tamilnadu, India.
Abstract The objective of the research work is to propose an abstract model of a strong PUF array
for side channel attacks. The secrecy and confidentiality in message transfers across
hardware devices is more crucial in the recent cryptographic applications deployed in IOT
technology. The earlier formal models for secret communication have limited security since
the encryption device is more vulnerable not only to the active attacks but also to the passive
attacks. The side channel and covert channel attacks are methods mainly to extract the key
rather than the preferred ciphered texts. A formal modelling of hiding and extracting the
critical information is proposed using a Trusted Ordered Protected Secrecy (TOPS) secret pi
calculus in this paper. Based on the side channel attack parameters and covert channel
processes, a threat configurable PUF array model is proposed as a hardware security
mechanism in the implementable form. The TOPS pi calculus and its semantics are
illustrated using Labelled Transition Systems (LTS). The trusted communication and the
context aware computation are carried out in an ordered manner to protect the secret key in
this model. The above said model is formally verified using Alloy analyzer that is used to
formally verify the constraints on the sample structures and check the properties of the
model through counter examples.
Keywords—Alloy, Physical Unclonable Function, Physical Unclonable Function Array,
TOPS pi calculus.
1. INTRODUCTION
Side Channel Attack has been the recent trend to extract information from a system.
Several attacks have been reported on the PUF core properties. This could possibly make the
term Network security less reliable. It puts the Network security at risk and pushes it to the
Hardware Security using Strong PUF Array model for Side
Channel Attacks 1Veerasamy B, 2Bharathi B, 3Rhaveen S.A, 4Monikka R
International Journal of Pure and Applied MathematicsVolume 119 No. 12 2018, 1555-1571ISSN: 1314-3395 (on-line version)url: http://www.ijpam.euSpecial Issue ijpam.eu
1555
![Page 2: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/2.jpg)
edge to take measures to protect it. Physically Unclonable function is a disordered system
that is associated to protect the randomness of the key that is generated to protect the
message that can either be used on the attacker or on the defender side. PUF are concerned
with their physical and digitally unclonable as well as their assumed resilience against
invasive side channel attacks [1]. Physically Unclonable Function is an entity that depends
on the measure of randomness to generate a key. Its physical structure has a complex design
and each time the key is randomly generated. This physical design is based on certain
physical entities or phenomena that can be introduced by the manufacturer. In general, all
scan-based side channel attacks can be viewed as a kind of differential cryptanalysis where
attackers take advantages of the scan chains to observe the bit changes between pairs of
chosen plaintexts/ciphertext so as to identify the secret keys [18]. The attack is determined
by the vulnerability of the assets that can be exploited. The side channel attacks especially
focus on the witness that monitors the encryption rather than the assets itself eventually
making the information to be easily exploitable. These physical parameters are then
measured to gain information on the assets thus attacking the host source without their
knowledge. The PUF can be used to generate a code in random that can either attack or
defend a network. A few examples include stack canaries, non-executable memory, and
Address Space Layout Randomization (ASLR) [17]. But there are some limitations of kernel
space Address Space Layout Randomization (ASLR) against a local attacker with certain
restricted privileges. This is because the ASLR plays a major part in securing the system
against software faults [3]. Also, Timing attacks are avoided by turning the attacker
oblivious of the sensitive traffic. A secure and an enhanced router architecture that
dynamically configures the router memory space according to the communication and
security properties of the traffic [2]. Domain Model (DM) [14] provides a framework for
specifying program state and state transitions, as well as security-related concepts such as
security policy, information flow, access control, and covert channel vulnerabilities [12].
Because of decidability issues associated with modelling arithmetic operations, Alloy by
design supports only a limited representation of integers and basic arithmetic operations
[12],[14]. Since the DM is implemented using Alloy, it is similarly limited [16].]. The main
focus of the paper work is to propose a TOP Secret Pi Calculus towards the enhancement of
hardware security using PUF array model and formally verify the same using ALLOY tool.
The paper is organized as follows: Section II discusses the need and design of PUF arrays
and the various attacks that are possible for an encryption device. Section III illustrates an
abstract and formal model of PUF array and its types with possible security design
challenges. Section IV comprises the formal verification of the proposed model with a
mathematical description of secured sustainability with the configurability and vulnerability
factors. Section V describes the semantics of the proposed TOPS Pi Calculus and the various
atomic functions with the corresponding notations. Section VI expresses the model checking
with ALLOY tools towards the various state transformations during the attacks with its
traces. Section VII concludes the work with the verification results and limitations of the
proposed PUF array model for hardware security in the case of complex hardware
interactions.
International Journal of Pure and Applied Mathematics Special Issue
1556
![Page 3: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/3.jpg)
I. STUDY OF PHYSICAL UNCLONABLE FUNCTION
A. Physical Unclonable Function
Physical unclonable function is a physical entity that depends on their micro structure for
security purposes [5]. This micro structure depends on the physical factors which are
unpredictable and that which can only be introduced by the manufacturer while
manufacturing. When a physical action is made to the structure, it generates random results.
These are almost impractical to be cloned since the factors that are dependent on are
unpredictable and cannot be controlled. The ability of PUF is to be different between
different devices and generate randomness. PUFs have not only been suggested for the basic
security of tamper sensitive key storage but also for protocol based security like Oblivious
transfer (OT), bit commitment (BC), or key exchange (KE) [4]. The attacks to the PUF are
made by CRP pair (Challenge-Responses) mechanism. The physical action is apparently said
to be the Challenge and the reaction by the PUF is the Response to that challenge. Each PUF
has an unpredictable way to connect responses to the proposed challenges [6],[18]. Hence the
mapping between the challenges and the responses is decided by the measure of the
complexity of the logic inside the circuit structure of the PUF (Physically Unclonable
Function). PUF is intrinsically involved in the actual computation performed by the program,
e.g., a processor that exhibits certain timing characteristics. Such PUFs are intrinsic and
personal. They are intrinsic because these PUFs are inherently involved in the execution of
the software and are personal because every computing device possesses such a PUF [15].
The design of such cryptographic PUFs is strongly reconsidered in [4] and quoted that strong
PUFs need additional hardware properties. The responses reacted for the same proposed
challenge, are not the same for different PUFs. Hence each PUF reacts differently to
different or the same challenge generating the same key.
Fig 1.1Layout of the attack of a system
B. Types of attacks
Invasive attack: A category of attacks on a cryptographic device with the goal to reveal its
secret key. In this type of attacks, the attacker can have direct electrical access to the
internal components by physically probing the system’s components using simple or high-
tech techniques. The user will be aware of the attack [5].
Non-Invasive attack: This attack doesn’t damage the package. No physical access is
required. The attack doesn’t alert the user about the leakage. This type of attack observes
the leakage of any physical entity that is unaware to the host but gives information which
serves as an asset [5].
Active attack: An active attack attempts to alter system resources or affect their operation.
For example, faulty injections into the system by the attacker can affect it or force it to leak
certain information that is useful to the attacker [10]. By restraining the system to its extent
to leak out the information is an active attack by the attacker [8].
International Journal of Pure and Applied Mathematics Special Issue
1557
![Page 4: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/4.jpg)
Passive attack: A passive attack attempts to learn or make use of information from the
system but does not affect system resources. It is a network attack in which a system is
monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to
gain information about the target and no data is changed on the target. Side channel attack
is a non-invasive and passive attack [8],[10].
Fig 1.2 Challenge Response Circuits
Fig 1.3. Architectural model of Hardware attacks
A Challenge can be a tuple like, <attack, defense, constraints, environment >. For example,
attack can be either a simple power attack or a cache attack which can be defended by PUF
array based on the power or temperature constraints in that particular memory transaction
environment. Response I can be outputted as either time or frequency and Response II can
be power or bandwidth parameters where Response I is not equal to Response II. Mechanism
that leaks information to the outsider processes but denying direct access to the information
is a covert channel. It is an insider process that could possibly be a Trojan horse program or
similar malwares. It can result in unauthorized information flows when exploited by
malicious software [16].
II. INTRODUCTION TO PUF ARRAY
Different types of PUFs can be configured in such a way that it forms an array. Thus, the
PUFs when formed as an array makes the unpredictability even more complicated and
increases the measure of randomness making it difficult for the attackers to attack the key.
This type of PUF array is called PUFA (Physically unclonable function array). PUFs can
either be configured with randomness by explicit factors or by implicit factors that determine
International Journal of Pure and Applied Mathematics Special Issue
1558
![Page 5: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/5.jpg)
their structures. PUFs whose randomness is determined by explicit factors are less prone to
changes with external factors or any external attacks and are less vulnerable. PUF’s whose
randomness is implicitly determined has to be fabricated while manufacturing and doesn’t
depend on the external entities. These PUFs are prone to changes while there occur changes
in environmental factors and are easily vulnerable to external attacks. Hence PUF whose
randomness is explicitly introduced are more preferable than the ones generating
randomness implicitly. The sustainability of PUFs depends on how randomly it generates the
key for different devices for the same challenge and for different challenges in the same
device. The PUF is more widely preferred when its measure of randomness and
unpredictability is high.
A. Types of PUF
There are several subtypes of PUFs, each with its own applications and security features.
Three major types are Strong PUFs, Controlled PUFs and Weak PUFs, initially termed
Physically Obfuscated Keys (POKs) [6]. The different PUFs available are Arbiter PUF, Ring
Oscillator PUF, DRAM PUF, SRAM PUF, Bus keeper PUF, D Flip-Flop PUF, Glitch PUF
and Latch PUF [7]. Many threats and attacks have been proposed and several algorithms
have been framed to attack into the PUFs making the message transfer less secure and less
reliable. In parallel the complexities of the PUFs has also been increased due to the proposed
algorithms. PUFs are designed to resist the invasive attacks by the attacker. In general,
modelling attacks on PUFs presume that an adversary Eve has, in one way or the other,
collected a subset of all CRPs of the PUFs [18]. The formal modelling of attack and defense
can be done based on the features of both attack and defense actions. These actions can be
categorized into two types.
One category is the set of the attacking nodes and the other one is defending nodes [12].
Both the actions can be further divided into direct internal action or external implicit actions
or simply as an insider attack or outsider attack. The attacks can be materialized into
effective applications or they will be simply abstract ideas. Hence these abstractions can be
converted into applications onto an asset at any point of time. The security flaw or the
vulnerability can be declared as the potential shortfall or incapability in terms of capacity or
readiness to face any attack. Hence the syntactical form of any attack can be defined using
lambda calculus and then the definition can be applied with suitable arguments.
The challenges are that
1) the attack or counter measure actions have to be identified whether they are physical or
virtual; they are changing with respect to time and attacks
2) The vulnerability is dynamic changing with respect to time and assets; A set of temporal
states with many attributes and transitions rules
3) The exploitation is the critical aspect since the time and place are to be utilized by a
suitable triggering action or stimuli which induces the chain of actions
4) The uncertainties in all computation through probability calculations may be derived as
the least value in its causal effect on the attack and on the risk
5) Countermeasure that may be preventive or reactive technique abstracted, defined and
applied on to the workspace very importantly the ambience [12].
The conceptual model explores that
• One or many attacks on the same asset or multiple assets
International Journal of Pure and Applied Mathematics Special Issue
1559
![Page 6: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/6.jpg)
• Each asset may have one or multiple vulnerabilities
• The vector product of attack features and vulnerabilities yield exploitations.
• The existence of countermeasures of defensive or offensive techniques comparable
with the exploitations values for each asset or attack determine the probabilistic
security risk values.
• If all the values are deterministic against the cyber-ethics or cyber regulations, then
the threat will be calculated as equal to the total non-compliance.
The combinational theory [12], currying, reduction and solvability in Lambda calculus can
be applied to quantitatively ascertain the solvability and definability of each terms in that
domain specific Security Lambda Calculus.
Lambda attack: time of (attack) asset = time of (asset)
Asset terms are convertible and attack terms invertible terms.
Lambda measure: counter (measure) preventive = counter (reactive)
“Measure” terms are reducible and convertible. The temporal dependencies of the attacks
and counter measures follow the structure of a tree in a forest.
The attack is a labelled tree with the attributes as shown below:
Attack :: {time, mode, strength, type, singular or multiple, µ, ω, λ, ϴ}
such that, µ implies that the effective convertibility function of attack on asset, ω indicates
that mapping function between vulnerability of an asset and mode, λ maps the preventive
measures and the attack types andϴ implies that exploitation strategies and the solvability
of the countermeasures. This model can be refined still further based on the distributed or
lumped nature of the attack type.
The usability and scalability of the approach can be extended to any level of system of
systems or actions.
A ij(t) =>The ith attack on the jth time at time t = t a
The strength of any attack is depending on the duration and massiveness. The target of
attack is based on the attack plan towards the variety of assets., ie. Assets => File, Data or
Information, Network or Infrastructure
Attack ij(t) onto any one or more than the number of Assets
Plan = Compliance Policies, Regulation Acts
Attack (t) → Asset. Network
Attack A => Internal | External
Defense D =>Physical | Virtual
International Journal of Pure and Applied Mathematics Special Issue
1560
![Page 7: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/7.jpg)
Vulnerability V represents ∑ Temporal set of States
Exploitation E is represented as {(V X A) t, action}
Countermeasure C=>C p (Preventive) & C r (Reactive)
The mathematical model and the corresponding formal model of Attack Defense Tree with
Preventive and Reactive Counter measure can be achieved.
TABLE 1. PARAMETERS DETERMINING SIDE CHANNEL ATTACKS
Component Parameters Environment Outcome
Android device Timing
(c1) Types of key (e1) Radiation (o1)
Microprocessor Power
(c2)
Size in bits of key
(e2)
Differential Power
dissipation (o2)
Microcontroller Voltage
(c3)
Times of usage
(e3)
Temperature Transient
(o3)
Cache memory Frequency
(c4)
Fixed/Permanent
(e4)
Pulse waves
(o4)
RAM Cache
(c5)
Exchange of key
(e5)
Faulty Outcomes
(o5)
FPGA RAM
(c6)
Power
consumption
(e6)
EM Waves
(o6)
Optical
(c7)
Purposeful
branching
(e7)
Process
timing waves
(o7)
Cache miss
and hit(c8)
Delays
(e8)
Break(c9) Noises
(e9)
EM Waves
(c0)
Faults and
damage (e0)
III. FUNCTIONAL VERIFICATION
The characteristics of the attack is determined by it defensiveness, offensiveness,
vulnerability, configurability and sustainability. In Unit level, the verification is done on
• PUF
• PUF ARRAY
• Interfaces
Event (Side channel attack):
Offensiveness of any hardware entity is Sum of Product of the attack and the vulnerability
of the system.
International Journal of Pure and Applied Mathematics Special Issue
1561
![Page 8: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/8.jpg)
𝑂𝑓𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝑂)
= [(𝑁𝑎𝑡𝑢𝑟𝑒 𝑜𝑓 𝑎𝑡𝑡𝑎𝑐𝑘 ∗ 𝑡𝑖𝑚𝑒 𝑜𝑓 𝑎𝑡𝑡𝑎𝑐𝑘 ∗ 𝑛𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑎𝑡𝑡𝑎𝑐𝑘)
+ (𝑉𝑢𝑙𝑛𝑒𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦 ∗ 𝐸𝑥𝑝𝑜𝑠𝑢𝑟𝑒 ∗ 𝐸𝑥𝑝𝑙𝑜𝑖𝑡𝑎𝑏𝑖𝑙𝑖𝑡𝑦)]
It is possible for many attacks to occur at a time. The probability of concurrency is limited
for the said analysis.
𝑃𝑐[𝑠𝑐𝑎1. 𝑠𝑝𝑎(𝑝𝑟𝑜𝑐𝑒𝑠𝑠𝑜𝑟)] → 𝑝𝑎𝑟𝑡 𝑜𝑓 𝑡ℎ𝑒 𝑚𝑒𝑠𝑠𝑎𝑔𝑒(𝑘𝑒𝑦, 𝑡𝑒𝑥𝑡)
For simultaneous attacks in time t1 is
𝑃𝑐[𝑠𝑐𝑎1(𝑡1). 𝑠𝑝𝑎 + 𝑠𝑐𝑎2(𝑡1). 𝑡𝑎 (𝑝𝑟𝑜𝑐𝑒𝑠𝑠𝑜𝑟)] → 𝑝𝑎𝑟𝑡 𝑜𝑓 𝑡ℎ𝑒 𝑚𝑒𝑠𝑠𝑎𝑔𝑒 (𝑘𝑒𝑦, 𝑡𝑒𝑥𝑡)
Offensiveness of any system in the software or application level has higher measure of
vulnerability rather than the hardware level and easily exploitable. Based on this analysis it
can be interpreted as follows
Sustainability is directly proportional to defensiveness and inversely proportional to
offensiveness.
𝑆𝑢𝑠𝑡𝑎𝑖𝑛𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝑆) = 𝑘1 [𝐷𝑒𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝐷)
𝑂𝑓𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝑂)] (1)
By substituting values for the (1),
TABLE II. EXAMPLE VALUES FOR SUSTAINABILITY
Defensiveness Offensiveness Sustainability
0.9 0.1 9k1
0.75 0.25 3k1
0.6 0.3 2k1
0.45 0.5 0.9k1
0.3 0.65 0.46k1
0.25 0.8 0.31k1
0.1 0.95 0.105k1
Where k1 is the proportionality constant in the Sustainability equation with respect to
Defensiveness and Offensiveness depending on the hardware environment and operating
temperature. It can be clearly seen that as defensiveness keeps increasing and offensiveness
keeps decreasing, the sustainability decreases with the constant. A sustainability of 1 is
ideally possible to attain where the system cannot be sustainable depending on the working
environment.
Also, Offensiveness is directly proportional to Vulnerability of the target and defensiveness
is directly proportional to the configurability.
𝑂𝑓𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝑂) ∝ 𝑉𝑢𝑙𝑛𝑒𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝑉)(2)
𝐷𝑒𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝐷) ∝ 𝐶𝑜𝑛𝑓𝑖𝑔𝑢𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦 𝑜𝑓 𝑡ℎ𝑒 𝑡𝑎𝑟𝑔𝑒𝑡(𝐶) (3)
Thus,
𝑆𝑢𝑠𝑡𝑎𝑖𝑛𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝑆) = 𝑘2
𝐶𝑜𝑛𝑓𝑖𝑔𝑢𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝐶)
𝑉𝑢𝑙𝑛𝑒𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝑉) (4)
International Journal of Pure and Applied Mathematics Special Issue
1562
![Page 9: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/9.jpg)
Where k2 is the constant of proportionality of Sustainability with respect to configurability
and vulnerability. Also it can be observed that sustainability is high when configurability is
high and vulnerability is less. Since it is highly impractical for an ideal condition to achieve,
a sample value of 0.6 can be assumed.
TABLE III. EXAMPLE VALUES FOR SUSTAINABILITY
Configurability Vulnerability Sustainability
0.9 0.1 9k2
0.75 0.25 3k2
0.6 0.3 2k2
0.45 0.5 0.9k2
0.3 0.65 0.46k2
0.25 0.8 0.31k2
0.1 0.95 0.105k2
Another relation from the above mentioned stated as
𝑘1 ∗ 𝑉𝑢𝑙𝑛𝑒𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝑉) ∗ 𝐷𝑒𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝐷)
= 𝑘2 ∗ 𝐶𝑜𝑛𝑓𝑖𝑔𝑢𝑟𝑎𝑏𝑖𝑙𝑖𝑡𝑦(𝐶)
∗ 𝑂𝑓𝑓𝑒𝑛𝑠𝑖𝑣𝑒𝑛𝑒𝑠𝑠(𝑂) (5)
IV. SEMANTICS OF TOPS PI CALCULUS
A. Semantics of Pi Calculus
Secret 𝜋 calculus includes the usage of two forms of restricted pattern matching in input so
that a set of channels are denied to a process or enforcing a process to receive only few
trusted channels. The standard input of 𝜋 calculus use an infinite set of names N varied from
a,b,c.....,x,y,z to represent channel names and parameters [11] . So the subject(A) and the
object (B) of the communication range over subset of N. For example, a process of the form
𝑥(𝑦 ÷ 𝐵). 𝑃 represents an input where the name x is the input channel name, y is the formal
parameter which can appear in the continuation P, and B is the set of blocked names that
the process cannot receive. ‘r’ is the amount of randomness the PUF can generate to make
the key protected and secret and s can act as the spy level in a covert channel.
B. Trusted Ordered Protective Secrecy (TOPS) 𝜋 calculus
By continuing the observations and the expressions being derived in [11] for side channel
processes as follows
International Journal of Pure and Applied Mathematics Special Issue
1563
![Page 10: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/10.jpg)
TABLE IV. EQUATIONS FOR SPECIFIED ATTACK
Channel Process Variables Notations Remarks
Side
channel
Input 𝑥, 𝑦 𝑥(𝑦 ÷ 𝐵). 𝑃 Input P with
Blocked names
B
Trusted
input 𝑥, 𝑦 𝑥[𝑦: 𝐴]. 𝑃
Trusted input
through the
channel
Output 𝑥, 𝑦 𝑥 ̅(𝑦). 𝑃 Output in
Plaintext
Compositi
on − 𝑃|𝑄 Channel P or Q
Attack 𝑥, 𝑦 𝑥[𝑦: 𝐵]. 𝑃 Attack on the
Input with
channels in B
Defend 𝑥, 𝑦, 𝑟 𝑥[𝑦: 𝐴]. 𝑃/𝐵+ 𝑟
Generated
randomness in
the input
Exploit 𝑥, 𝑦 𝑥[𝑦]. 𝑃 + 𝐵 Input with
blocked names
(vulnerability)
Covert
channel
Terminate 𝑥 ([𝑥: 𝐵]
𝑃) . 𝑃
Input
terminated
when attack
detected
Replicate 𝑥, 𝑦 𝑥(𝑦: 𝐴). 𝑃= 𝑤(𝑧: 𝐴). 𝑃
Input replicated
to another
channel
Indicate 𝑥, 𝑦 𝑥 ̅[𝑦: 𝐴]. 𝑃 Where 𝑥 ̅ = [𝑦: 𝐵]
Vulnerabilitie
s indicated on
the input
Spy 𝑥, 𝑦, 𝑧, 𝑠 𝑥[𝑦/𝐵]. 𝑃 | �̅�(𝑧). 𝑄 |𝑠: 𝑥. 𝑅
Spy level
detected on a
plaintext input
Wait 𝑥, 𝑦 𝑥 (𝑦
𝐵) . 𝑃(0,1)
Wait or
process
depending on
the amount of
vulnerability
As in [11], the process [hide x][P] represents a process P in which the name x is regarded as
secret and should not be accessible to any process external to P. [hide x][P] binds the
occurrence of x in P: fn ([hide x][P]) =fn(P)\ {x}, and bn([hide x][P])={x} U bn(P). Also contexts
are processes containing a hole -.C[P] can be written for the process obtained by replacing –
with P in C[-],
International Journal of Pure and Applied Mathematics Special Issue
1564
![Page 11: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/11.jpg)
𝐶[−] ∷= −|𝐶[−]| 𝑃 | 𝑃 |𝐶[−]|(𝑛𝑒𝑤 𝑥)[−]|[ℎ𝑖𝑑𝑒 𝑥][−]-----[11]
C[−] 𝑑𝑒𝑛𝑜𝑡𝑒𝑠 𝑎 𝑐𝑜𝑛𝑡𝑒𝑥𝑡[ℎ𝑜𝑙𝑒] 𝐶[𝑃] 𝑑𝑒𝑛𝑜𝑡𝑒𝑠 𝑎 𝑐𝑜𝑛𝑡𝑒𝑥𝑡 𝑜𝑓 𝑝𝑟𝑜𝑐𝑒𝑠𝑠𝑜𝑟
V. DOMAIN MODELLING
The proposed Security DM is comprised of an Invariant Model, which defines the generic
concepts of program state, information flow, and security policy; and an Implementation
Model, which specifies the behavior of the base program. A specialized DM Compiler was
developed to translate a base program in IML into an Implementation Model, and to
integrate it with the Invariant Model to form a complete DM specification; the DM-Compiler
thus has visibility of the security policy, as implemented in the Invariant Model. The DM is
verified using the Alloy Analyzer, which identifies execution paths where the security policy
rules are violated. Whereas many previous security models capture information flow between
objects and subjects, the DM does not explicitly define an object, but implements this concept
through variables. An access table records sensitivity labels for program variables, as a
means of tracking information flow across state transitions. These labels indicate the
sensitivity of data stored within a variable, and may change over time as data flows through
the system [16].
A. Alloy
Alloy is a language for describing structures based on defining a set of constraints. It has
been used in a wide range of applications from finding holes in security mechanisms to
design telephone switching networks. An Alloy model is a collection of constraints that
describes (implicitly) a set of structures [14], for example: all the possible security
configurations of a web application, or all the possible topologies of a switching network.
Alloy’s tool, the Alloy Analyzer, is a solver that takes the constraints of a model and finds
structures that satisfy them. It is a SAT based language used for formal verification of a
network security. It can be used both to explore the model by generating sample structures,
and to check properties of the model by generating counterexamples. Structures are
displayed graphically, and their appearance can be customized for the domain at hand [9].
International Journal of Pure and Applied Mathematics Special Issue
1565
![Page 12: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/12.jpg)
Fig. 2.1 Attack and Defense of Power attacks and timing PUF arrays
Fig 2.2 Attack and Defense of cacheattacks and power PUF arrays
International Journal of Pure and Applied Mathematics Special Issue
1566
![Page 13: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/13.jpg)
Fig 2.3 Attack and Defense of Timing attacks and cache PUF arrays
At constant temperature and typical operational conditions, the following tabular column
have been deducted
TABLE V. STATE TRANSITION TABLE
Initial State Transition
rules Final State Status Relation
Cache attack
If(Cache
attack!=0 &&
other
attacks==0)
Cache
PUF==1
PUF
defended state
Secured by
Cache PUF
Defend
through
increased
complexity
Power attack
If(power
attack!=0 &&
other
attacks==0)
power
PUF==1
PUF
defended state
Secured by
Power PUF
Defend
through
increased
complexity
Timing attack
If(timing
attack!=0 &&
other
attacks==0)
timing
PUF==1
PUF
defended state
Secured by
Timing PUF
Defend
through
increased
complexity
No attack
If(all
attacks==0)
all PUF==0
System
defended state Unsecured
Defended by
the default
system
security
International Journal of Pure and Applied Mathematics Special Issue
1567
![Page 14: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/14.jpg)
Simultaneous
attacks
If(two
attack==1 &&
one
attack==0)
one PUF==1
One attack
defended and
vulnerable to
other attacks
Unsecured
Partially
defended by
increasing
complexity
TABLE VI. STATE TRACES
Trace Path traced
Trace
1 S0 →S1→S2 →S3 →S4
Trace
2 S0 →S5→S2 →S6 →S4
Trace
3 S0 →S7→S2 →S8 →S4
Where
S0 → Initial State
S2→ Attacked State
S4 → Secured State
S1,S5 ,S7→Attacks on the Encryption device
S3,S6 ,S8→ PUF defence on the Encryption device
VI. CONCLUSION
The work proposes an abstract model for strong PUF array towards hardware security
through the mitigation of side channel and covert channel attacks. The model based on TOPS
Pi calculus has been formally verified model through the possible state transitions. The
various attacks and the required PUF defending the Encryption device have been modelled
using Alloy analyzer. The major limitations in the work is that when simultaneous attacks
occur at the same time the PUF array model cannot handle multiple attacks and the model
may not be suited for trusted transactions between more vulnerable hardware configurations
at the same instances. The above model is going to be realized in an FPGA with necessary
amount of gates to sustain multiple attacks in the future work.
REFERENCES
[1] Ahmed Mahmoud, Ulrich Rührmair, MehrdadMajzoobi, et.,al . "Combined Modelling and
Side Channel Attacks on Strong PUFs", Published in IACR Cryptology ePrint Archive,
2013, Report 2013/632, DOI:10.1109/JPROC.2014.2335155, pp:1283-1295.
[2] Ulrich Ruhrmair& Jan Solter:"PUF Modelling Attacks:An Introduction and Overview"
In:DATE14/ 2014 EDAA/Germany/978-3-9815370-2-4, 2014, DOI:
10.7873/Date.2014.361,IEEE Xplore Germany, ISBN:978-3-9815370-2-4, pp:1-6.
International Journal of Pure and Applied Mathematics Special Issue
1568
![Page 15: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/15.jpg)
[3] Ralf Hund, Carsten Willems, Et.al Thorsten Holz, "Practical Timing Side Channel
Attacks Against Kernel Space ASLR", In Horst-Goertz Institute for IT Security (HGI),
Ruhr-University Bochum, Germany, published at IEEE 2013 Symposium on Security
and Privacy, 1081-6011/13,2013IEEEDOI: 10.1109/SP.2013.23, ISBN: 978-0-7695-4977-
4, pp: 191-192.
[4] Ulrich Ruhrmair& Marten van Dijk, "PUFs in Security Protocols: Attack Models and
Security Evaluations" In:IEEE Symposium on Security and Privacy, 2013 IEEE
Symposium, Berkeley, USA, DOI:10.1109/SP.2013.23, ISBN: 978-0-7695-4977-4, pp:286-
300.
[5] Fran¸coisKoeune and ,Fran¸cois-XavierStandaert, ” A Tutorial on Physical Security and
Side-Channel Attacks “,Foundations of security analysis anddesign III, Springer, 2005,
I.M.R. Verbauwhede (ed.), Secure Integrated Circuits and Systems,
Integrated Circuits and Systems, DOI 10.1007/978-0-387-71829-3 2,
2010, X, 246p, 92 illus., Hardcover, ISBN: 978-0-387-71827-9, pp:27-42.
[6] Ulrich Rührmair, Frank Sehnke, Et.al ”Modelling Attacks on Physical Unclonable
Functions”, in Association for Computing Machinery ACM,Proceedings of the 17th ACM
conference on Computer and communications security, Chicago, Illinois, USA-October 04-
08,2010, ISBN: 978-1-4503-0245-6, DOI: 10.1145/1866307.1866335, pp:237-249.
[7] Charles Herder, Meng-Day (Mandel) Yu, et.al., ” Physical Unclonable Functions and
Applications: A Tutorial”, Proceedings of the IEEE Volume: 102, Issue: 8, Aug. 2014, doi:
10.1109/JPROC.2014.2320516, 2014, pp: 1126 – 1141.
[8] Job de Haas” Side Channel Attacks and Countermeasures for Embedded Systems”,
Black Hat USA, 08/02/2007 pp:82
[9] Edward Yue Shung Wong, Michael Herrmann, Et.al Omar Tayeb, ” A Guide To Alloy”,
Department of Computing - Imperial College
London,2007,url:https://www.doc.ic.ac.uk/project/examples/2007/271j/suprema_on_alloy/
Final%20Report/LaTeX/report.pdf
[10] Siddika Berna OrsYalcin, “Side-Channel attacks on hardware implementations of
cryptographic algorithms” Istanbul Technical University Department of Electronics and
Communication Engineering, 2007, pp:1-17,
url:http://web.itu.edu.tr/~orssi/dersler/cryptography/slides.pdf.
[11] Martin Giunti ,CatusciaPalamidessi ,Frank D. Valencia, ”Hide and New in the 𝜋
calculus”, EPTCS 89 pp: 65–79, doi:10.4204/EPTCS.89.6. , 2012.
[12] Malay Ganai. Aarti Gupta, ”SAT-Based Scalable Formal Verification Solutions”,
Springer MIT press, 2007, ISBN 978-0-387-69167-1, DOI:10.1007/978-0-387-69167-
1,Series ISSN: 1558-9412, pp:1-16.
[13] Christel Baier, Joost-Pieter Katoen, ” Principles of model checking ”,MIT press, 2007,
ISBN: 9780262333047, April 2008.
[14] Alloy tutorial http://alloy.mit.edu/alloy/ , http://alloy.mit.edu/alloy/tutorials/online/.
International Journal of Pure and Applied Mathematics Special Issue
1569
![Page 16: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/16.jpg)
[15] RishabNithyanand ,John Solis, ”A Theoretical Analysis: Physical Unclonable
Functions and The Software Protection Problem”, IEEE Computer society,
DOI:10.1109/SPW.2012.16, 2012, pp:1-11 .
[16] Alan B. Shaffer , Mikhail Auguston, et.al, ”A Security Domain Model to Assess
Software for Exploitable Covert Channels”, Research gate conference,DOI:
10.1145/1375696.1375703, 2008, pp: 45-56.
[17] PaX Team, “Address Space Layout Randomization (ASLR),”
http://pax.grsecurity.net/docs/aslr.txt.
[18] Ulrich Ruhrmair, Jan S¨olter, et.al,”PUF Modeling Attacks on Simulated and Silicon
Data”, IEEE Transactions on Information Forensics and Security, 2013,Published in
Journal IEEE Transaction on Information Forensics and Security Volume 8 Issue 11,
November 2013 pp: 1876-1891, IEEE Press Piscataway, NJ, USA,ISSN: 1556-6013doi:
10.1109/TIFS.2013.2279798.
International Journal of Pure and Applied Mathematics Special Issue
1570
![Page 17: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/17.jpg)
1571
![Page 18: Hardware Security using Strong PUF Array model for Side ... · Several attacks have been reported on the PUF core properties. This could possibly make the term Network security less](https://reader033.vdocuments.us/reader033/viewer/2022042314/5ee14252ad6a402d666c33c9/html5/thumbnails/18.jpg)
1572