Unreliable XOR Arbiter PUFs were broken by a machine learning attack, which targets the underlying Arbiter PUFs individually. However, reliability information from the PUF was required for this attack. We show that, for the first time, a perfectly reliable XOR Arbiter PUF, where no reliability information is accessible, can be efficiently attacked in the same divide-and-conquer manner. Our key insight is that the responses of correlated challenges also reveal their distance to the decision boundary. This leads to a chosen challenge attack on XOR Arbiter PUFs. The effectiveness of our attack is confirmed through PUF simulation and FPGA implementation.

, , ,
doi.org/10.48550/arXiv.2312.01256
Computer Security

Sayadi, N., Nguyen, P. H., van Dijk, M., & Jin, C. (2023). Breaking XOR Arbiter PUFs without reliability information. doi:10.48550/arXiv.2312.01256