+

CN119210732A - A logical encryption enhanced PUF circuit and method for resisting machine learning attacks - Google Patents

A logical encryption enhanced PUF circuit and method for resisting machine learning attacks Download PDF

Info

Publication number
CN119210732A
CN119210732A CN202411326473.0A CN202411326473A CN119210732A CN 119210732 A CN119210732 A CN 119210732A CN 202411326473 A CN202411326473 A CN 202411326473A CN 119210732 A CN119210732 A CN 119210732A
Authority
CN
China
Prior art keywords
puf
logic
response
output
input
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411326473.0A
Other languages
Chinese (zh)
Inventor
黄钊
周丽榕
王泉
王骏君
王军杰
赵玉宁
樊璐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN202411326473.0A priority Critical patent/CN119210732A/en
Publication of CN119210732A publication Critical patent/CN119210732A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

一种抗机器学习攻击的逻辑加密增强型PUF电路及其方法,电路包括PUF生成模块和逻辑混淆加密模块;方法包括:S1、构建逻辑加密增强型PUF;S2、给定一个n位二进制输入激励C,PUF生成模块产生一位响应R,并将响应R传输给混淆加密模块作为其输入信号;S3、通过上位机产生两位随机密钥K,逻辑混淆加密模块判断K是否为正确密钥,来决定是否对响应R进行加密处理;本发明利用两位安全密钥控制逻辑混淆加密模块,对PUF生成模块产生的响应进行混淆加密,显著提高了PUF的抗机器学习攻击能力,同时,本发明在不影响PUF原有性能的基础上,增加了逻辑混淆加密电路使得能够有效提高PUF的抗机器学习攻击能力,大幅降低资源开销且具有较高的灵活度。

A logic encryption enhanced PUF circuit and method for resisting machine learning attacks, the circuit comprising a PUF generation module and a logic obfuscation encryption module; the method comprising: S1, constructing a logic encryption enhanced PUF; S2, given an n-bit binary input stimulus C, the PUF generation module generates a one-bit response R, and transmits the response R to the obfuscation encryption module as its input signal; S3, a two-bit random key K is generated by a host computer, and the logic obfuscation encryption module determines whether K is a correct key to determine whether to encrypt the response R; the present invention uses a two-bit security key to control the logic obfuscation encryption module, obfuscates and encrypts the response generated by the PUF generation module, and significantly improves the PUF's ability to resist machine learning attacks. At the same time, the present invention adds a logic obfuscation encryption circuit on the basis of not affecting the original performance of the PUF, so that the PUF's ability to resist machine learning attacks can be effectively improved, resource overhead is greatly reduced, and has high flexibility.

Description

Logic encryption enhancement type PUF circuit for resisting machine learning attack and method thereof
Technical Field
The invention relates to the technical field of PUFs, in particular to a logic encryption enhancement type PUF circuit and a method for resisting machine learning attacks.
Background
The physical unclonable function (PhysicallyUnclonable Function, PUF) is used as a hardware security primitive, so that the advantages of reliability, lightweight and the like are widely researched and applied, and a good alternative scheme is provided for the security of the Internet of things. The PUF extracts a hardware fingerprint specific to a chip by using unavoidable random process variations in the chip manufacturing process, and even if an attacker obtains the structure of the PUF, the key cannot be obtained. Given a stimulus, a PUF will output a unique unpredictable response result due to small variations in the chip production process, while a PUF can produce multiple stimulus responses (CHALLENGE RESPONSE PAIR, CRP). The PUFs can be further divided into strong PUFs and weak PUFs based on the number CRPs generated. The strong PUF can generate a large number CRPs, and is widely applied to aspects such as lightweight authentication and the like. However, with the rapid development of machine learning (MACHINE LEARNING, ML), an attacker models the PUF with a small amount of CRPs collected, and can predict the excitation response almost the same as that of the PUF through the ML algorithm, so that the PUF has a great potential safety hazard, and particularly strong PUFs are very vulnerable to machine learning attacks, such as Arbiter PUF and RO PUFs. Therefore, it is of profound importance to effectively improve the anti-ML attack of PUFs without affecting the performance of the PUF.
The university of wenzhou Wang Pengjun et al discloses in its applied patent literature (publication No. CN113922990a, application No. CN 202111091734.1) a strong PUF machine learning attack method based on matrix confidentiality. According to the method, a plurality of groups of response signals are used as information to be encrypted, the response signals are arranged to form a plaintext matrix, two plaintext matrices are adopted to generate a ciphertext matrix, elements in a conversion matrix obtained after binary conversion of the ciphertext matrix are used as final responses, and the anti-attack capability of the PUF is effectively improved. The method has the defects that the 0/1 ratio of the response in CRP is related to the order of the plaintext matrix, the larger n is, the more uniform n is, so that the calculated amount can be exponentially increased when the ciphertext matrix is obtained, and for a lightweight embedded device, the limited calculation force can be burdened, and the lightweight advantage of the PUF is reduced.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention aims to provide a logic encryption enhancement type PUF circuit for resisting machine learning attacks and a method thereof, which utilize a two-bit security key to control a logic confusion encryption module to carry out confusion encryption on responses generated by a PUF generation module, under the condition that a key is correct, a user can correctly obtain a PUF response result, and the key is incorrect, the PUF response result cannot be obtained, so that an attacker cannot collect correct excitation responses, the machine learning attack resistance of the PUF is obviously improved, meanwhile, the structure of the original PUF generation module is not damaged, the logic confusion encryption circuit is added after the response, which is equivalent to adding a protective shell to the PUF, so that the influence on the performance such as the stability and the reliability of the PUF is effectively avoided, the machine learning attack resistance of the PUF can be effectively improved on the basis of not influencing the original performance of the PUF, the resource cost is greatly reduced, the flexibility is higher, and the method can be used for high-reliability and high-security light-weight equipment identity authentication.
In order to achieve the above purpose, the present invention provides the following technical solutions:
A logic encryption enhancement type PUF circuit for resisting machine learning attack comprises a PUF generating module and a logic confusion encryption module, wherein the output end of the PUF generating module is connected with the input end of the logic confusion encryption module, and the output end of the logic confusion encryption module is the output of the logic encryption enhancement type PUF structure for resisting the machine learning attack.
The PUF generating module comprises two mirror image delay links and an SR latch, generates one-bit binary digital response by comparing delay differences of paths of the two mirror image delay links, and judges the fastest link by the SR latch and outputs signals.
The mirror delay link comprises a D trigger and a configurable link, wherein the input end D of the D trigger is kept at a high level, and the output end Q of the D trigger is connected with the input end of the configurable link.
The configurable link consists of n-stage delay units in cascade, each delay unit comprises a two-stage selector and two inverters, the input end of the first-stage delay unit is used as the input end of the configurable link to be connected with the output end Q of the D trigger, the input end of the first-stage delay unit is connected with the input ends of the two inverters, the output ends of the two inverters are respectively connected with the two input ends of the two-stage selector, the output end of the selector is connected with the input end of the second-stage delay unit, and the like, the output end of the i-1-stage delay unit is connected with the input end of the i-stage delay unit, the input end of the i-stage delay unit is connected with the input ends of the two inverters of the current stage, the output ends of the two inverters are connected with the two input ends of the two-stage selector, and the output end of the selector is connected with the input end of the i+1-stage delay unit until the output end of the n-stage delay unit is connected with one input end of the SR latch, and the i-stage delay unit is connected with the input end of the SR latch.
And the logic confusion encryption module encrypts the response result generated by the PUF generation module according to the correctness of the key, and finally outputs the response of the whole system.
The logic confusion encryption module comprises two logic confusion units and a plurality of gate circuits, wherein the logic confusion units comprise an AND gate, a NAND gate and a selector, the AND gate and the NAND gate share input and enabling signals of the logic encryption module, and output ends of the AND gate and the NAND gate are respectively connected with two input ends of the selector, and a result of one logic gate is selected to be output.
A logically encrypted enhanced PUF method to resist machine learning attacks, comprising the steps of:
s1, constructing a logic encryption enhancement type PUF, which comprises a PUF generation module and a logic confusion encryption module;
step S2, giving an n-bit binary input stimulus C, generating a one-bit response R by the PUF generating module, and transmitting the response R to the confusion encrypting module as an input signal;
Step S3, generating a two-bit random key K [1:0] by the upper computer, and judging whether K is a correct key by the logic confusion encryption module so as to determine whether to encrypt the response R:
If the key K is correct, a response R is correctly output;
Otherwise, the response R is obfuscated and an error obfuscated result R' is output.
Given an n-bit binary input stimulus C in the step S2, the PUF generating module generates a one-bit response R and transmits the response R to the obfuscating encryption module as an input signal thereof, including the steps of:
S2.1, initializing input signals of a PUF generating module, setting the input ends D of two D triggers of two delay links to be high level, and adopting the same clock pulse and an exact signal;
Step S2.2, at the rising edge of the clock signal, two D triggers transmit an exact signal to two configurable links;
step S2.3, giving an excitation signal Cn: 0, wherein the ith bit in the excitation signal C corresponds to sel_i in the alternative selector of the ith stage of the n-stage configurable link, and the sel_i signal determines that the selector selects one of two inverters connected with the selector to output;
Step S2.4, when the signal passes through two delay links and reaches the SR latch, the latch judges the output of the PUF generating module according to the delay, and generates a 1-bit response result Y:
if the signal passing through the link 1 arrives first, namely the delay of the link 1 is smaller than the delay of the link 2, the response result is 1;
Otherwise, the response result is 0.
The step S3 of encrypting the response R by the logic confusion encryption module comprises the following steps:
S3.1, initializing an enabling signal Enable, setting the enabling signal Enable to be high level, generating a two-bit random key K1:0 by an upper computer, and starting a logic confusion encryption module to work;
step S3.2, responding Y and enabling signal Enable as the common input signal of two logic confusion units Cell1 and Cell2, the random keys K [0] and K [1] respectively control the alternative selector MUX_i in Cell1 and Cell 2;
S3.3, MUX_i judges the output result O_i of the logic confusion unit according to the value of K [ i ];
Step S3.4, the output O1 of the logic confusion unit Cell1 and the output O2 of the logic confusion unit Cell2 generate a one-bit output result Out after the logic operations of the logic OR gate, the exclusive OR gate and the AND gate;
step S3.5, the logic confusion encryption module encrypts the response R according to whether the random key K [1:0] is the correct key:
if the random key is equal to the correct key, the logic confusion encryption module outputs the PUF response Y correctly, namely out=y;
Otherwise, the logic confusion encryption module confusion the PUF response Y, and outputs an error result, namely Out, which is not equal to Y.
Compared with the prior art, the invention has the beneficial effects that:
1. The invention uses less hardware resources, and the ML modeling attack resistance of the PUF is obviously improved by only using the two-bit encryption key. Meanwhile, the problems that the PUF stability and reliability are greatly reduced although the anti-attack capability of the PUF is effectively improved in the prior art are solved, and the performance of the PUF is not affected under the condition that the secret key is correct.
2. The invention is not limited to a specific PUF structure, can be effectively implemented on any strong PUF, is equivalent to adding a protective shell to the strong PUF circuit, can effectively improve the anti-attack capability of the PUF, and simultaneously effectively improves the anti-ML attack capability of the PUF, and adopts typical ML attack methods such as logistic regression, a support vector machine, a random forest and the like, wherein the prediction accuracy is about 50 percent, which is equivalent to random prediction.
In summary, the invention uses the two-bit secure key control logic confusion encryption module to carry out confusion encryption on the response generated by the PUF generation module, so that an attacker cannot collect the correct excitation response, the machine learning attack resistance of the PUF is remarkably improved, meanwhile, the invention does not destroy the structure of the original PUF generation module, but adds the logic confusion encryption circuit after the response, thereby effectively avoiding the influence on the performance such as the stability and the reliability of the PUF, on the basis of not influencing the original performance of the PUF, effectively improving the machine learning attack resistance of the PUF, greatly reducing the resource cost, having higher flexibility and being applicable to the identity authentication of the lightweight equipment with high reliability and high safety.
Drawings
Fig. 1 is a logically encrypted enhanced PUF structure of the present invention that is resistant to machine learning attacks.
Fig. 2 is a PUF generation module structure of the present invention.
Fig. 3 is a logical obfuscated encryption module architecture of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
A logical encryption enhancement type PUF method for resisting machine learning attack comprises the following specific steps:
step S1, constructing a logic encryption enhancement type PUF, comprising a PUF generation module and a logic confusion encryption module, referring to FIG. 1, the invention comprises the PUF generation module and the logic confusion encryption module;
the PUF generation module generates a one-bit binary digital response by comparing the delay differences of the two mirror paths;
and the logic confusion encryption module encrypts the response result generated by the PUF generation module according to the correctness of the key, and finally outputs the response of the whole system.
Referring to fig. 2, the PUF generation module includes two mirror delay links and an SR latch, and the SR latch determines the fastest link and outputs a signal.
The delay link comprises a D trigger and a configurable link, wherein the input end D of the D trigger is kept at a high level, and the output end Q of the D trigger is connected with the input end of the configurable link.
The configurable link consists of n-stage delay units in cascade, each delay unit comprises a two-stage selector and two inverters, the input end of the first-stage delay unit is used as the input end of the configurable link to be connected with the output end Q of the D trigger, the input end of the first-stage delay unit is connected with the input ends of the two inverters, the output ends of the two inverters are respectively connected with the two input ends of the two-stage selector, the output end of the selector is connected with the input end of the second-stage delay unit, and the like, the output end of the i-1-stage delay unit is connected with the input end of the i-stage delay unit, the input end of the i-stage delay unit is connected with the input ends of the two inverters of the current stage, the output ends of the two inverters are connected with the two input ends of the two-stage selector, and the output end of the selector is connected with the input end of the i+1-stage delay unit until the output end of the n-stage delay unit is connected with one input end of the SR latch, and the i-stage delay unit is connected with the input end of the SR latch.
The output ends of the two configurable links are respectively connected with the input end S and the input end R of the SR latch, and the output end Y1 of the SR latch is the output Y of the PUF generating module.
Referring to fig. 1 and 3, the logic confusion encryption module includes two logic confusion units and a plurality of gates, and an output end of the PUF generation module is connected with an input end of the logic confusion encryption module, where the output end of the logic confusion encryption module is an output of the whole logic encryption enhancement PUF structure resisting the machine learning attack.
The logic confusion encryption unit comprises an AND gate, a NAND gate and a two-out-of-one selector, wherein the AND gate and the NAND gate share the input and the enabling signals of the logic encryption module, and the output ends of the AND gate and the NAND gate are respectively connected with the two input ends of the selector, and the result of one logic gate is selected to be output.
Step S2, giving an n-bit binary input stimulus C, generating a one-bit response R by the PUF generating module, and transmitting the response R to the confusion encrypting module as an input signal;
S2.1, initializing input signals of a PUF generating module, setting the input ends D of two D triggers of two delay links to be high level, and adopting the same clock pulse and an exact signal;
Step S2.2, at the rising edge of the clock signal, two D triggers transmit an exact signal to two configurable links;
step S2.3, giving an excitation signal Cn: 0, wherein the ith bit in the excitation signal C corresponds to sel_i in the alternative selector of the ith stage of the n-stage configurable link, and the sel_i signal determines that the selector selects one of two inverters connected with the selector to output;
Step S2.4, when the signal passes through two delay links and reaches the SR latch, the latch judges the output of the PUF generating module according to the delay, and generates a 1-bit response result Y:
if the signal passing through the link 1 arrives first, namely the delay of the link 1 is smaller than the delay of the link 2, the response result is 1;
Otherwise, the response result is 0;
S3, the logic confusion encryption module in the step S3 carries out encryption processing on the response R;
referring to fig. 3, assuming that the correct key K [1:0] =10, the implementation of this step is as follows:
s3.1, initializing an enabling signal Enable, setting the enabling signal Enable to be high level, generating a two-bit random key K1:0 by an upper computer, and starting a logic confusion encryption module to work;
step S3.2, responding Y and enabling signal Enable as the common input signal of two logic confusion units Cell1 and Cell2, the random keys K [0] and K [1] respectively control the alternative selector MUX_i in Cell1 and Cell 2;
Step S3.3, MUX_i judges the output result O_i of the logic confusion unit according to the value of K [ i ], and the output result O_i is expressed as follows:
Step S3.4, the output O1 of the logic confusion unit Cell1 and the output O2 of the logic confusion unit Cell2 generate a one-bit output result Out after the logic operations of the logic OR gate, the exclusive OR gate and the AND gate;
step S3.5, the logic confusion encryption module encrypts the response R according to whether the random key K [1:0] is the correct key:
if the random key is equal to the correct key, namely K [1:0] =10, the logic confusion encryption module correctly outputs a PUF response Y, namely Out=Y;
Otherwise, the logic confusion encryption module confusion the PUF response Y, and outputs an error result, namely Out, which is not equal to Y.

Claims (9)

1. The logic encryption enhancement type PUF circuit for resisting the machine learning attack is characterized by comprising a PUF generation module and a logic confusion encryption module, wherein the output end of the PUF generation module is connected with the input end of the logic confusion encryption module, and the output end of the logic confusion encryption module is the output of the logic encryption enhancement type PUF structure for resisting the machine learning attack.
2. The logically encrypted enhanced PUF circuit of claim 1 wherein the PUF generation module comprises two mirrored delay links and an SR latch, wherein a one-bit binary digital response is generated by comparing the delay differences of the paths of the two mirrored delay links, and the SR latch determines the fastest link and outputs the signal.
3. A logically encrypted enhanced PUF circuit according to claim 2, wherein said mirrored delay chain comprises a D flip-flop and a configurable chain, the input D of the D flip-flop being held high and the output Q of the D flip-flop being connected to the input of the configurable chain.
4. A logically encrypted enhanced PUF circuit according to claim 3, wherein the configurable link comprises a cascade of n-stage delay units, each delay unit comprising a two-stage selector and two inverters, the input of the first-stage delay unit being connected to the output Q of the D-flip-flop as the input of the configurable link, the input of the first-stage delay unit being connected to the inputs of the two inverters, the outputs of the two inverters being connected to the two inputs of the two-stage selector, respectively, the output of the selector being connected to the input of the second-stage delay unit, and so on, the output of the i-1-stage delay unit being connected to the input of the i-stage delay unit, the input of the i-stage delay unit being connected to the inputs of the two inverters of the present stage, the outputs of the two inverters being connected to the two inputs of the two-stage selector, respectively, and the outputs of the selector being connected to the input of the i+1-stage delay unit, until the output of the n-stage delay unit is connected to the input of the one-stage delay unit, i.e. the latch link is configured.
5. The logically encrypted enhanced PUF circuit of claim 1, wherein the response result generated by the PUF generation module is encrypted by the logically confused encryption module according to the correctness of the key, and finally the response of the whole system is output.
6. The machine learning attack resistant logic encryption enhancement type PUF circuit of claim 5, wherein the logic confusion encryption module comprises two logic confusion units and a plurality of gates, the logic confusion units comprise an AND gate, a NAND gate and a selector, the AND gate and the NAND gate share the input and the enable signals of the logic encryption module, and the output ends of the AND gate and the NAND gate are respectively connected with the two input ends of the selector, and the result of one logic gate is selected to be output.
7. A logically encrypted enhanced PUF method for machine learning attack resistance, comprising the steps of:
s1, constructing a logic encryption enhancement type PUF, which comprises a PUF generation module and a logic confusion encryption module;
step S2, giving an n-bit binary input stimulus C, generating a one-bit response R by the PUF generating module, and transmitting the response R to the confusion encrypting module as an input signal;
step S3, generating a two-bit random key K through the upper computer, and judging whether the K is a correct key by the logic confusion encryption module so as to determine whether to encrypt the response R:
If the key K is correct, a response R is correctly output;
Otherwise, the response R is obfuscated and an error obfuscated result R' is output.
8. The method of claim 7, wherein given an n-bit binary input stimulus C in step S2, the PUF generating module generates a bit response R and transmits the response R to the obfuscated cryptographic module as its input signal, comprising the steps of:
S2.1, initializing input signals of a PUF generating module, setting the input ends D of two D triggers of two delay links to be high level, and adopting the same clock pulse and an exact signal;
Step S2.2, at the rising edge of the clock signal, two D triggers transmit an exact signal to two configurable links;
step S2.3, giving an excitation signal Cn: 0, wherein the ith bit in the excitation signal C corresponds to sel_i in the alternative selector of the ith stage of the n-stage configurable link, and the sel_i signal determines that the selector selects one of two inverters connected with the selector to output;
Step S2.4, when the signal passes through two delay links and reaches the SR latch, the latch judges the output of the PUF generating module according to the delay, and generates a 1-bit response result Y:
if the signal passing through the link 1 arrives first, namely the delay of the link 1 is smaller than the delay of the link 2, the response result is 1;
Otherwise, the response result is 0.
9. The method of claim 7, wherein the step S3 of encrypting the response R by the logically confusing encryption module comprises the steps of:
s3.1, initializing an enabling signal Enable, setting the enabling signal Enable to be high level, generating a two-bit random key K1:0 by a true random number generator, and starting the logic confusion encryption module to work;
step S3.2, responding Y and enabling signal Enable as the common input signal of two logic confusion units Cell1 and Cell2, the random keys K [0] and K [1] respectively control the alternative selector MUX_i in Cell1 and Cell 2;
S3.3, MUX_i judges the output result O_i of the logic confusion unit according to the value of K [ i ];
Step S3.4, the output O1 of the logic confusion unit Cell1 and the output O2 of the logic confusion unit Cell2 generate a one-bit output result Out after the logic operations of the logic OR gate, the exclusive OR gate and the AND gate;
step S3.5, the logic confusion encryption module encrypts the response R according to whether the random key K [1:0] is the correct key:
if the random key is equal to the correct key, the logic confusion encryption module outputs the PUF response Y correctly, namely out=y;
Otherwise, the logic confusion encryption module confusion the PUF response Y, and outputs an error result, namely Out, which is not equal to Y.
CN202411326473.0A 2024-09-23 2024-09-23 A logical encryption enhanced PUF circuit and method for resisting machine learning attacks Pending CN119210732A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411326473.0A CN119210732A (en) 2024-09-23 2024-09-23 A logical encryption enhanced PUF circuit and method for resisting machine learning attacks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411326473.0A CN119210732A (en) 2024-09-23 2024-09-23 A logical encryption enhanced PUF circuit and method for resisting machine learning attacks

Publications (1)

Publication Number Publication Date
CN119210732A true CN119210732A (en) 2024-12-27

Family

ID=94055837

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411326473.0A Pending CN119210732A (en) 2024-09-23 2024-09-23 A logical encryption enhanced PUF circuit and method for resisting machine learning attacks

Country Status (1)

Country Link
CN (1) CN119210732A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120257388A (en) * 2025-06-09 2025-07-04 浪潮电子信息产业股份有限公司 A data processing device and logic device thereof

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120257388A (en) * 2025-06-09 2025-07-04 浪潮电子信息产业股份有限公司 A data processing device and logic device thereof

Similar Documents

Publication Publication Date Title
Sahoo et al. A multiplexer-based arbiter PUF composition with enhanced reliability and security
Zhang et al. CT PUF: Configurable tristate PUF against machine learning attacks for IoT security
Idriss et al. A PUF-based paradigm for IoT security
US20080143561A1 (en) Operation processing apparatus, operation processing control method, and computer program
Zhou et al. Bagua protocol: a whole-process configurable protocol for IoT sensing devices security based on strong PUF
TWI484368B (en) Integrated safety devices and signal processing methods for integrating safety devices
Wang et al. Modeling attack resistant PUFs based on adversarial attack against machine learning
Wang et al. Multi-source training deep-learning side-channel attacks
Wang et al. Adversarial attack against modeling attack on PUFs
CN119210732A (en) A logical encryption enhanced PUF circuit and method for resisting machine learning attacks
Sahoo et al. Architectural bias: A novel statistical metric to evaluate arbiter PUF variants.
Suzuki et al. Efficient fuzzy extractors based on ternary debiasing method for biased physically unclonable functions
Zalivaka et al. FPGA implementation of modeling attack resistant arbiter PUF with enhanced reliability
Nozaki et al. Secret sharing schemes based secure authentication for physical unclonable function
Achkoun et al. SPF-CA: A new cellular automata based block cipher using key-dependent S-boxes
Liu et al. 36.3 a modeling attack resilient strong PUF with feedback-SPN structure having< 0.73% bit error rate through in-cell hot-carrier injection burn-in
Abdelraheem et al. Cryptanalysis of ARMADILLO2
Zeng et al. A Novel Secure Key Stream Generator Based on Chaotic Multi-State Cellular Automata
Rojas et al. Comparative analysis on the scaling properties of arbiter-based pufs
CN111565110B (en) Unified identity authentication system and method based on RO PUF multi-core system
CN117675197A (en) Strong PUF circuit of anti modeling attack
CN109450614B (en) An encryption and decryption method suitable for high-speed data transmission path
Ueno et al. Rejection sampling schemes for extracting uniform distribution from biased pufs
Rojas et al. Stochastic selection of responses for physically unclonable functions
CN110232293B (en) APUF circuit based on cascade connection of maximum delay subchain and minimum delay subchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载