An Efficient and Scalable Modeling Attack on Lightweight Secure Physically Unclonable Function

The Lightweight Secure Physically Unclonable Function (LSPUF) was proposed as a secure composition of Arbiter PUFs with additional XOR based input and output networks. But later, researchers proposed a Machine Learning (ML) based modeling attack on x-XOR LSPUF, and they also empirically showed that pure ML based modeling is not computationally scalable if the parameter x of x-XOR LSPUF is larger than nine. Besides this pure computational attack using only challenge-response pairs (CRPs), there are other proposals for modeling attacks on LSPUF using timing and power side-channel information, reliability information and photonic side-channel information of an LSPUF instance. In this paper, we proposed another pure computational attack (i.e. without any sidechannel information) on multibit output LSPUF variants using both cryptanalysis and ML techniques together. We, first, cryptanalyse the output network of LSPUF to reduce the computational efforts required by previously proposed pure ML based modeling of an x-XOR LSPUF. Specifically, we model an LSPUF instance, while its output bit is defined as x-XOR PUF, using the ML modeling of y-XOR PUF where y < x. From the computational complexity view point, our proposed modeling attack is efficient and scalable than previously proposed pure ML based modeling of LSPUFs with respect to both data and time complexities. We demonstrate the effectiveness of our proposed attack using the Matlab based simulation of LSPUFs and LSPUFs implemented on Xilinx Artix-7 Field Programmable Gate Arrays (FPGAs).