CryptoPUF: A Lightweight and ML-Resilient Strong PUF Based on a Weak PUF and Crypto Core

Abstract

The rapid expansion of Internet of Things (IoT) systems has introduced significant security challenges, particularly for highly resource-constrained edge devices such as battery powered sensors and UHF RFID tags. Physical Unclonable Functions (PUFs) provide a promising solution for energy-efficient security by generating unique “digital fingerprints” based on device fabrication variations. However, recent advances in Machine Learning (ML) models have shown the ability to compromise the Challenge-Response Pairs (CRPs) of conventional strong PUFs.

In contrast, cryptographic algorithms are resilient to ML attacks but lack the intrinsic key that PUFs can provide. In this work, we propose CryptoPUF, a lightweight and ML-resilient hardware solution that integrates a weak PUF with a cryptographic encryption core. CryptoPUF can function as a Crypto-enhanced PUF, adding a security layer to protect the weak PUF from exposure while significantly increasing the number of available CRPs. It also serves as a PUF-enhanced cryptographic encryption core with intrinsic key generation to eliminate the need for onchip key storage. Evaluation results demonstrate CryptoPUF’s strong resistance to Logistic Regression, Support Vector Machines, and Multilayer Perceptron attacks, achieving a near-ideal 50% prediction accuracy while minimizing hardware resource utilization.

Compared to state-of-the-art solutions, CryptoPUF stands out as the most compact ML-resilient PUF, making it a highly efficient and secure option for IoT systems. Index Terms—Hardware security, physical unclonable function (PUF), cryptography, Internet-of-Things (IoT).

Related Papers