Attacks and Countermeasures for Capacitive PUF-Based Security Enclosures

Protecting embedded devices from tampering is a difficult task since the attacker can perform manipulations through physical access. To provide a security barrier for protection, envelopes based on Physical Unclonable Functions (PUFs) have been developed. Their PUF emerges from, for example, a mesh of electrical capacitors embedded in the envelope. Even though these envelopes have several advantages over existing battery-backed solutions, it has been shown that they are susceptible to micro-drilling and bypassing attacks, where the capacitances and thereby the PUF secret can be extracted unnoticed. We harden the security of the capacitive PUF-based enclosure by presenting the three most impactful hardware attacks and proposing practical countermeasures for micro drilling, bypassing, and magnetic probing. We analyze the impact of drilling attacks with small diameters << 300 mu m, and discuss additional countermeasures. We also propose a hardware countermeasure for the previously published bypassing attack. Furthermore, we conduct an H-probe attack on the magnetic field permeating the envelope's shielding where we show, in practice as well as through Finite Element Analysis (FEA), that intercepting the transmission of digitized PUF-responses is practically feasible. As a countermeasure, we extend our PUF evaluation system by cryptographic security measures to ensure confidentiality. Our discussion of attacks and the development of countermeasures brings PUF-based security enclosures an important step forward towards their practical applications in the next generation of high security systems.