Physically Unclonable Functions (PUFs) provide a streamlined solution for lightweight device authentication. Delay-based Arbiter PUFs, with their ease of implementation and vast challenge space, have received significant attention; however, they are not immune to modelling attacks that exploit correlations between their inputs and outputs. Research is therefore polarized between developing modelling-resistant PUFs and devising machine learning attacks against them. This dichotomy often results in exaggerated concerns and overconfidence in PUF security, primarily because there lacks a universal tool to gauge a PUF's security. In many scenarios, attacks require additional information, such as PUF type or configuration parameters. Alarmingly, new PUFs are often branded `secure' if they lack a specific attack model upon introduction. To impartially assess the security of delay-based PUFs, we present a generic framework featuring a Mixture-of-PUF-Experts (MoPE) structure for mounting attacks on various PUFs with minimal adversarial knowledge, which provides a way to compare their performance fairly and impartially. We demonstrate the capability of our model to attack different PUF types, including the first successful attack on Heterogeneous Feed-Forward PUFs using only a reasonable amount of challenges and responses. We propose an extension version of our model, a Multi-gate Mixture-of-PUF-Experts (MMoPE) structure, facilitating multi-task learning across diverse PUFs to recognise commonalities across PUF designs. This allows a streamlining of training periods for attacking multiple PUFs simultaneously. We conclude by showcasing the potent performance of MoPE and MMoPE across a spectrum of PUF types, employing simulated, real-world unbiased, and biased data sets for analysis.

翻译：物理不可克隆函数（PUF）为轻量级设备认证提供了简洁高效的解决方案。基于时延的仲裁器PUF因其实现简便且挑战空间巨大而备受关注，但这类PUF无法免疫利用输入输出相关性进行建模的攻击。当前研究呈现两极分化态势：一方面开发抗建模型PUF，另一方面设计针对这些PUF的机器学习攻击方法。这种二元对立状态常导致对PUF安全性的过度担忧或盲目自信，其根本原因在于缺乏评估PUF安全性的通用工具。在许多攻击场景中，攻击者需额外获取PUF类型或配置参数等先验信息。值得注意的是，新型PUF往往在缺乏特定攻击模型的情况下便被标榜为"安全"。为公正评估时延型PUF的安全性，我们提出了一种基于混合PUF专家（MoPE）架构的通用框架，能在最小攻击知识条件下对多种PUF实施攻击，从而实现公平公正的性能比较。实验证明该模型能有效攻击不同类型PUF，包括首次通过合理数量的挑战-响应对成功攻击异构前馈PUF。我们进一步提出扩展版本——多门控混合PUF专家（MMoPE）架构，通过多任务学习机制挖掘不同PUF设计间的共性特征，从而简化同时攻击多种PUF的训练流程。最后，我们采用模拟数据集、真实无偏数据集与有偏数据集，全面展示了MoPE与MMoPE在多种PUF类型上的强大攻击性能。