Under CopyrightMerli, D.D.MerliSchuster, D.D.SchusterStumpf, F.F.StumpfSigl, G.G.Sigl2022-03-1120.7.20112011https://publica.fraunhofer.de/handle/publica/37162610.1007/978-3-642-21599-5_3Embedded security systems based on Physical Unclonable Functions (PUFs) offer interesting protection properties, such as tamper resistance and unclonability. However, to establish PUFs as a high security primitive in the long run, their vulnerability to side-channel attacks has to be investigated. For this purpose, we analysed the side-channel leakage of PUF architectures and fuzzy extractor implementations. We identified several attack vectors within common PUF constructions and introduce two side-channel attacks on fuzzy extractors. Our proof-of-concept attack on an FPGA implementation of a fuzzy extractor shows that it is possible to extract the cryptographic key derived from a PUF by side-channel analysis.enphysical unclonable functionPUFside-channel analysisSCAFuzzy Extractorhelper dataFPGA004005conference paper