Physically Uncloneable Functions in the Stand-Alone and Universally Composable Framework

In this thesis, we investigate the possibility of basing cryptographic primitives on Physically Uncloneable Functions (PUF). A PUF is a piece of hardware that can be seen as a source of randomness. When a PUF is evaluated on a physical stimulus, it answers with a noisy output. PUFs are unpredictable such that even if a chosen stimulus is given, it should be infeasible to predict the corresponding output without physically evaluating the PUF. Furthermore, PUFs are uncloneable, which means that even if all components of the system are known, it is computational infeasible to model their behavior. In the course of this dissertation, we discuss PUFs in the context of their implementation, their mathematical description, as well as their usage as a cryptographic primitive and in cryptographic protocols. We first give an overview of the most prominent PUF constructions in order to derive subsequently an appropriate mathematical PUF model. It turns out that this is a non- trivial task, because it is not certain which common security properties are generally necessary and achievable due to the numerous PUF implementations. Next, we consider PUFs in security applications. Due to the properties of PUFs, these hardware tokens are good to build authentication protocols that rely on challenge/response pairs. If the number of potential PUF-based challenge/response pairs is large enough, an adversary cannot measure all PUF responses. Therefore, the at- tacker will most likely not be able to answer the challenge of the issuing party even if he had physical access to the PUF for a short time. However, we show that some of the previously suggested protocols are not fully secure in the attacker model where the adversary has physical control of the PUF and the corresponding reader during a short time. Finally, we analyze PUFs in the universally composable (UC) framework for the first time. Although hardware tokens have been considered before in the UC framework, designing PUF-based protocols is fundamentally different from other hardware token approaches. One reason is that the manufacturer of the PUF creates a physical object that outputs pseudorandom values, but where no specific code is running. In fact, the functional behavior of the PUF is unpredictable even for the PUF creator. Thus, only the party in possession of the PUF has full access to the secrets. After formalizing PUFs in the UC framework, we derive efficient UC-secure protocols for basic tasks like oblivious transfer, commitments, and key exchange

Quantum Cryptography Beyond Quantum Key Distribution

Quantum cryptography is the art and science of exploiting quantum mechanical effects in order to perform cryptographic tasks. While the most well-known example of this discipline is quantum key distribution (QKD), there exist many other applications such as quantum money, randomness generation, secure two- and multi-party computation and delegated quantum computation. Quantum cryptography also studies the limitations and challenges resulting from quantum adversaries---including the impossibility of quantum bit commitment, the difficulty of quantum rewinding and the definition of quantum security models for classical primitives. In this review article, aimed primarily at cryptographers unfamiliar with the quantum world, we survey the area of theoretical quantum cryptography, with an emphasis on the constructions and limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference

Physical Unclonable Functions based on Temperature Compensated Ring Oscillators

Physical unclonable functions (PUFs) are promising hardware security primitives suitable for low-cost cryptographic applications.Ring oscillator (RO) PUF is a well-received silicon PUF solution due to its ease of implementation and entropy evaluation. However, the responses of RO-PUFs are susceptible to environmental changes, in particular, to temperature variations. Additionally, a conventional RO-PUF implementation is usually more power-hungry than other PUF alternatives. This paper explores circuit-level techniques to design low-power RO-PUFs with enhanced thermal stability. We introduce a power-efficient approach based on a phase/frequency detector (PFD) to perform pairwise comparisons of ROs. We also propose a temperature compensated bulk-controlled oscillator and investigate its feasibility and usage in PFD-based RO-PUFs. Evaluation results demonstrate that the proposed techniques can effectively reduce the thermally induced errors in PUF responses while imposing a very low power overhead

A Study on Controlling Power Supply Ramp-Up Time in SRAM PUFs

With growing connectivity in the modern era, the risk of encrypted data stored in hardware being exposed to third-party adversaries is higher than ever. The security of encrypted data depends on the secrecy of the stored key. Conventional methods of storing keys in Non-Volatile Memory have been shown to be susceptible to physical attacks. Physically Unclonable Functions provide a unique alternative to conventional key storage. SRAM PUFs utilize inherent process variation caused during manufacturing to derive secret keys from the power-up values of SRAM memory cells. This thesis analyzes the effect of supply ramp-up times on the reliability of SRAM PUFs. We use SPICE simulations as the platform to observe the effect of supply ramp times at the circuit level using carefully controlled supply voltages during power-up. We also measure the effect of supply ramp times on commercially available SRAM ICs by performing reliability and uniqueness measurements on two commercial SRAM models. Finally, a hardware implementation is proposed in a commercial 16nm FinFET technology to establish the design flow for taping out a custom SRAM IC with separated peripheral and core power supplies that would allow for experimental evaluation of sequenced power supplies on the SRAM PUF

A low cost solution to authentication in passive RFID systems

Auto-ID Lab University of Adelaide (c) 2006 Copyright. The document attached has been archived with permission.This paper aims to propose a solution to address the issue of authentication to prevent counterfeiting in a low cost RFID based system based on using Physically Uncloneable Functions.Damith C. Ranasinghe, Daihyun Lim, Peter H. Cole and Srinivas Devada