Low-complexity and Reliable Transforms for Physical Unclonable Functions

Noisy measurements of a physical unclonable function (PUF) are used to store secret keys with reliability, security, privacy, and complexity constraints. A new set of low-complexity and orthogonal transforms with no multiplication is proposed to obtain bit-error probability results significantly better than all methods previously proposed for key binding with PUFs. The uniqueness and security performance of a transform selected from the proposed set is shown to be close to optimal. An error-correction code with a low-complexity decoder and a high code rate is shown to provide a block-error probability significantly smaller than provided by previously proposed codes with the same or smaller code rates.Comment: To appear in IEEE International Conference on Acoustics, Speech, and Signal Processing 202

Functional mobile-based two-factor authentication by photonic physical unclonable functions

Given the rapid expansion of the Internet of Things and because of the concerns around counterfeited goods, secure and resilient cryptographic systems are in high demand. Due to the development of digital ecosystems, mobile applications for transactions require fast and reliable methods to generate secure cryptographic keys, such as Physical Unclonable Functions (PUFs). We demonstrate a compact and reliable photonic PUF device able to be applied in mobile-based authentication. A miniaturized, energy-efficient, and low-cost token was forged of flexible luminescent organic–inorganic hybrid materials doped with lanthanides, displaying unique challenge–response pairs (CRPs) for two-factor authentication. Under laser irradiation in the red spectral region, a speckle pattern is attained and accessed through conventional charge-coupled cameras, and under ultraviolet light-emitting diodes, it displays a luminescent pattern accessed through hyperspectral imaging and converted to a random intensity-based pattern, ensuring the two-factor authentication. This methodology features the use of a discrete cosine transform to enable a low-cost and semi-compact encryption system suited for speckle and luminescence-based CRPs. The PUF evaluation and the authentication protocol required the analysis of multiple CRPs from different tokens, establishing an optimal cryptographic key size (128 bits) and an optimal decision threshold level that minimizes the error probability.publishe

Secure and Reliable Key Agreement with Physical Unclonable Functions

Different transforms used in binding a secret key to correlated physical-identifier outputs are compared. Decorrelation efficiency is the metric used to determine transforms that give highly-uncorrelated outputs. Scalar quantizers are applied to transform outputs to extract uniformly distributed bit sequences to which secret keys are bound. A set of transforms that perform well in terms of the decorrelation efficiency is applied to ring oscillator (RO) outputs to improve the uniqueness and reliability of extracted bit sequences, to reduce the hardware area and information leakage about the key and RO outputs, and to maximize the secret-key length. Low-complexity error-correction codes are proposed to illustrate two complete key-binding systems with perfect secrecy, and better secret-key and privacy-leakage rates than existing methods. A reference hardware implementation is also provided to demonstrate that the transform-coding approach occupies a small hardware area.Comment: An extra term in the last page due to the mismatch between the Arxiv compiler and MDPI template is eliminated. No other change

Implementação fotónica de funções fisicamente não clonáveis

This dissertation aimed to study and develop optical Physically Unclonable Functions, which are physical devices characterized by having random intrinsic variations, thus being eligible towards high security systems due to their unclonability, uniqueness and randomness. With the rapid expansion of technologies such as Internet of Things and the concerns around counterfeited goods, secure and resilient cryptographic systems are in high demand. Moreover the development of digital ecosystems, mobile applications towards transactions now require fast and reliable algorithms to generate secure cryptographic keys. The statistical nature of speckle-based imaging creates an opportunity for these cryptographic key generators to arise. In the scope of this work, three different tokens were implemented as physically unclonable devices: tracing paper, plastic optical fiber and an organic-inorganic hybrid. These objects were subjected to a visible light laser stimulus and produced a speckle pattern which was then used to retrieve the cryptographic key associated to each of the materials. The methodology deployed in this work features the use of a Discrete Cosine Transform to enable a low-cost and semi-compact 128-bit key encryption channel. Furthermore, the authentication protocol required the analysis of multiple responses from different samples, establishing an optimal decision threshold level that maximized the robustness and minimized the fallibility of the system. The attained 128-bit encryption system performed, across all the samples, bellow the error probability detection limit of 10-12, showing its potential as a cryptographic key generator.Nesta dissertação pretende-se estudar e desenvolver Funções Fisicamente Não Clonáveis, dispositivos caracterizados por terem variações aleatórias intrínsecas, sendo, portanto, elegíveis para sistemas de alta segurança devido à sua impossibilidade de clonagem, unicidade e aleatoriedade. Com a rápida expansão de tecnologias como a Internet das Coisas e as preocupações com produtos falsificados, os sistemas criptográficos seguros e resilientes são altamente requisitados. Além disso, o desenvolvimento de ecossistemas digitais e de aplicações móveis para transações comerciais requerem algoritmos rápidos e seguros de geração de chaves criptográficas. A natureza estatística das imagens baseadas no speckle cria uma oportunidade para o aparecimento desses geradores de chaves criptográficas. No contexto deste trabalho, três dispositivos diferentes foram implementados como funções fisicamente não clonáveis, nomeadamente, papel vegetal, fibra ótica de plástico e um híbrido orgânico-inorgânico. Estes objetos foram submetidos a um estímulo de luz coerente na região espectral visível e produziram um padrão de speckle o qual foi utilizado para recuperar a chave criptográfica associada a cada um dos materiais. A metodologia implementada neste trabalho incorpora a Transformada Discreta de Cosseno, o que possibilita a criação de um sistema criptográfico de 128 bits caracterizado por ser semi-compacto e de baixo custo. O protocolo de autenticação exigiu a análise de múltiplas respostas de diferentes Physically Unclonable Functions (PUFs), o que permitiu estabelecer um nível de limite de decisão ótimo de forma a maximizar a robustez e minimizar a probabilidade de erro por parte do sistema. O sistema de encriptação de 128 bits atingiu valores de probabilidade de erro abaixo do limite de deteção, 10-12, para todas as amostras, mostrando o seu potencial como gerador de chaves criptográficas.Mestrado em Engenharia Físic

Variable-Length Bit Mapping and Error-Correcting Codes for Higher-Order Alphabet PUFs

Device-specific physical characteristics provide the foundation for PUFs, a hardware primitive for secure storage of cryptographic keys. So far, they have been implemented by either directly evaluating a binary output or by mapping outputs from a higher-order alphabet to a fixed-length bit sequence. However, the latter causes a significant bias in the derived key when combined with an equidistant quantization. To overcome this limitation, we propose a variable-length bit mapping that reflects the properties of a Gray code in a different metric, namely the Levenshtein metric instead of the classical Hamming metric. Subsequent error-correction is therefore based on a custom insertion/deletion correcting code. This new approach effectively counteracts the bias in the derived key already at the input side. We present the concept for our scheme and demonstrate its feasibility based on an empirical PUF distribution. As a result, we increase the effective output bit length of the secret by over 40% compared to state-of-the-art approaches while at the same time obtaining additional advantages, e.g., an improved tamper-sensitivity. This opens up a new direction of Error-Correcting Codes (ECCs) for PUFs that output responses with symbols of higher-order output alphabets

Biometric and Physical Identifiers with Correlated Noise for Controllable Private Authentication

The problem of secret-key based authentication under privacy and storage constraints on the source sequence is considered. The identifier measurement channels during authentication are assumed to be controllable via a cost-constrained action sequence. Single-letter inner and outer bounds for the key-leakage-storage-cost regions are derived for a generalization of a classic two-terminal key agreement model with an eavesdropper that observes a sequence that is correlated with the sequences observed by the legitimate terminals. The additions to the model are that the encoder observes a noisy version of a remote source, and the noisy output and the remote source output together with an action sequence are given as inputs to the measurement channel at the decoder. Thus, correlation is introduced between the noise components on the encoder and decoder measurements. The model with a secret key generated by an encoder is extended to the randomized models, where a secret-key is embedded to the encoder. The results are relevant for several user and device authentication scenarios including physical and biometric identifiers with multiple measurements that provide diversity and multiplexing gains. To illustrate the behavior of the rate region, achievable (secret-key rate, storage-rate, cost) tuples are given for binary identifiers and measurement channels that can be represented as a mixture of binary symmetric subchannels. The gains from using an action sequence such as a large secret-key rate at a significantly small hardware cost, are illustrated to motivate the use of low-complexity transform-coding algorithms with cost-constrained actions.Comment: Shorter version to appear in the IEEE International Symposium on Information Theory 202

Reflective-Physically Unclonable Function based System for Anti-Counterfeiting

Physically unclonable functions (PUF) are physical security mechanisms, which utilize inherent randomness in processes used to instantiate physical objects. In this dissertation, an extensive overview of the state of the art in implementations, accompanying definitions and their analysis is provided. The concept of the reflective-PUF is presented as a product security solution. The viability of the concept, its evaluation and the requirements of such a system is explored