120 research outputs found
A formal definition and a new security mechanism of physical unclonable functions
The characteristic novelty of what is generally meant by a "physical
unclonable function" (PUF) is precisely defined, in order to supply a firm
basis for security evaluations and the proposal of new security mechanisms. A
PUF is defined as a hardware device which implements a physical function with
an output value that changes with its argument. A PUF can be clonable, but a
secure PUF must be unclonable. This proposed meaning of a PUF is cleanly
delineated from the closely related concepts of "conventional unclonable
function", "physically obfuscated key", "random-number generator", "controlled
PUF" and "strong PUF". The structure of a systematic security evaluation of a
PUF enabled by the proposed formal definition is outlined. Practically all
current and novel physical (but not conventional) unclonable physical functions
are PUFs by our definition. Thereby the proposed definition captures the
existing intuition about what is a PUF and remains flexible enough to encompass
further research. In a second part we quantitatively characterize two classes
of PUF security mechanisms, the standard one, based on a minimum secret
read-out time, and a novel one, based on challenge-dependent erasure of stored
information. The new mechanism is shown to allow in principle the construction
of a "quantum-PUF", that is absolutely secure while not requiring the storage
of an exponentially large secret. The construction of a PUF that is
mathematically and physically unclonable in principle does not contradict the
laws of physics.Comment: 13 pages, 1 figure, Conference Proceedings MMB & DFT 2012,
Kaiserslautern, German
A new Definition and Classification of Physical Unclonable Functions
A new definition of "Physical Unclonable Functions" (PUFs), the first one
that fully captures its intuitive idea among experts, is presented. A PUF is an
information-storage system with a security mechanism that is
1. meant to impede the duplication of a precisely described
storage-functionality in another, separate system and
2. remains effective against an attacker with temporary access to the whole
original system.
A novel classification scheme of the security objectives and mechanisms of
PUFs is proposed and its usefulness to aid future research and security
evaluation is demonstrated. One class of PUF security mechanisms that prevents
an attacker to apply all addresses at which secrets are stored in the
information-storage system, is shown to be closely analogous to cryptographic
encryption. Its development marks the dawn of a new fundamental primitive of
hardware-security engineering: cryptostorage. These results firmly establish
PUFs as a fundamental concept of hardware security.Comment: 6 pages, 3 figures; Proceedings "CS2 '15 Proceedings of the Second
Workshop on Cryptography and Security in Computing Systems", Amsterdam, 2015,
ACM Digital Librar
Evaluation of PUF and QKD integration techniques as root of trust in communication systems
Quantum Cryptography could be the next key technology in terms of secure communication, but, as with every new technology, it presents problems that need to be solved in
order to become a reality in daily life. This work discusses the integration of Physical Unclonable Functions (PUFs) as a solution for the authentication of the endpoints in quantum
communication protocols. The use of PUF constructions would allow the authentication
of devices without the need of relying on third parties, and support switched trustworthy quantum communication channels; two unseen features in Quantum Key Distribution
(QKD) until now. We analyze in detail PUF integration within the BB84 protocol, as it
is the foundation for all QKD protocols, and two proposals for an authentication scheme
are made, depending on the connection characteristics of the communication endpoints
and the distance between them. These proposals are then generalized for other types of
QKD protocol. Moreover, different types of PUF are analyzed to conclude which ones are
the most suitable for our purpose.La Criptografía Cuántica podría ser la próxima tecnología clave en relación a la seguridad
de las comunicaciones pero, como toda nueva tecnología, presenta problemas que deben
ser resueltos antes de llegar a ser una realidad en el día a día. Este trabajo discute
la integración de Funciones Físicas No-Clonables (PUFs, por sus siglas en inglés) como
solución a la autenticación de los extremos en un protocolo de comunicación cuántica.
El uso de PUFs permitiría la autenticación de dispositivos sin necesidad de depender de
terceros, además de abrir la posibilidad a la conmutación de canales de comunicación
cuántica; dos características nunca vistas en la Distribución Cuántica de Claves (QKD,
por sus siglas en inglés) hasta ahora. Se analiza en detalle la integración de PUFs en el
protocolo BB84, ya que es la base de todos los protocolos de QKD, y se proponen dos
esquemas de autenticación distintos, atendiendo a las características de los extremos de
la comunicación y la distancia entre ellos. Después, estas propuestas se generalizan para
el resto de protocolos de QKD. Además, se estudian distintos tipos de PUF con el objeto
de encontrar la más adecuada para nuestro propósito.Universidad de Sevilla. Grado en Físic
Roadmap on optical security
Postprint (author's final draft
Authenticated communication from quantum readout of PUFs
Quantum readout of physical unclonable functions (PUFs) is a recently introduced method for remote authentication of objects. We present an extension of the protocol to enable the authentication of data: A verifier can check if received classical data were sent by the PUF holder. We call this modification QR-d or, in the case of the optical-PUF implementation, QSA-d. We discuss how QSA-d can be operated in a parallel way. We also present a protocol for authenticating quantum states.</p
Optical Systems Identification through Rayleigh Backscattering
: We introduce a technique to generate and read the digital signature of the networks, channels, and optical devices that possess the fiber-optic pigtails to enhance physical layer security (PLS). Attributing a signature to the networks or devices eases the identification and authentication of networks and systems thus reducing their vulnerability to physical and digital attacks. The signatures are generated using an optical physical unclonable function (OPUF). Considering that OPUFs are established as the most potent anti-counterfeiting tool, the created signatures are robust against malicious attacks such as tampering and cyber attacks. We investigate Rayleigh backscattering signal (RBS) as a strong OPUF to generate reliable signatures. Contrary to other OPUFs that must be fabricated, the RBS-based OPUF is an inherent feature of fibers and can be easily obtained using optical frequency domain reflectometry (OFDR). We evaluate the security of the generated signatures in terms of their robustness against prediction and cloning. We demonstrate the robustness of signatures against digital and physical attacks confirming the unpredictability and unclonability features of the generated signatures. We explore signature cyber security by considering the random structure of the produced signatures. To demonstrate signature reproducibility through repeated measurements, we simulate the signature of a system by adding a random Gaussian white noise to the signal. This model is proposed to address services including security, authentication, identification, and monitoring
Quantum Physical Unclonable Functions: Possibilities and Impossibilities
A Physical Unclonable Function (PUF) is a device with unique behaviour that
is hard to clone hence providing a secure fingerprint. A variety of PUF
structures and PUF-based applications have been explored theoretically as well
as being implemented in practical settings. Recently, the inherent
unclonability of quantum states has been exploited to derive the quantum
analogue of PUF as well as new proposals for the implementation of PUF. We
present the first comprehensive study of quantum Physical Unclonable Functions
(qPUFs) with quantum cryptographic tools. We formally define qPUFs,
encapsulating all requirements of classical PUFs as well as introducing a new
testability feature inherent to the quantum setting only. We use a quantum
game-based framework to define different levels of security for qPUFs: quantum
exponential unforgeability, quantum existential unforgeability and quantum
selective unforgeability. We introduce a new quantum attack technique based on
the universal quantum emulator algorithm of Marvin and Lloyd to prove no qPUF
can provide quantum existential unforgeability. On the other hand, we prove
that a large family of qPUFs (called unitary PUFs) can provide quantum
selective unforgeability which is the desired level of security for most
PUF-based applications.Comment: 32 pages including the appendi
Quantum Lock: A Provable Quantum Communication Advantage
Physical unclonable functions(PUFs) provide a unique fingerprint to a
physical entity by exploiting the inherent physical randomness. Gao et al.
discussed the vulnerability of most current-day PUFs to sophisticated machine
learning-based attacks. We address this problem by integrating classical PUFs
and existing quantum communication technology. Specifically, this paper
proposes a generic design of provably secure PUFs, called hybrid locked
PUFs(HLPUFs), providing a practical solution for securing classical PUFs. An
HLPUF uses a classical PUF(CPUF), and encodes the output into non-orthogonal
quantum states to hide the outcomes of the underlying CPUF from any adversary.
Here we introduce a quantum lock to protect the HLPUFs from any general
adversaries. The indistinguishability property of the non-orthogonal quantum
states, together with the quantum lockdown technique prevents the adversary
from accessing the outcome of the CPUFs. Moreover, we show that by exploiting
non-classical properties of quantum states, the HLPUF allows the server to
reuse the challenge-response pairs for further client authentication. This
result provides an efficient solution for running PUF-based client
authentication for an extended period while maintaining a small-sized
challenge-response pairs database on the server side. Later, we support our
theoretical contributions by instantiating the HLPUFs design using accessible
real-world CPUFs. We use the optimal classical machine-learning attacks to
forge both the CPUFs and HLPUFs, and we certify the security gap in our
numerical simulation for construction which is ready for implementation.Comment: Replacement of paper "Hybrid PUF: A Novel Way to Enhance the Security
of Classical PUFs" (arXiv:2110.09469
- …