A new Definition and Classification of Physical Unclonable Functions

A new definition of "Physical Unclonable Functions" (PUFs), the first one that fully captures its intuitive idea among experts, is presented. A PUF is an information-storage system with a security mechanism that is 1. meant to impede the duplication of a precisely described storage-functionality in another, separate system and 2. remains effective against an attacker with temporary access to the whole original system. A novel classification scheme of the security objectives and mechanisms of PUFs is proposed and its usefulness to aid future research and security evaluation is demonstrated. One class of PUF security mechanisms that prevents an attacker to apply all addresses at which secrets are stored in the information-storage system, is shown to be closely analogous to cryptographic encryption. Its development marks the dawn of a new fundamental primitive of hardware-security engineering: cryptostorage. These results firmly establish PUFs as a fundamental concept of hardware security.Comment: 6 pages, 3 figures; Proceedings "CS2 '15 Proceedings of the Second Workshop on Cryptography and Security in Computing Systems", Amsterdam, 2015, ACM Digital Librar

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Quantum Cryptography

Quantum cryptography is a new method for secret communications offering the ultimate security assurance of the inviolability of a Law of Nature. In this paper we shall describe the theory of quantum cryptography, its potential relevance and the development of a prototype system at Los Alamos, which utilises the phenomenon of single-photon interference to perform quantum cryptography over an optical fiber communications link.Comment: 36 pages in compressed PostScript format, 10 PostScript figures compressed tar fil

Mobile phone and e-government in Turkey: practices and technological choices at the cross-road

Enhanced data services through mobile phones are expected to be soon fully transactional and embedded within future mobile consumption practices. While private services will surely continue to take the lead, others such as government and NGOs will become more prominent m-players. It is not yet sure which form of technological standards will take the lead including enhance SMS based operations or Internet based specifically developed mobile phone applications. With the introduction of interactive transactions via mobile phones, currently untapped segment of the populations (without computers) have the potential to be accessed. Our research, as a reflection of the current market situation in an emerging country context, in the case of mobile phones analyzes the current needs or emergence of dependencies regarding the use of m/e-government services from the perspective of municipality officers. We contend that more research is needed to understand current preparatory bottlenecks and front loading activities to be able to encourage future intention to use e-government services through mobile phone technologies. This study highlights and interprets the current emerging practices and praxis for consuming m-government services within government