A formal definition and a new security mechanism of physical unclonable functions

The characteristic novelty of what is generally meant by a "physical unclonable function" (PUF) is precisely defined, in order to supply a firm basis for security evaluations and the proposal of new security mechanisms. A PUF is defined as a hardware device which implements a physical function with an output value that changes with its argument. A PUF can be clonable, but a secure PUF must be unclonable. This proposed meaning of a PUF is cleanly delineated from the closely related concepts of "conventional unclonable function", "physically obfuscated key", "random-number generator", "controlled PUF" and "strong PUF". The structure of a systematic security evaluation of a PUF enabled by the proposed formal definition is outlined. Practically all current and novel physical (but not conventional) unclonable physical functions are PUFs by our definition. Thereby the proposed definition captures the existing intuition about what is a PUF and remains flexible enough to encompass further research. In a second part we quantitatively characterize two classes of PUF security mechanisms, the standard one, based on a minimum secret read-out time, and a novel one, based on challenge-dependent erasure of stored information. The new mechanism is shown to allow in principle the construction of a "quantum-PUF", that is absolutely secure while not requiring the storage of an exponentially large secret. The construction of a PUF that is mathematically and physically unclonable in principle does not contradict the laws of physics.Comment: 13 pages, 1 figure, Conference Proceedings MMB & DFT 2012, Kaiserslautern, German

Coin Tossing is Strictly Weaker Than Bit Commitment

We define cryptographic assumptions applicable to two mistrustful parties who each control two or more separate secure sites between which special relativity guarantees a time lapse in communication. We show that, under these assumptions, unconditionally secure coin tossing can be carried out by exchanges of classical information. We show also, following Mayers, Lo and Chau, that unconditionally secure bit commitment cannot be carried out by finitely many exchanges of classical or quantum information. Finally we show that, under standard cryptographic assumptions, coin tossing is strictly weaker than bit commitment. That is, no secure classical or quantum bit commitment protocol can be built from a finite number of invocations of a secure coin tossing black box together with finitely many additional information exchanges.Comment: Final version; to appear in Phys. Rev. Let

Practical Quantum Bit Commitment Protocol

A quantum protocol for bit commitment the security of which is based on technological limitations on nondemolition measurements and long-term quantum memory is presented.Comment: Quantum Inf. Process. (2011

Neurophysiology

Contains reports on three research projects.National Institutes of Health (Grant 5 RO1 NB-04985-03)Instrumentation Laboratory under the auspices of DSR Project 55-257Bioscience Division of National Aeronautics and Space Administration through Contract NSR 22-009-138Bell Telephone Laboratories, Inc. (Grant)The Teagle Foundation, Inc. (Grant)U. S. Air Force (Aerospace Medical Division) under Contract AF33(615)-388

Quantum Key Distribution with High Loss: Toward Global Secure Communication

We propose a decoy-state method to overcome the photon-number-splitting attack for Bennett-Brassard 1984 quantum key distribution protocol in the presence of high loss: A legitimate user intentionally and randomly replaces signal pulses by multi-photon pulses (decoy-states). Then they check the loss of the decoy-states. If the loss of the decoy-states is abnormally less than that of signal pulses, the whole protocol is aborted. Otherwise, to continue the protocol, they estimate loss of signal multi-photon pulses based on that of decoy-states. This estimation can be done with an assumption that the two losses have similar values, that we justify.Comment: derivation made more detailed, 4 pages, RevTe

Hidden Quantum Markov Models and Open Quantum Systems with Instantaneous Feedback

Hidden Markov Models are widely used in classical computer science to model stochastic processes with a wide range of applications. This paper concerns the quantum analogues of these machines --- so-called Hidden Quantum Markov Models (HQMMs). Using the properties of Quantum Physics, HQMMs are able to generate more complex random output sequences than their classical counterparts, even when using the same number of internal states. They are therefore expected to find applications as quantum simulators of stochastic processes. Here, we emphasise that open quantum systems with instantaneous feedback are examples of HQMMs, thereby identifying a novel application of quantum feedback control.Comment: 10 Pages, proceedings for the Interdisciplinary Symposium on Complex Systems in Florence, September 2014, minor correction

Unconditionally Secure Bit Commitment

We describe a new classical bit commitment protocol based on cryptographic constraints imposed by special relativity. The protocol is unconditionally secure against classical or quantum attacks. It evades the no-go results of Mayers, Lo and Chau by requiring from Alice a sequence of communications, including a post-revelation verification, each of which is guaranteed to be independent of its predecessor.Comment: Typos corrected. Reference details added. To appear in Phys. Rev. Let

Neurophysiology

Contains reports on two research projects.Teagle Foundation, IncorporatedNational Institutes of HealthBell Telephone Laboratories, Incorporate