Greater Expectations?

Physically Unclonable Functions (PUFs) are key tools in the construction of lightweight authentication and key exchange protocols. So far, all existing PUF-based authentication protocols follow the same paradigm: A resource-constrained prover, holding a PUF, wants to authenticate to a resource-rich verifier, who has access to a database of pre-measured PUF challenge-response pairs (CRPs). In this paper we consider application scenarios where all previous PUF-based authentication schemes fail to work: The verifier is resource-constrained (and holds a PUF), while the prover is resource-rich (and holds a CRP-database). We construct the first and efficient PUF-based authentication protocol for this setting, which we call converse PUF-based authentication. We provide an extensive security analysis against passive adversaries, show that a minor modification also allows for authenticated key exchange and propose a concrete instantiation using controlled Arbiter PUFs

Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation

Abstract. Physically Unclonable Functions (PUFs) provide a unique signature for integrated circuits (ICs), similar to a fingerprint for humans. They are primarily used to generate secret keys, hereby exploiting the unique manufacturing variations of an IC. Unfortunately, PUF output bits are not perfectly reproducible and non-uniformly distributed. To obtain a high-quality key, one needs to implement additional post-processing logic on the same IC. Fuzzy extractors are the well-established standard solution. Pattern Matching Key Generators (PMKGs) have been proposed as an alternative. In this work, we demonstrate the latter construction to be vulnerable against manipulation of its public helper data. Full key recovery is possible, although depending on system design choices. We demonstrate our attacks using a 4-XOR arbiter PUF, manufactured in 65nm CMOS technology. We also propose a simple but effective countermeasure

A Formal Study of the Privacy Concerns in Biometric-Based Remote Authentication Schemes

With their increasing popularity in cryptosystems, biometrics have attracted more and more attention from the information security community. However, how to handle the relevant privacy concerns remains to be troublesome. In this paper, we propose a novel security model to formalize the privacy concerns in biometric-based remote authentication schemes. Our security model covers a number of practical privacy concerns such as identity privacy and transaction anonymity, which have not been formally considered in the literature. In addition, we propose a general biometric-based remote authentication scheme and prove its security in our security model

Security and Efficiency Analysis of the Hamming Distance Computation Protocol Based on Oblivious Transfer

open access articleBringer et al. proposed two cryptographic protocols for the computation of Hamming distance. Their first scheme uses Oblivious Transfer and provides security in the semi-honest model. The other scheme uses Committed Oblivious Transfer and is claimed to provide full security in the malicious case. The proposed protocols have direct implications to biometric authentication schemes between a prover and a verifier where the verifier has biometric data of the users in plain form. In this paper, we show that their protocol is not actually fully secure against malicious adversaries. More precisely, our attack breaks the soundness property of their protocol where a malicious user can compute a Hamming distance which is different from the actual value. For biometric authentication systems, this attack allows a malicious adversary to pass the authentication without knowledge of the honest user's input with at most $O(n)$ complexity instead of $O(2^n)$, where $n$ is the input length. We propose an enhanced version of their protocol where this attack is eliminated. The security of our modified protocol is proven using the simulation-based paradigm. Furthermore, as for efficiency concerns, the modified protocol utilizes Verifiable Oblivious Transfer which does not require the commitments to outputs which improves its efficiency significantly

Equilibrium states for the Bose gas

The generating functional of the cyclic representation of the CCR (Canonical Commutation Relations) representation for the thermodynamic limit of the grand canonical ensemble of the free Bose gas with attractive boundary conditions is rigorously computed. We use it to study the condensate localization as a function of the homothety point for the thermodynamic limit using a sequence of growing convex containers. The Kac function is explicitly obtained proving non-equivalence of ensembles in the condensate region in spite of the condensate density being zero locally.Comment: 21 pages, no figure

Information-theoretic analysis of coating PUFs

Physical Uncloneable Functions (PUFs) can be used as a cost-effective means to store cryptographic key material in an uncloneable way. In coating PUFs, keys are generated from capacitance measurements of a coating containing many randomly distributed particles with different dielectric constants. We introduce a physical model of coating PUFs by simplifying the capacitance sensors to a parallel plate geometry. We estimate the amount of information that can be extracted from the coating. We show that the inherent entropy is proportional to $sqrt{n}(log n)^{3/2}$, where n is the number of particles that fit between the capacitor plates in a straight line. However, measurement noise may severely reduce the amount of information that can actually be extracted in practice. In the noisy regime the number of extractable bits is in fact a decreasing function of n. We derive an optimal value for n as a function of the noise amplitude, the PUF geometry and the dielectric constants

ALGSICS - Combining physics and cryptography to enhance security and privacy in RFID systems

In this paper, we introduce several new mechanisms that are cheap to implement or integrate into RFID tags and that at the same time enhance their security and privacy properties. Our aim is to provide solutions that make use of existing (or expected) functionality on the tag or that are inherently cheap and thus, enhance the privacy friendliness of the technology "almost" for free. Our proposals, for example, make use of environmental information (presence of light temperature, humidity, etc.) to disable or enable the RFID tag. A second possibility that we explore is the use of delays in revealing a secret key used to later establish a secure communication channel. We also introduce the idea of a "sticky tag," which can be used to re-enable a disabled (or killed) tag whenever the user considers it to be safe. We discuss the security and describe usage scenarios for all solutions. Finally, we review previous works that use physical principles to provide security and privacy in RFID systems

Continuous Strategy Replicator Dynamics for Multi--Agent Learning

The problem of multi-agent learning and adaptation has attracted a great deal of attention in recent years. It has been suggested that the dynamics of multi agent learning can be studied using replicator equations from population biology. Most existing studies so far have been limited to discrete strategy spaces with a small number of available actions. In many cases, however, the choices available to agents are better characterized by continuous spectra. This paper suggests a generalization of the replicator framework that allows to study the adaptive dynamics of Q-learning agents with continuous strategy spaces. Instead of probability vectors, agents strategies are now characterized by probability measures over continuous variables. As a result, the ordinary differential equations for the discrete case are replaced by a system of coupled integral--differential replicator equations that describe the mutual evolution of individual agent strategies. We derive a set of functional equations describing the steady state of the replicator dynamics, examine their solutions for several two-player games, and confirm our analytical results using simulations.Comment: 12 pages, 15 figures, accepted for publication in JAAMA