Skip to main content
SpringerLink
Log in

Feasibility and Infeasibility of Secure Computation with Malicious PUFs

  • Published:
Journal of Cryptology Aims and scope Submit manuscript

Abstract

A recent line of work has explored the use of physically unclonable functions (PUFs) for secure computation, with the goals of (1) achieving universal composability without additional setup and/or (2) obtaining unconditional security (i.e., avoiding complexity-theoretic assumptions). Initial work assumed that all PUFs, even those created by an attacker, are honestly generated. Subsequently, researchers have investigated models in which an adversary can create malicious PUFs with arbitrary behavior. Researchers have considered both malicious PUFs that might be stateful, as well as malicious PUFs that can have arbitrary behavior but are guaranteed to be stateless. We settle the main open questions regarding secure computation in the malicious-PUF model:

  • We prove that unconditionally secure oblivious transfer is impossible, even in the stand-alone setting, if the adversary can construct (malicious) stateful PUFs.

  • We show that if the attacker is limited to creating (malicious) stateless PUFs, then universally composable two-party computation is possible, unconditionally.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. This is easy to do by having \({\mathcal {S}}\) choose a random “trapdoor” \(\mathsf{td}\), and then create a circuit with the following behavior: on input \(x \ne \mathsf{td}\), return \(h_k(x)\) and concatenate x to the state; on input \(\mathsf{td}\), return the current state. Note that creating PUFs in this way will have only a negligible effect on the output of an honest execution of any PUF-based protocol, since the probability that the PUF is queried with \(\mathsf{td}\) during execution of the protocol is negligible.

References

  1. F. Armknecht, R. Maes, A.-R. Sadeghi, F.-X. Standaert, C. Wachsmann, A formalization of the security features of physical functions, in IEEE Symposium on Security and Privacy (IEEE, Washington, 2011), pp. 397–412

  2. S. Badrinarayanan, D. Khurana, R. Ostrovsky, I. Visconti, Unconditional UC-secure computation with (stronger-malicious) PUFs, in Advances in Cryptology—Eurocrypt  2017, Part I, Volume 10210 of LNCS (Springer, Berlin, 2017), pp. 382–411

  3. B. Barak, M. Mahmoody-Ghidary, Merkle puzzles are optimal—an \(O(n^2)\)-query attack on any key exchange from a random oracle. J. Cryptol.30(3), 699–734 (2017)

    Article  MathSciNet  Google Scholar 

  4. M. Ben-Or, S. Goldwasser, A. Wigderson, Completeness theorems for noncryptographic fault-tolerant distributed computations, in 20th Annual ACM Symposium on Theory of Computing (STOC) (ACM Press, London, 1988), pp. 1–10

  5. C. Brzuska, M. Fischlin, H. Schröder, S. Katzenbeisser, Physically uncloneable functions in the universal composition framework, in Advances in Cryptology—Crypto 2011, Volume 6841 of LNCS (Springer, Berlin, 2011), pp. 51–70

  6. R. Canetti. Universally composable security: a new paradigm for cryptographic protocols, in 42nd Annual Symposium on Foundations of Computer Science (FOCS) (IEEE, Washington, 2001), pp. 136–145. Full version available at http://eprint.iacr.org/2000/067/

  7. R. Canetti, Y. Dodis, R. Pass, S. Walfish, Universally composable security with global setup, in 4th Theory of Cryptography Conference—TCC 2007, Volume 4392 of LNCS (Springer, Berlin, 2007), pp. 61–85

  8. R. Canetti, M. Fischlin, Universally composable commitments, in Advances in Cryptology—Crypto 2001, Volume 2139 of LNCS (Springer, Berlin, 2001), pp. 19–40

  9. R. Canetti, E. Kushilevitz, Y. Lindell, On the limitations of universally composable two-party computation without set-up assumptions. J. Cryptol.19(2), 135–167 (2006)

    Article  MathSciNet  Google Scholar 

  10. I. Damgård, A. Scafuro, Unconditionally secure and universally composable commitments from physical assumptions, In Advances in Cryptology—Asiacrypt 2013, Part II, Volume 8270 of LNCS (Springer, Berlin, 2013), pp. 100–119

  11. Y. Dodis, R. Ostrovsky, L. Reyzin, A. Smith, Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput.38(1), 97–139 (2008)

    Article  MathSciNet  Google Scholar 

  12. V. Goyal, Y. Ishai, M. Mahmoody, A. Sahai, Interactive locking, zero-knowledge PCPs, and unconditional cryptography, in Advances in Cryptology—Crypto 2010, Volume 6223 of LNCS (Springer, Berlin, 2010), pp. 173–190

  13. R. Impagliazzo, S. Rudich, Limits on the provable consequences of one-way permutations, in 21st Annual ACM Symposium on Theory of Computing (STOC) (ACM Press, New York, 1989), pp. 44–61

  14. Y. Ishai, M. Prabhakaran, A. Sahai, Founding cryptography on oblivious transfer—efficiently, in Advances in Cryptology—Crypto 2008, Volume 5157 of LNCS (Springer, Berlin, 2008), pp. 572–591

  15. J. Katz, Universally composable multi-party computation using tamper-proof hardware, in Advances in Cryptology—Eurocrypt 2007, Volume 4515 of LNCS (Springer, Berlin, 2007), pp. 115–128

  16. S. Katzenbeisser, Ü. Koçabas, V. Rozic, A.-R. Sadeghi, I. Verbauwhede, C. Wachsmann, PUFs: Myth, fact or busted? A security evaluation of physically unclonable functions (PUFs) cast in silicon, in Cryptographic Hardware and Embedded Systems—CHES 2012, Volume 7428 of LNCS (Springer, Berlin, 2012), pp. 283–301

  17. Y. Lindell, B. Pinkas, A proof of security of Yao’s protocol for two-party computation. J. Cryptol.22(2), 161–188 (2009)

    Article  MathSciNet  Google Scholar 

  18. R. Ostrovsky, A. Scafuro, I. Visconti, A. Wadia, Universally composable secure computation with (malicious) physically uncloneable functions, in Advances in Cryptology—Eurocrypt 2013, Volume 7881 of LNCS (Springer, Berlin, 2013), pp. 702–718

  19. R.S. Pappu, Physical One-Way Functions. PhD thesis, Massachusetts Institute of Technology (2001)

  20. R.S. Pappu, B. Recht, J. Taylor, N. Gershenfeld, Physical one-way functions. Science297, 2026–2030 (2002)

    Article  Google Scholar 

  21. U. Rührmair, Oblivious transfer based on physical uncloneable functions, in Trust and Trustworthy Computing, Volume 6101 of LNCS (Springer, Berlin, 2010), pp. 430–440

  22. U. Rührmair, S. Katzenbeisser, H. Busch. Strong PUFs: models, constructions, and security proofs, in Towards Hardware-Intrinsic Security (Springer, Berlin, 2010), pp. 79–96

  23. U. Rührmair, M. van Dijk, PUFs in security protocols: attack models and security evaluations, in IEEE Symposium on Security and Privacy (IEEE, Washington, 2013), pp. 286–300

  24. M. van Dijk, U. Rührmair, Physical unclonable functions in cryptographic protocols: security proofs and impossibility results. Cryptology ePrint Archive, Report 2012/228 (2012)

Download references

Acknowledgements

Work of Nils Fleischhacker and Dominique Schröder was done in part while at Saarland University and while visiting the University of Maryland. Their work was supported by the German Federal Ministry of Education and Research (BMBF) through funding for the Center for IT-Security, Privacy, and Accountability (CISPA; see www.cispa-security.org). The visit of Nils Fleischhacker was supported by the Saarbrücken Graduate School of Computer Science funded by the German National Excellence Initiative, and the visit of Dominique Schröder was supported by NSF Award #1223623. Work of Dominique Schröder was also supported by an Intel Early Career Faculty Honor Program Award. Work of Jonathan Katz was supported in part by NSF Award #1223623, as well as by a Humboldt Award. Work of Anna Lysyanskaya was supported by NSF Awards #0964379 and #1012060.

Author information

Authors and Affiliations

  1. University of Maryland, College Park, USA

    Dana Dachman-Soled & Jonathan Katz

  2. Ruhr University Bochum, Bochum, Germany

    Nils Fleischhacker

  3. Brown University, Providence, USA

    Anna Lysyanskaya

  4. Friedrich-Alexander-University Erlangen-Nürnberg, Erlangen, Germany

    Dominique Schröder

Authors
  1. Dana Dachman-Soled
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nils Fleischhacker
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jonathan Katz
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Anna Lysyanskaya
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dominique Schröder
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jonathan Katz.

Additional information

Communicated by Serge Fehr.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dachman-Soled, D., Fleischhacker, N., Katz, J. et al. Feasibility and Infeasibility of Secure Computation with Malicious PUFs. J Cryptol 33, 595–617 (2020). https://doi.org/10.1007/s00145-019-09329-9

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00145-019-09329-9

Keywords

Search

Navigation