ABSTRACT
Digital secret keys are indispensable in modern cryptography and computer security - but at the same time constitute a routinely exploited attack target in every hardware system that stores them. This discrepancy has created perpetual battle between key extractors and protectors over the decades. Some recent approaches attempt to overcome this issue by simply avoiding keys and secrets in vulnerable devices: Physical Unclonable Functions (PUFs), for example, are capable of evading 'classical keys', i.e., permanently digital secrets, in electronic hardware. Nevertheless, many PUFs still contain physical or analog secrets deep in their structure, whose disclosure to adversaries also breaks security: This includes the manufacturing variations in SRAM PUFs that determine their power-up states, or the signal delays of Arbiter PUFs that determine their responses. A second generation of physical primitives shows promise to resolve this remaining problem: So-called Complex PUFs, SIMPLs/ PPUFs, and related techniques enable completely 'secret-free' systems, where adversaries could inspect every bit and every atom, and learn any information present in any form in the hardware, without being able to break security. This Systematization of Knowledge (SoK) paper takes this situation as starting point, and categorizes, formalizes, and overviews the recently evolving area of secret-free security. It tries to lay the foundations for future generations of secret-free hardware, which could be innately and provably immune against any invasive, side channel, or key extraction attacks.
- R. J. Anderson: Security Engineering: A guide to building dependable distributed systems. Wiley, 2010.Google Scholar
- F. Armknecht, R. Maes, A.R. Sadeghi, F.X. Standaert, C. Wachsmann: A formalization of the security features of physical functions. IEEE Symposium on Security & Privacy, 2011.Google ScholarDigital Library
- D.W. Bauder: An anti-counterfeiting concept for currency systems. Sandia National Labs, Albuquerque, NM, Tech. Rep. PTK-11990, 1983.Google Scholar
- N. Beckmann, M. Potkonjak: Hardware-based public-key cryptography with public physically unclonable functions. Information Hiding 2009, pp. 206--220, 2009.Google ScholarDigital Library
- C.H. Bennett, G. Brassard: Quantum cryptography: Public-key distribution and coin tossing. In: Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, Bangalore, India, pp. 175--179, 1984.Google Scholar
- C. Brzuska, M. Fischlin, H. Schröder, S. Katzenbeisser: Physical Unclonable Functions in the Universal Composition Framework. CRYPTO 2011.Google Scholar
- J. Buchanan, R. Cowburn, A. Jausovec, D. Petit, P. Seem, G. Xiong, D. Atkinson, K. Fenton, D. Allwood, and M. Bryan: Forgery: Fingerprinting documents and packaging. Nature, vol. 436, no. 7050, p. 475, 2005.Google ScholarCross Ref
- Q. Chen, G. Csaba, P. Lugli, U. Schlichtmann, U. Rührmair: The Bistable Ring PUF: A New Architecture for Strong Physical Unclonable Functions. HOST 2011.Google Scholar
- Y. Chen, M. K. Mihcak, D. Kirovski: Certifying authenticity via fiber-infused paper. SIGecom Exchanges 5(3): 29--37 (2005)Google ScholarDigital Library
- M.C. Chu, L.L. Cheng, L.M. Cheng: A novel magnetic card protection system. European Convention on Security and Detection, pp. 207--211, 1995.Google ScholarCross Ref
- W. Clarkson, T. Weyrich, A. Finkelstein, N. Heninger, J. Halderman, E. Felten: Fingerprinting blank paper using commodity scanners. IEEE Symposium on Security and Privacy (Oakland'09), pp. 301--314, 2009.Google ScholarDigital Library
- C.T. Clelland, V. Risca, C. Bancroft: Hiding messages in DNA microdots. Nature 399.6736, pp. 533--534, 1999.Google ScholarCross Ref
- G. Csaba, X. Ju, Z. Ma, Q. Chen, W. Porod, J. Schmidhuber, U. Schlichtmann, P. Lugli, U. Rührmair: Application of Mismatched Cellular Nonlinear Networks for Physical Cryptography. IEEE Workshop on Cellular Nanoscale Networks and Their Applications (CNNA), pp. 1--6, 2010.Google Scholar
- G. DeJean, D. Kirovski: RF-DNA: Radio-Frequency Certificates of Authenticity. CHES 2007: 346--363Google Scholar
- S. Deyati, B.J. Muldrey, A.D. Singh, A. Chatterjee: Challenge engineering and design of analog push pull amplifier based physically unclonable function for hardware security. IEEE Asian Test Symposium (ATS), pp. 127--132, 2015.Google ScholarDigital Library
- W. Diffie, M. Hellman: New directions in cryptography. IEEE Transactions on Information Theory, pp. 644--654, 1976.Google ScholarDigital Library
- U. Feige, A. Fiat, A. Shamir: Zero-knowledge proofs of identity. Journal of Cryptology, pp. 77--94, 1988.Google ScholarDigital Library
- R.P. Feynman: Simulating physics with computers. International Journal of Theoretical Physics 21.6--7, pp. 467--488, 1982.Google ScholarCross Ref
- S. L. Garfinkel, A. Juels, R. Pappu. RFID privacy: An overview of problems and proposed solutions. IEEE Security & Privacy 3.3: 34--43, 2005.Google ScholarDigital Library
- B. Gassend, Physical Random Functions, MSc Thesis, MIT, 2003.Google Scholar
- B. Gassend, D. E. Clarke, M. van Dijk, S. Devadas: Silicon physical random functions. ACM Conference on Computer and Communications Security 2002.Google ScholarDigital Library
- O. Goldreich: Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press, 2009.Google Scholar
- R.N. Goldman: Non-counterfeitable document system. US-Patent 4,423,415. Publication date: 1983. Priority date: 1980. See https://patents.google.com/patent/US4423415AGoogle Scholar
- J. Guajardo, S. S. Kumar, G. J. Schrijen, P. Tuyls: FPGA Intrinsic PUFs and Their Use for IP Protection. CHES 2007: 63--80Google Scholar
- T. Haist, H.J. Tiziani: Optical detection of random features for high security applications. Optics Communication 147, pp. 173--179, 1998.Google ScholarCross Ref
- G. Hammouri, A. Dana, B. Sunar: CDs have fingerprints too. CHES 2009.Google ScholarDigital Library
- C. Helfmeier, C. Boit, D. Nedospasov, J.-P. Seifert: Cloning Physically Unclonable Functions. HOST 2013: 1--6Google Scholar
- C. Herder, M.D. Yu, F. Koushanfar, S. Devadas: Physical unclonable functions and applications: A tutorial. Proceedings of the IEEE 102(8), pp. 1126--1141, 2014.Google ScholarCross Ref
- C.H. Herder: Towards security without secrets. PhD Thesis, Massachusetts Institute of Technology (MIT), 2016.Google Scholar
- D. E. Holcomb, W. P. Burleson, K. Fu: Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers. IEEE Trans. Computers 58(9): 1198--1210, 2009.Google ScholarDigital Library
- R. Horstmeyer, S. Assawaworrarit, U. Rührmair, C. Yang: Physically secure and fully reconfigurable data storage using optical scattering. HOST 2015, pp. 157--162.Google ScholarCross Ref
- C. Jaeger, M. Algasinger, U. Rührmair, G. Csaba, M. Stutzmann: Random pnjunctions for physical cryptography. Applied Physics Letters 96(17), 2010.Google ScholarCross Ref
- A. Kent: Unconditionally secure bit commitment by transmitting measurement outcomes. Physical review letters 109.13, 130501, 2012.Google Scholar
- A. Kerckhoffs: La cryptographie militaire. Journal des sciences militaires, Vol. IX, pp. 5--38, 1883.Google Scholar
- D. Kirovski: Anti-counterfeiting: Mixing the Physical and the Digital World. Towards Hardware-Intrinsic Security 2010: 223--233Google Scholar
- R. Kumar, W. Burleson: On design of a highly secure PUF based on non-linear current mirrors. HOST 2014: 38--43Google Scholar
- S. S. Kumar, J. Guajardo, R. Maes, G. J. Schrijen, P. Tuyls: The Butterfly PUF: Protecting IP on every FPGA. HOST 2008: 67--70Google Scholar
- A. Leier, C. Richter, W. Banzhaf, H. Rauhe: Cryptography with DNA binary strands. Biosystems 57(1), pp. 13--22, 2000.Google ScholarCross Ref
- G. Lindstrom, G. Schullstrom: Verifiable identification document. USPatent 3,636,318. Publication date: 1972. Priority date: 1968. See https://patents.google.com/patent/US3636318AGoogle Scholar
- K. Lofstrom, W.R. Daasch, D. Taylor: IC identification circuit using device mismatch. ISSCC 2000, pp. 372--373, 2000.Google ScholarCross Ref
- R. Maes, I. Verbauwhede: Physically unclonable functions: A study on the state of the art and future research directions. In: Towards Hardware-Intrinsic Security. pp. 3--37, Springer, 2010.Google ScholarCross Ref
- M. Majzoobi, F. Koushanfar: Time-bounded authentication of FPGAs. IEEE Transactions on Information Forensics and Security 6.3, p. 1123--1135, 2011.Google ScholarDigital Library
- U.M. Maurer: Secret key agreement by public discussion from common information. IEEE transactions on information theory 39.3, pp. 733--742, 1993.Google Scholar
- D. Nedospasov, J.-P. Seifert, C. Helfmeier, C. Boit: Invasive PUF Analysis. FDTC 2013: 30--38Google Scholar
- R. Pappu: Physical One-Way Functions. PhD Thesis, Massachusetts Institute of Technology, 2001.Google ScholarDigital Library
- R. Pappu, B. Recht, J. Taylor, N. Gershenfeld: Physical One-Way Functions, Science, vol. 297, pp. 2026--2030, 20 September 2002.Google ScholarCross Ref
- M. Potkonjak, V. Goudar: Public physical unclonable functions. Proceedings of the IEEE 102.8 (2014): 1142--1156.Google ScholarCross Ref
- M. Potkonjak, S. Meguerdichian, A. Nahapetian, S. Wei: Differential public physically unclonable functions: architecture and applications. DAC 2007.Google Scholar
- S. Philippe et al.: The Application of Virtual Proofs of Reality to Nuclear Safeguards and Arms Control Verification. 57th Annual INMM Meeting, 2016.Google Scholar
- J. Rajendran, G.S. Rose, R. Karri, M. Potkonjak: Nano-PPUF: A memristor-based security primitive. IEEE Computer Society Annual Symposium on VLSI 2012.Google Scholar
- R.L. van Renesse: 3DAS: a 3-dimensional-structure authentication system. European Convention on Security and Detection, pp. 45--49, 1995.Google ScholarCross Ref
- R.L. van Renesse: Optical document security. Boston: Artech House, 1998.Google Scholar
- U. Rührmair: SIMPL Systems: On a Public Key Variant of Physical Unclonable Functions. IACR Cryptology ePrint Archive, Report 2009/255, 2009.Google Scholar
- U. Rührmair: SIMPL Systems, Or: Can we build cryptographic hardware without secret key information? SOFSEM 2011. LNCS, Vol. 6543, Springer, 2011.Google ScholarCross Ref
- U. Rührmair: SIMPL Systems as a Keyless Cryptographic and Security Primitive. In: D. Naccache (Editor), Cryptography and Security: From Theory to Applications. Lecture Notes in Computer Science, Vol. 6805, Springer, 2012.Google ScholarCross Ref
- U. Rührmair: Oblivious Transfer based on Physical Unclonable Functions. TRUST 2010.Google Scholar
- U. Rührmair: Physical Turing Machines and the Formalization of Physical Cryptography. Cryptology ePrint Archive, Report 2011/188, 2011.Google Scholar
- U. Rührmair, Q. Chen, M. Stutzmann, P. Lugli, U. Schlichtmann, G. Csaba: Towards electrical, integrated implementations of SIMPL systems. WISTP 2010.Google ScholarDigital Library
- U. Rührmair, S. Devadas, F. Koushanfar: Security based on Physical Unclonability and Disorder. In M. Tehranipoor and C. Wang (Editors): Introduction to Hardware Security and Trust. Springer, 2011Google Scholar
- U. Rührmair, M. van Dijk: On the practical use of physical unclonable functions in oblivious transfer and bit commitment protocols. Journal of Cryptographic Engineering (JCEN), 3(1), 17--28. 2013.Google Scholar
- U. Rührmair, D. E. Holcomb: PUFs at a Glance. DATE 2014.Google ScholarCross Ref
- U. Rührmair, J.L. Martinez-Hurtado, X. Xu, C. Kraeh, C. Hilgers, D. Kononchuk, J.J. Finley, and W.P. Burleson: Virtual Proofs of Reality and their Physical Implementation. IEEE Symposium on Security and Privacy, pp. 70--85, 2015.Google ScholarDigital Library
- U. Rührmair, F. Sehnke, J. Sölter, G. Dror, S. Devadas, J. Schmidhuber: Modeling Attacks on Physical Unclonable Functions. ACM Conference on Computer and Communications Security, 2010.Google Scholar
- U. Rührmair, J. Sölter, F. Sehnke: On the Foundations of Physical Unclonable Functions. IACR Cryptology ePrint Archive, 2009.Google Scholar
- U. Rührmair et al.: Method for Security Purposes. US Patent Application 13/250,534. 2012.Google Scholar
- U. Rührmair, X. Xu, J. Sölter, A. Mahmoud, M. Majzoobi, F. Koushanfar, W. P. Burleson: Efficient Power and Timing Side Channels for Physical Unclonable Functions. CHES 2014: 476--492Google Scholar
- J.R. Smith, A.V. Sutherland: Microstructure based indicia. Proceedings of the Second Workshop on Automatic Identification Advanced Technologies, 1999.Google Scholar
- G.J. Simmmons: Identification of data, devices, documents and individuals. Annual International Carnahan Conference on Security Technology, 1991.Google Scholar
- P. Simons, E. van der Sluis, V. van der Leest: Buskeeper PUFs, a promising alternative to D Flip-Flop PUFs. HOST 2012: 7--12.Google Scholar
- B. Skoric, G.J. Schrijen, W. Ophey, R. Wolters, N. Verhaegh, J. van Geloven: Experimental hardware for coating PUFs and optical PUFs. In: Security with Noisy Data, pp. 255--268. Springer, London, 2007.Google ScholarCross Ref
- A. Sharma, L. Subramanian, E. A. Brewer: PaperSpeckle: microscopic fingerprinting of paper. ACM CCS 2011, pp. 99--110.Google ScholarDigital Library
- M. Stutzmann, G. Csaba, P. Lugli, J.J. Finley, C. Jirauschek, C. Jaeger, U. Rührmair: Towards Electrical, Integrated Implementations of SIMPL Systems. European Patent Application EP2230794 A3. Priority date: March 16, 2009. See https://patents.google.com/patent/EP2230794A3Google Scholar
- G.E. Suh, S. Devadas: Physical unclonable functions for device authentication and secret key generation. Design Automation Conference, pp. 9--14, 2007.Google Scholar
- S. Tajik, E. Dietz, S. Frohmann, J.-P. Seifert, D. Nedospasov, C. Helfmeier, C. Boit, H. Dittrich: Physical Characterization of Arbiter PUFs. CHES 2014: 493--509Google Scholar
- F. Tehranipoor, N. Karimian, K. Xiao, J. Chandy: DRAM based intrinsic physical unclonable functions for system level security. 25th Great Lakes Symposium on VLSI, pp. 15--20, 2015.Google ScholarDigital Library
- The Economic Impacts of Counterfeiting and Piracy ? Executive Summary. International Chamber of Commerce BASCAP and INTA Frontier Reports, 2017. Download from https://iccwbo.org/publication/economic-impacts- counterfeitingpiracy- report-prepared-bascap-inta/Google Scholar
- Trade in Counterfeit and Pirated Goods: Mapping the Economic Impact. Organisation for Economic Co-operation and Development (OECD), 2016. See also: http://www.oecd.org/gov/risk/trade-in-counterfeit-and-pirated-goods- 9789264252653-en.htmGoogle Scholar
- P. Tuyls, G.-J. Schrijen, B. Skoric, J. van Geloven, N. Verhaegh, R. Wolters: Read-Proof Hardware from Protective Coatings. CHES 2006, pp. 369--383, 2006.Google ScholarDigital Library
- A.W. Vaidya: Keeping card data secure at low cost. European Convention on Security and Detection, pp. 212--215, 1995.Google ScholarCross Ref
- A. Vijayakumar, S. Kundu: A novel modeling attack resistant PUF design based on non-linear voltage transfer characteristics. DATE 2015: 653--658Google Scholar
- D. Vijaywargi, D. Lewis, D. Kirovski: Optical DNA. Financial Cryptography 2009: 222--229Google Scholar
- A.C.C. Yao: Classical physics and the Church--Turing Thesis. Journal of the ACM (JACM) 50.1, pp. 100--105, 2005.Google Scholar
Index Terms
- SoK: Towards Secret-Free Security
Recommendations
Reconfigurable Binding against FPGA Replay Attacks
The FPGA replay attack, where an attacker downgrades an FPGA-based system to the previous version with known vulnerabilities, has become a serious security and privacy concern for FPGA design. Current FPGA intellectual property (IP) protection ...
Modeling Attacks and Efficient Countermeasures on Interpose PUF
Foundations and Practice of SecurityAbstractPhysical unclonable function is a promising hardware security primitive that is more suitable for device authentication and key generation applications. However, it is found to be vulnerable to modeling attacks when an attacker has access to ...
Special session: how secure are PUFs really? On the reach and limits of recent PUF attacks
DATE '14: Proceedings of the conference on Design, Automation & Test in EuropeJust over a decade ago, Physical Unclonable Functions (PUFs) have been introduced as a new cryptographic and security primitive in a number of seminal publications. Due to their assumed security and cost advantages, they have attracted substantial ...
Comments