Table Of ContentA new Definition and Classification of Physical Unclonable
Functions
Rainer Plaga Dominik Merli
FederalOfficeforInformationSecurity(BSI) FraunhoferResearchInstitutionAISEC
GodesbergerAllee185-189 Parkring4
Bonn,Germany Garching(nearMunich),Germany
rainer.plaga@bsi.bund.de dominik.merli@aisec.fraunhofer.de
5 ABSTRACT ofattempts(summarizedinsectionSection2.1)toprecisely
1 Anewdefinitionof“PhysicalUnclonableFunctions”(PUFs), definewhatamemberoftheresearchcommunitywouldin-
0 thefirstonethatfullycapturesitsintuitiveideaamongex- tuitively call a PUF. Searched for is a definition that con-
2 tainsacompleteandminimallistoftheconditionsthathave
perts,ispresented. APUFisaninformation-storagesystem
to be fulfilled to identify a device as a PUF. No necessary
n with a security mechanism that is
conditionmustbeabsent. Nosuperfluouscondition,i.e. one
a 1. meanttoimpedetheduplicationofapreciselydescribed
that PUFs can, but do not absolutely have to fulfill, must
J storage-functionality in another, separate system and
be present. In section 2.2 we present a novel definition of
6 2. remains effective against an attacker with temporary ac-
a PUF. We demonstrate that it really fulfills, for the first
2 cess to the whole original system.
time, both of the above demands.
A novel classification scheme of the security objectives and
AnovelclassificationschemeforthePUFsecurityobjectives
] mechanismsofPUFsisproposedanditsusefulnesstoaidfu-
R and mechanisms is presented in Section 3. Its usefulness is
ture research and security evaluation is demonstrated. One
demonstrated by two examples. In Section 4 we show that
C classofPUFsecuritymechanismsthatpreventsanattacker
the PUF security mechanism “cryptostorage” has a funda-
. to apply all addresses at which secrets are stored in the
s mentalimportancesimilartotheoneofcryptography. PUF
information-storagesystem,isshowntobecloselyanalogous
c research is thus of a much more fundamental importance
[ to cryptographic encryption. Its development marks the
thanhithertorealized. Wediscusshowthenewschememo-
dawn of a new fundamental primitive of hardware-security
1 engineering: cryptostorage. These results firmly establish tivates qualitatively novel questions for further research in
v PUFs as a fundamental concept of hardware security. Section 5 and helps the certification of PUFs in Section 6
3 respectively. Section 7 concludes this paper.
6
CategoriesandSubjectDescriptors
3 2. DEFINITIONOFPUFS
6 K.6.5[SecurityandProtection]: PhysicalSecurity;H.3.0
0 [Information Storage and Retrieval]: General 2.1 PreviousProposals
.
1 Inthefollowing,webrieflysketchthedevelopmentofthe
0 GeneralTerms ideasonwhichwebaseourproposal. Startingwithanearly
5 Security paper by Gassend et al. [1], most proposed definitions are
1 based on the concept of a physical challenge-response func-
: tion which can be evaluated in a reproducible manner. Un-
v Keywords
i til approx. 2010, most proposed definitions characterized
X ACM proceedings, Physical Unclonable Functions PUFs further by being “hard to characterize” [1], “hard to
r predict” [2], “physically unclonable” [3] or “tamper resis-
a 1. INTRODUCTION tant” [4]. Such demands carry the problem that devices
which turn out to be predictable, clonable or tamper vul-
Physical Unclonable Functions (PUFs)[1] were originally
nerable are no longer PUFs according to the proposed defi-
understoodas“hardwaredevicesthatarehardtocharacter-
nitions. However,e.g.,inacertificationprocess,theconcept
izeandcanbeuniquelyidentified”[1]. Theyhavedeveloped
of an “insecure, broken PUF” is clearly necessary. Indeed,
intoanimportantresearchtopicinthefieldofhardwarese-
inpractice,thecommunitydoesnotreallyemploysuchdef-
curity within the past decade. There have been a number
initions because it universally continues to refer to inse-
cure PUFs that have been completely broken as “PUFs”.
Permissiontomakedigitalorhardcopiesofallorpartofthisworkfor
Armknecht et al. [5] recognized this problem and defined
personalorclassroomuseisgrantedwithoutfeeprovidedthatcopiesare
PUFs as physical functions PFs, i.e., they dropped the U
notmadeordistributedforprofitorcommercialadvantageandthatcopies
bearthisnoticeandthefullcitationonthefirstpage.Tocopyotherwise,to for“unclonable”. Suchphysicalfunctionsaredigitalmemo-
republish,topostonserversortoredistributetolists,requirespriorspecific riesbecausethelatterarephysicaldevicesthatalwayshave
permissionand/orafee.RequestpermissionsfromPermissions@acm.org. torealizeachallenge-responsemechanism: anaddressisap-
CS2’15,January19-212015,Amsterdam,Netherlands plied as a challenge and the memory content is returned as
Copyright2015ACM978-1-4503-3187-6/15/01...$15.00
a response. The remaining problem is then: how to charac-
http://dx.doi.org/10.1145/2694805.2694807
terize the specific characteristic of PUFs that sets it apart,
.
e.g., fromastandardmemorystick, whichis, ofcourse, not Information−storage system
understood as a PUF in the community? An alternative to
identify it with absolute unclonability is to identify it with C
certainfeaturesofthePUFarchitecture. Severaldefinitions Storage module
[6,7,8]proposetoidentifythespecificcharacteristicproper-
tiesthatwecallbelowinSection3“complex-structureupon challenge measure
production”and“cryptostorage”. WewilldiscussinSection
R
3.1.2 that these properties classify special security mecha-
Encoder module
nisms. But a demand for a special security mechanism in
itsdefinitionwouldrenderthePUFconceptinflexible. E.g.
theinformationstoredinaquantumtoken,discussedinsec-
tion3.2,mustbeloadedafteritsproduction-otherwisethe
Figure 1: Sketch of a physical information-storage
storage is not secure. A definition that demands a loading
system, accordingtoourdefinition. Thedot-dashed
uponproductionwouldratherarbitrarilyexcludesquantum
outer box symbolizes the whole system which usu-
tokens as PUFs.
ally is (but does not have to be) also a module, like
WewillexplicitelyidentifythespecificcharacteristicofPFs,
the storage- and encode-module always are.
that we searched for in the previous paragraph in section
2.2.2.
system in its original form.
2.2 ProposedDefinitionofPUFsandits
Meaning
2.2.2 ExplanationofthePUFDefinition
2.2.1 AuxiliaryandPUFDefinition Thedefinitiondoesnotdemandthatasecurity-mechanism
actuallydoesrendertheduplicationmoredifficult,butonly
We first formulate an auxiliary definition:
that an implemented mechanism is meant to do so. This
• Definitionofaphysicalinformation-storagesys- avoids the circularity problem with earlier PUF definitions
tem (1) discussed in Section 1 (“an insecure PUF is no PUF”). As
An information-storage system is a set of at least two the following example shows security primitives are often
modules1 that are conceptually or physically perma- defined in an analogous manner:
nentlyconnected. Thesemodules(orpartsofthemod-
• Definitionofcryptographicencryptionalgorithm
uleifthesystemisasinglemodule)havethefollowing
(3)
purposes: a “storage module” can be put into a physi-
Acryptographicencryptionalgorithmisakey-dependent
cal state H which is determined by the information in
mappingfromacleartextstringofbitstoacryptogram
achallengeC.Thisstoragemoduleismeasuredinthis
string of bits. Its security objective is that an attacker
state and the measurement result is reproducibly en-
findsnoalgorithmforaninversemapping(decryption)
coded as the information of a response R by another
ofthecryptogramtothecleartextwithoutthekey. The
“encoder module” of the total system. The set of all
key is a string of bits on which the encryption algo-
Rs for all Cs is the information stored in the system.
rithm depends.
This definition agrees with the intuitive idea of a digital
Caesar’s cipher is trivial to break, but still a cryptographic
memory,andmakesitsrelationtoachallenge-responsefunc-
encryption algorithm because there is a specific key depen-
tion precise. The challenges are the addresses at which
dent mapping with the said objective. The precise storage
the physical information, the responses, are stored. An
functionality is the most characteristic feature of a PUF.
information-storage system is depicted in Figure 1. The
It can go beyond the mere storage and release of informa-
term “reproducibly encoded” demands that a noise in the
tion, as in the case of public PUFs [9, 10], where a re-
responses is bounded.
leaseoftheresponsewithinacertaintimeframeisrequired.
• Definition of a PUF (2) Even if the functionality is merely the storage and release
A PUF is a physical information-storage system that ofphysicalinformation,theobjectivecanbetopreventdu-
is protected by a security mechanism which plicationtodifferentdegreesasinthepreviousproposalsof
a “physical” and “mathematical” duplication [3]. We will
1. has the security objective to render it more diffi-
comebacktotheclassificationofPUFsecurityobjectivesin
culttoduplicateapreciselydescribedstoragefunc-
Section 3.1.1. We define an “information-storage system”
tionality of the system in another, separate sys-
as the system that actually stores the information (rather
tem.
than auxiliary systems for packaging, energy supply etc.).
2. ismeanttoremaineffectiveagainstanactive2 at-
Our definition of a PUF requires that the security mecha-
tackerwithtemporaryphysicalaccesstothewhole
nism is based on the system’s storage-mechanism, because
1A module is defined to be an artificial (the artificiality is otherwise it would not remain effective against an attacker
necessarytodelimitPUFsfrombiometricsystems,aclosely with full access to the original system. This makes the re-
related concept with which the PUF concept is often com- quiredsecurity-andinformation-storagemechanismindivis-
pared) physical system that is permanently physically con-
ible, i.e., without the latter, the former cannot be realized.
nected and serves a certain purpose. A physical system is
Devices in which information-storage and security mecha-
defined to be a set of materials and fields that is delimited
from the rest of the world in a well defined manner. nism are separable are no PUFs. This indivisibility, let us
2Active means that she can change the system rather than call it “security-memory boundedness”, is the specific char-
only passively listen. acteristic of a PUF that was searched for in Section 2.1.
Anotherangleonthemotivationforthesecondconditionof
Security Objective
the PUF definition will be discussed in Section 2.2.4.
Render it more difficult to duplicate
A main result of this paper is that the PUF definition list the storage functionality F on a
is complete and minimal with the proposed conditions. No separate device
other of the myriad other conditions that PUFs may well
fulfill,e.g.,thatthestoragemechanismisnoisy,thatthese- F = release R
curitymechanismworkswithoutenergysupply,etc.,hasto F = release R within ∆ t
befulfilledtocharacterizeamoduleasaPUF.Summarizing
Public PUF
we state:
A module is a PUF if and only if it fulfills both con- Mathematical duplicate
ditions of the definition (2). Arbiter PUF
Quantum PUF Optical PUF
2.2.3 ExemplaryAnalysis: ArbiterPUF Physical duplicate Ring Osc. PUF
CharacterizedasaPUF SRAM PUF
As an exemplary case, we discuss how the arbiter PUF
Figure 2: Classification of the PUFs’ security ob-
[11]ischaracterizedasaPUFinthesenseofourdefinition.
jectives; some existing PUFs are assigned to these
ThearbiterPUFhasastoragemoduleintheformofachain
classes.
of multiplexers that are programmed by a certain number
of inputs which act as a challenge. The encoder module is
a latch that determines which of two delay paths - that are 3. PUFCLASSIFICATION
configured (with other words “put in a physical state”) by
thechallenge-producedalongerdelayfortwotestsignals. 3.1 ClassificationCriteria
The arbiter PUF is thus an information-storage system in
oursense. ThesecuritymechanismisdescribedbySuhand 3.1.1 SecurityObjectives
Devadas as: “a set of challenges (is mapped) to a set of re-
Themostbasicclassificationisbysecurityobjectives. Ac-
sponses based on an intractably complex physical system.”
cordingtothefirstconditionindefinition(2)theobjectives
The unclonable storage-functionality is the release of a re-
are characterized by the precise nature of the storage func-
sponseafterachallengeissupplied. Theauthorsmakeclear
tionalitiesandthekindofduplicationtobeprevented. The
that this must be understood as an objective rather than a
simplest storage functionalities are:
propertybecause“topreventmodel-buildingattacks”afur-
S1. Tostorephysicalinformationandtoreleaseitupon
therdevelopmentofthePUFarchitecturemightbeneeded.
some challenge which can be:
Thus the first condition of our definition of a PUF is ful-
S1.a. a simple trigger or
filled. The“intractablycomplexstructure”uponproduction
S1.b. a sophisticated address, chosen by the user.
is meant to protect against an attacker with temporary ac-
An example for a more sophisticated storage functionality
cess to the storage system. Therefore, the second condition
is:
of our definition (2) is fulfilled, too.
S2. the release of the stored information within a cer-
tain time interval ∆t.
2.2.4 DelimitationofPUFsfromotherConcepts
There are two widely used meanings of the term “dupli-
Conventional secure memories, as typically realized, e.g., cate”[3].
in smartcards as conventional digital memories with some D1. “Physical duplication” is to prevent a duplication
passive or active protection shields to guarantee “tamper in physical detail. I.e. the separate duplicated system either
resistance”, are no PUFs because they are not security- followsthespecificationsfortheconstructionoftheoriginal,
memory bounded. A conventionally secured memory has or at least returns physically identical responses.
been called “controlled” by Gassend et al.[12] 3. The qual- D2. “Mathematical duplication” only requires that the
itative novelty of PUFs, characterized by the second condi- duplicationsystemreturnsresponseswiththesameinforma-
tion in the definition (2), is that their security mechanisms tion content as the ones of the original module to all chal-
go beyond such conventional (access) control. lenges. Its physical structure is otherwise not constrained.
Unique physical labels as they are used, e.g., on banknotes D2isamoreambitiousobjectivethanD1becauseitrequires
or drug packages against counterfeiting are no PUFs, not to absolutely prevent the readout of the stored information
conceptually permanently connected to an encoder module at the challenge addresses, also against sophisticated mod-
as required by our definition (2). “Physically obfuscated eling attacks[18]. As soon as this information is read out,
keys”[13]witharead-outmechanismforthekeyarePUFs itcanbestoredinanothermemoryunderthesameaddress
because their obfuscation through a non-standard storage thus realizing a mathematical clone. D1 can still be attain-
mechanism is security-memory bound. able when the stored information is known to the attacker.
Fig. 2 illustrates the storage-functionality classes and gives
3Gassend et al. call a PUF controlled “if it can only be examples of PUFs within them.
accessed via an algorithm that is linked to the PUF in an
The security objectives are determined by the security ar-
inseparable way (i.e. any attempt to circumvent the algo-
chitecturethatusesthePUFratherthanthearchitectureof
rithmwillleadtothedestructionofthePUF.”Ifwereplace
“PUF” by “information-storage system” and interpret “al- the PUF itself. In Section 3.2, we will discuss classification
gorithm” as “hardware-interface that implements the sys- examples for some PUFs including one that can have both
tem’sintendedfunctionality”,thisisadefinitionofthehith- objective D1 or D2 in different contexts.
ertoconventionalmannertoprotectaninformation-storage
system against duplication.
3.1.2 SecurityMechanisms
Three principal classes of security mechanisms for PUFs Mechanism Complex
have been proposed up to now. Structure
Mechanism No cloning
Securitymechanism1“ComplexStructure”(CS).Acom- SRAM PUF
plex structure of the information-storage module prevents Ring. Osc. PUF
analysis and/or reproduction.
Coating PUF
Arbiter PUF
MostPUFsthatwereproposeduptonowrelyonthisprin- Quantum
ciple. Usuallythefollowingprincipleisexploited: itiseasier Optical PUF Token
to create a complex random structure, than to analyze and
duplicate it. Such PUFs are produced in a process that
creates some complex structure in the storage module from Mechanism Cryptostorage
whichrandomresponsescanbederivedbytheencodemod-
ule[14]. We classify this security mechanism as PUFs with
“Complex-Structure upon Production” (CSP) property.
Security mechanism 2 “No Cloning”(NC). A principle
Figure3: ThePUFsecuritymechanismsandPUFs
of physics forbids the duplication of the storage module.
thatarebasedonthem. SeeSection3.1.2forfurther
This is a security mechanism that prevents the duplication
explanation.
of the storage unit because of some fundamental principle
of physics. An example are physical quantum systems in a
state unknown to the attacker, that cannot be cloned due
Section3.1.1). Thissecurityobjectivewilltypicallyarisein
to the “no cloning principle”[15].
acontextinwhichoneaimstomakeitdifficultforthepro-
Security Mechanism 3 “Cryptostorage”. Let us call a
ducerofthePUFtoproducephysicalduplicates. Theother
subset of all possible challenges the set of secret challenges
possible aim is to render the mathematical duplication (se-
(s-challenges). The secret responses (s-responses) to be pro-
curity objective D2 in Section 3.1.1) more difficult by mak-
tected are defined as the responses to the s-challenges. The
ing a readout in the switched-off state more difficult. This
security mechanism prevents that the attacker can apply all
secondaimcannotreasonablybetopreventtheread-outof
or most s-challenges.
thestoredinformationaltogetherbecausenosecuritymech-
If the attacker cannot apply an s-challenge in principle she
anism of SRAM and ring-oscillators prevents such readout.
will not be able to get the corresponding secret (response),
The arbiter PUF [17] uses intrinsic delay variations in mi-
i.e. cryptostorage protects the physical stored information
crochips and was proposed to be used with an s-challenge
againstreadout. Cryptostorageiscloselyanalogoustocryp-
that is much smaller than the set of all challenges. It thus
tographicencryption. Thisparallelwillbefurtherdeveloped
aims to prevent the mathematical duplication (security ob-
in Section 4.
jective D2, in Section 3.1.1) with the help of both the CSP
Two general architectures to realize cryptostorage in prac-
mechanism and cryptostorage with the MRT mechanism.
tice have been proposed [8].
For quantum-token based PUFs [15], the security objective
Securitymechanism3a. “MinimumReadoutTime(MRT)”.
D2 is reached via proving that the s-challenge is necessary
Thenumberofchallenge-responsepairsischosenverylarge.
toextractthepreviouslystoredinformation. Therefore,this
Then, if there is a sufficiently long minimum readout time
PUF prevents mathematical duplication with the help of
for one challenge-response pair, the attacker cannot apply
the NC mechanism and cryptostorage with the EUR mech-
the s-challenges within a reasonable time period if the set of
anism.
s-challenges is unknown to her.
A qualitatively special authentication functionality is real-
PUFs with a MRT-mechanism are a.k.a. as “strong” PUFs
ized with the “public PUF” [9, 10] idea, which proposes
[13].
PUFs that can prove their authenticity even though their
Security mechanism 3b. “Erasure Upon Readout (EUR)”.
challenge-response pairs are public. A public PUF not only
If a non s-challenge is applied the s-response corresponding
stores and protects information, but is also required to re-
to the s-challenge is erased. Therefore the attacker cannot
spond to the challenge within a certain minimum time pe-
apply the s-challenge if it is not known to her, because an
riod. It has the objective to prevent the construction of a
attempt to do so, erases most of the secret information in
duplicate that releases a response within a certain time pe-
general.
riod, even though a module that releases it within a much
Fig. 3illustrateswhichPUFconstructionsareprotectedby
longer period must be possible.
these mechanisms.
3.2 ExemplaryClassificationofsomeExisting 4. ANEWSECURITYPRIMITIVE:
PUFs CRYPTOSTORAGE
Thering-oscillatorPUF[11]andtheSRAMPUF[16]ex-
ploitvariationsinringoscillatorfrequenciesormemorycell 4.1 DescriptionofthePrimitive
balances respectively, to generate secret bits and store the The security mechanism of “cryptostorage” first intro-
information in a currently unconventional manner. The se- ducedinSection3.1.2isoffundamentalimportance. Itcan
curitymechanismistogeneratearandomvalueduringfabri- be characterized in the following manner:
cationi.e. itisaCSPmechanism. Thesecurityobjectiveof
thering-oscillatorPUF[11]andtheSRAMPUF[16](a.k.a • Definition of the cryptostorage mechanism (4)
“weak PUFs” [13]) can be twofold. One possible aim is to A clearstring is a string of bits physically stored in
prevent the physical duplication (security objective D1 in an information-storage system with no security mech-
anism. A cryptostorage mechanism is a s-challenge- Cryptographic encryption Cryptostorage
dependent mapping from a clearstring to the storage
module of a PUF. Its security objective is that an at- 1. meaning of Information physical Information
tacker finds no mechanism for the extraction of the
2. cryptogram PUF storage module
clearstringfromthePUFwithoutthesetofs-challenges.
3. crypto-algorithm cryptostorage mechanism
The s-challenge is a string of bits that designates a
subset of the address space of the information-storage 4. inversion of cryptogram reproduction of PUF
system. 5. cryptographic key s-challenge
Whenonecomparesthisdefinitionwiththeoneofacryp- 6. encrypt with key store at s-challenge adr.
tographic encryption algorithm (3), the close analogy be- 7. decrypt with key apply s-chall. & measure
tweenthetwoisobvious: thes-challengeisequivalenttothe
key, the storage system of the PUF to the cryptogram and
Table 1: A listing of corresponding concepts of
theclearstringtothecleartext. Ifcryptographicencryption
cryptographic encryption and cryptostorage. 1.
is the science of concealed (crypto) writing (graphein), re-
What is protected? 2. Where is protected infor-
searchanddevelopmentonPUFscanbeidentifiedasthesci-
mation? 3. What is the security mechanism that 4.
ence of concealed storage, or “cryptostorage”. Cryptostor-
prevents what?
ageprotectsthephysicalinformation4 itself. Cryptographic
encryption protects the meaning of the information5 in the
cryptogram. The close parallel between cryptographic en-
MRT PUFs with N secret elements require on the order of
cryption and cryptostorage is illustrated in Table 1. 2N challenge-response pairs to extract all contained infor-
In cryptographic encryption, principles and comprehensi-
mation even under sophisticated learning attacks? Another
ble systematic arguments (not necessarily proofs) based on
important research topic are algorithms and protocols to
mathematicsandinformaticsensurethatthecleartextcan-
support PUF-based applications.
not be extracted without the key. In an analogous manner,
If a new “PUF protocol”, e.g., for authentication is pro-
in cryptostorage, principles based on physics and electrical
posed, it should be communicated which of its features are
engineeringmustensurethatthestoredinformationcannot
PUF specific, and why. Otherwise, it would be a general
beextractedwithoutbeinginpossessionofthes-challenges.
authenticationprotocol,i.e.,itsnoveltycannotlieinitsap-
The analog of cryptanalytic analyses of cryptographic en-
plicability to PUFs.
cryption are, e.g., attacks using various forms of sophisti-
cated learning programs[18].
6. CERTIFICATIONOFPUFS
The specific value of cryptostorage for embedded security
is the systematic practical and theoretical development of AfirststepinaPUFsecurityevaluationmustbetoascer-
information-storage systems that remain secure when the tain that a hardware element within a target of evaluation
attacker can directly and completely access them, i.e. uses (TOE)isreallyaPUFaccordingtoourproposeddefinition.
their regular read-out system. It will be necessary to de- The next step will be to identify the PUF’s security objec-
velop the primitive of cryptostorage in a systematic man- tives within the TOE’s architecture and the security mech-
ner because it will always remain impossible in principle to anisms that fulfill these objectives. The central task of a
completely deny access to embedded storage systems. The PUF certification will be to theoretically model and verify
major aim of cryptostorage will be to develop PUFs with the PUF’s security mechanism in simulation and practice.
a comprehensible, well understood security level based on Possible effects of the PUF’s security mechanism on other
sound principles of engineering, physics and mathematics. conventional,non-PUFmechanismthatsecuretheprotected
memory also need to be considered.
5. FUTUREPUFRESEARCH ClassifyingthePUFaccordingtothecharacteristicsinSec-
tion 3 will be useful to lay out the scope of the evalua-
The two most basic question are:
tion. Preciselydefinedsecurityobjectivesclearlydetermine
1. What new security objectives for PUFs could there be?
the tasks of the security mechanisms. If, e.g., the PUF
Which PUF storage-functionalities, besides the simple, ad-
hasaninternallygeneratedrandomvalueasresponse(CSP
dressed and timed release of information could be useful?
mechanism),themachineproducingitassumestheroleofa
2. Whatnewsecuritymechanisms,besidestheCS,NCand
Random-Number Generator (RNG). It will then be neces-
cryptostorage classes could there be?
sary to evaluate the manufacturing system, e.g., according
Thecryptostoragesecurityprimitiveisboundtoplayasim-
to the existing guidelines for the certification of RNGs [19].
ilarlyimportantroleinembeddedsecurityascryptographic
PUFs can be valuable because they reach new levels of se-
encryptiondoes. ManyproposedPUFsarebasedonit,but
curity, but also because they allow cheaper solutions than
thesecurityoftheseproposalsstillneedfurtherstudy. The
conventional approaches. Therefore, security evaluations of
foundationsofcryptostorageneedtobedevelopedsystemat-
PUFs must not just address whether a PUF can be repro-
ically: Whichfurtherstandarddesignprinciplesforphysical
duced but also at which effort.
memoriescouldbegivenup,tomakethemsecurity-memory
bounded? How can EUR PUFs be constructed which are
notbasedonquantum-storage? Howcanitbeensuredthat 7. CONCLUSION
4Physicalinformationisaphysicalsystemthathasacertain We proposed to define PUFs as physical memories de-
computable relation to the outside world in space an time. signed with the objective to protect a well defined storage
5Themeaningofinformationisadescriptionoftherelation functionality against duplication with a mechanism that is
between physical information and outside world. inseparablefromtheinformation-storagemechanism. PUFs
inthissenseseemtocompletelycharacterizewhatthecom- in Proceedings of the 16th international GI/ITG
munity always meant by this concept. conference on Measurement, Modelling, and
We welcome challenges to this claim. Evaluation of Computing Systems and Dependability
Our definition does not restrict PUF architectures in any and Fault Tolerance, ser. MMB’12/DFT’12. Berlin,
way, but provides a clear separation to other conventional Heidelberg: Springer-Verlag, 2012, pp. 288–301.
security modules. Conventional secure memories in which [9] U.Ru¨hrmair,“Simplsystems: Onapublickeyvariant
information-storage and security mechanism are separable, of physical unclonable functions,” Cryptology ePrint
i.e. protect against access to the informations-storage sys- Archive, International Association for Cryptologic
tem, are no PUFs. In principle, their security mechanism Research, Tech. Rep., 2009.
canalsoprotectentitiesdifferentfromassociatedmemories. [10] N. Beckmann and M. Potkonjak, “Hardware-based
Therefore,aclassificationofsucharchitecturesastwoinde- public-key cryptography with public physically
pendent security and storage architectures is more appro- unclonable functions,” in Information Hiding.
priate. Springer, 2009, pp. 206–220.
We argue that PUF research and development is a much [11] G. E. Suh and S. Devadas, “Physical unclonable
morefundamentalandimportantfieldthanpreviouslythought. functions for device authentication and secret key
In a sense, it is the discipline of the secure storage of phys- generation,” Design Automation Conference, 2007.
ical information itself, just as cryptography is the field of DAC ’07. 44th ACM/IEEE, pp. 9–14, 2007.
secure writing of the meaning of information.
[12] B. Gassend, M. van Dijk, D. Clarke, E. Torlak,
P. Tuyls, and S. Devadas, “Controlled physical
random functions and applications,” ACM
Transactions on Information and System Security,
Acknowledgment
vol. 10, no. 4, Jan. 2008.
WethankRalphBreithaupt,UteGebhardt,DieterSchuster [13] U. Ru¨hrmair, J. So¨lter, and F. Sehnke, “On the
and Markus Ullmann for helpful discussions and criticisms foundations of physical unclonable functions,”
on previous drafts of this manuscript. We further thank Cryptology ePrint Archive, Report 2009/277, 2009,
three anonymous referees for very helpful critical remarks. http://eprint.iacr.org/.
[14] R. Maes, A. V. Herrewege, and I. Verbauwhede,
8. REFERENCES “Pufky: A fully functional puf-based cryptographic
[1] B. Gassend, D. Clarke, M. van Dijk, and S. Devadas, key generator,” in CHES, vol. 7428. Springer, 2012,
“Silicon physical random functions,” in CCS ’02: pp. 302–319.
Proceedings of the 9th ACM conference on Computer [15] F. Pastawski, N. Y. Yao, L. Jiang, M. D. Lukin, and
and communications security. New York, NY, USA: J. I. Cirac, “Unforgeable noise-tolerant quantum
ACM, 2002, pp. 148–160. tokens,” 2011.
[2] ——, “Delay-based circuit authentication and [16] J. Guajardo, S. S. Kumar, G. J. Schrijen, and
applications,” in Symposium on Applied Computing P. Tuyls, “FPGA intrinsic PUFs and their use for IP
(SAC), 2003. protection,” in 9th International Workshop of
[3] R. Maes and I. Verbauwhede, “A discussion on the Cryptographic Hardware and Embedded Systems,
properties of physically unclonable functions,” CHES’07, 2007, pp. 63–80.
TRUST 2010 Workshop on Security Hardware, Berlin, [17] D. Lim, J. W. Lee, B. Gassend, G. E. Suh, M. van
DE, 2010. Dijk, and S. Devadas, “Extracting secret keys from
[4] A.-R. Sadeghi, I. Visconti, and C. Wachsmann, integrated circuits,” Very Large Scale Integration
“PUF-enhanced rfid security and privacy,” in (VLSI) Systems, IEEE Transactions on, vol. 13,
Workshop on Secure Component and System no. 10, pp. 1200–1205, December 2005.
Identification (SECSI), 2010. [18] U. Ru¨hrmair, F. Sehnke, J. So¨lter, G. Dror,
[5] F. Armknecht, R. Maes, A.-R. Sadeghi, F.-X. S. Devadas, and J. Schmidhuber, “Modeling attacks
Standaert, and C. Wachsmann, “A formalization of on physical unclonable functions,” in Proceedings of
the security features of physical functions,” in the 17th ACM conference on Computer and
Proceedings of the 2011 IEEE Symposium on Security communications security, ser. CCS ’10. New York,
and Privacy, ser. SP ’11. Washington, DC, USA: NY, USA: ACM, 2010, pp. 237–249.
IEEE Computer Society, 2011, pp. 397–412. [Online]. [19] W. S. Wolfgang Killmann, “Ais 31 v3 - functionality
Available: http://dx.doi.org/10.1109/SP.2011.10 classes and evaluation methodology for random
[6] U. Ru¨hrmair, H. Busch, and S. Katzenbeisser, “Strong number generators,” Federal Office for Information
PUFs: Models, constructions, and security proofs,” in Security (BSI), Germany, 2013,
Towards Hardware-Intrinsic Security, A.-R. Sadeghi https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung
and D. Naccache, Eds. Springer, 2010, pp. 79–96. /Interpretationen/AIS 31 pdf.pdf.
[7] A. Maiti, V. Gunreddy, and P. Schaumont, “A
systematic method to evaluate and compare the
performance of physical unclonable functions,”
Cryptology ePrint Archive, Report 2011/657, 2011,
http://eprint.iacr.org/2011/657.
[8] R.PlagaandF.Koob, “Aformaldefinitionandanew
security mechanism of physical unclonable functions,”
