Physically Uncloneable Functions in the Universal Composition Framework

Recently, there have been numerous works about hardwareassisted cryptographic protocols, either improving previous constructions in terms of efficiency, or in terms of security. In particular, many suggestions use Canetti's universal composition (UC) framework to model hardware tokens and to derive schemes with strong security guarantees in the UC framework. In this paper, we augment this approach by considering Physically Uncloneable Functions (PUFs) in the UC framework. Interestingly, when doing so, one encounters several peculiarities specific to PUFs, such as the intrinsic non-programmability of such functions. Using our UC notion of PUFs, we then devise efficient UC-secure protocols for basic tasks like oblivious transfer, commitments, and key exchange. It turns out that designing PUF-based protocols is fundamentally different than for other hardware tokens. For one part this is because of the non-programmability. But also, since the functional behavior is unpredictable even for the creator of the PUF, this causes an asymmetric situation in which only the party in possession of the PUF has full access to the secrets.

[1]  Gil Segev,et al.  David and Goliath Commitments: UC Computation for Asymmetric Parties Using Tamper-Proof Hardware , 2008, EUROCRYPT.

[2]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[3]  Frank Sehnke,et al.  On the Foundations of Physical Unclonable Functions , 2009, IACR Cryptol. ePrint Arch..

[4]  Ran Canetti,et al.  Universal Composition with Joint State , 2003, CRYPTO.

[5]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[6]  Boris Skoric,et al.  Information-theoretic analysis of coating PUFs , 2006, IACR Cryptol. ePrint Arch..

[7]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[8]  Boris Skoric,et al.  Security with Noisy Data: Private Biometrics, Secure Key Storage and Anti-Counterfeiting , 2007 .

[9]  Boris Skoric,et al.  Information-Theoretic Security Analysis of Physical Uncloneable Functions , 2005, Financial Cryptography.

[10]  Yehuda Lindell,et al.  Constructions of truly practical secure protocols using standardsmartcards , 2008, CCS.

[11]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[12]  Gilles Brassard,et al.  Information theoretic reductions among disclosure problems , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[13]  Ulrich Rührmair,et al.  An Attack on PUF-Based Session Key Exchange and a Hardware-Based Countermeasure: Erasable PUFs , 2011, Financial Cryptography.

[14]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[15]  Ulrich Rührmair,et al.  Oblivious Transfer Based on Physical Unclonable Functions , 2010, TRUST.

[16]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[17]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[18]  Boris Skoric,et al.  Entropy Estimation for Optical PUFs Based on Context-Tree Weighting Methods , 2007 .

[19]  Frederik Armknecht,et al.  Memory Leakage-Resilient Encryption Based on Physically Unclonable Functions , 2009, ASIACRYPT.

[20]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[21]  Jesper Buus Nielsen,et al.  Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case , 2002, CRYPTO.

[22]  Yuval Ishai,et al.  Interactive Locking, Zero-Knowledge PCPs, and Unconditional Cryptography , 2010, Electron. Colloquium Comput. Complex..

[23]  Boris Skoric,et al.  Estimating the Secrecy-Rate of Physical Unclonable Functions with the Context-Tree Weighting Method , 2006, 2006 IEEE International Symposium on Information Theory.

[24]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[25]  Jonathan Katz,et al.  Universally Composable Multi-party Computation Using Tamper-Proof Hardware , 2007, EUROCRYPT.

[26]  Stefan Wolf,et al.  Oblivious Transfer Is Symmetric , 2006, EUROCRYPT.

[27]  Tam Tom Kevenaar,et al.  Information-theoretic analysis of capacitive physical unclonable functions , 2006 .

[28]  Yuval Ishai,et al.  Founding Cryptography on Tamper-Proof Hardware Tokens , 2010, IACR Cryptol. ePrint Arch..

[29]  Ingrid Verbauwhede,et al.  Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions , 2010, Towards Hardware-Intrinsic Security.

[30]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[31]  Ahmad-Reza Sadeghi,et al.  Enhancing RFID Security and Privacy by Physically Unclonable Functions , 2009, Towards Hardware-Intrinsic Security.

[32]  Mikhail J. Atallah,et al.  Robust Authentication Using Physically Unclonable Functions , 2009, ISC.

[33]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[34]  Frederik Armknecht,et al.  A Formal Foundation for the Security Features of Physical Functions , 2011, S&P 2011.

[35]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[36]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[37]  Yael Tauman Kalai,et al.  One-Time Programs , 2008, CRYPTO.

[38]  Jörn Müller-Quade,et al.  Universally composable zero-knowledge arguments and commitments from signature cards , 2007 .

[39]  G. Edward Suh,et al.  Extracting secret keys from integrated circuits , 2005, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[40]  Srinivas Devadas,et al.  Controlled physical random functions and applications , 2008, TSEC.

[41]  Frederik Armknecht,et al.  A Formalization of the Security Features of Physical Functions , 2011, 2011 IEEE Symposium on Security and Privacy.

[42]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.