Book Description
Physically unclonable functions (PUFs) are innovative physical security primitives that produce unclonable and inherent instance-specific measurements of physical objects; in many ways they are the inanimate equivalent of biometrics for human beings. Since they are able to securely generate and store secrets, they allow us to bootstrap the physical implementation of an information security system. In this book the author discusses PUFs in all their facets: the multitude of their physical constructions, the algorithmic and physical properties which describe them, and the techniques required to deploy them in security applications. The author first presents an extensive overview and classification of PUF constructions, with a focus on so-called intrinsic PUFs. He identifies subclasses, implementation properties, and design techniques used to amplify submicroscopic physical distinctions into observable digital response vectors. He lists the useful qualities attributed to PUFs and captures them in descriptive definitions, identifying the truly PUF-defining properties in the process, and he also presents the details of a formal framework for deploying PUFs and similar physical primitives in cryptographic reductions. The author then describes a silicon test platform carrying different intrinsic PUF structures which was used to objectively compare their reliability, uniqueness, and unpredictability based on experimental data. In the final chapters, the author explains techniques for PUF-based entity identification, entity authentication, and secure key generation. He proposes practical schemes that implement these techniques, and derives and calculates measures for assessing different PUF constructions in these applications based on the quality of their response statistics. Finally, he presents a fully functional prototype implementation of a PUF-based cryptographic key generator, demonstrating the full benefit of using PUFs and the efficiency of the processing techniques described. This is a suitable introduction and reference for security researchers and engineers, and graduate students in information security and cryptography.