Physical Unclonable Functions and Secure Processors

  • Srini Devadas
Conference paper

DOI: 10.1007/978-3-642-04138-9_5

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5747)
Cite this paper as:
Devadas S. (2009) Physical Unclonable Functions and Secure Processors. In: Clavier C., Gaj K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg


As computing devices become ever more pervasive, two contradictory trends are appearing. On one hand computing elements are becoming small, disseminated and unsupervised. On the other hand, the cost of security breaches is increasing as we place more responsibility on the devices that surround us. The result of these trends is that physical attacks present an increasing risk that must be dealt with.

Physical Unclonable Functions (PUFs) are a tamper resistant way of establishing shared secrets with a physical device. They rely on the inevitable manufacturing variations between devices to produce an identity for a device. This identity is unclonable, and in some cases is even manufacturer resistant (i.e., it is impossible to produce devices that have the same identity).

We describe a few applications of PUFs, including authentication of individual integrated circuits such as FPGAs and RFIDs, and the production of certificates that guarantee that a particular piece of software was executed on a trusted chip.

We present the design and implementation of two PUF-enabled devices that have been built: a low-cost secure RFID that can be used in anti-counterfeiting and other authentication applications, and a secure processor capable of performing certified execution and higher-level cryptographic functions.

The PUF-enabled RFID uses a simple challenge-response protocol for authentication that shifts complexity to the reader or server and therefore only requires a small number of transistors on the device side. The PUF-enabled processor generates its public/private key pair on power-up so its private key is never left exposed in (on-chip or off-chip) non-volatile storage. It is capable of a broad range of cryptographic functionality, including certified execution of programs.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Srini Devadas
    • 1
  1. 1.Professor and Associate Head, Department of EECSMITCambridge

Personalised recommendations