PUF-Based Authentication Protocols – Revisited

  • Heike Busch
  • Stefan Katzenbeisser
  • Paul Baecher
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5932)


Physical Unclonable Functions (\({\emph{PUF}}\)) are physical objects that are unique and unclonable. \({\emph{PUF}}\)s were used in the past to construct authentication protocols secure against physical attackers. However, in this paper we show that known constructions are not fully secure if attackers have raw access to the \({\emph{PUF}}\) for a short period of time. We therefore propose a new, stronger, and more realistic attacker model. Subsequently, we suggest two constructions of authentication protocols, which are secure against physical attackers in the new model and which only need symmetric primitives.


Hash Function Smart Card Authentication Protocol Bloom Filter Enrollment Phase 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Pappu, R.: Physical One-Way Functions. PhD thesis, Massachusetts Institute of Technology (2001)Google Scholar
  2. 2.
    Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002)CrossRefGoogle Scholar
  3. 3.
    Gassend, B.: Physical random functions. Master’s thesis, Massachusetts Institute of Technology (2003)Google Scholar
  4. 4.
    Hammouri, G., Sunar, B.: PUF-HB: A tamper-resilient HB based authentication protocol. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 346–365. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Tuyls, P., et al.: Information-theoretic security analysis of physical uncloneable functions. In: Patrick, A.S., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 141–155. Springer, Heidelberg (2005)Google Scholar
  6. 6.
    Tuyls, P., et al.: Anti-Counterfeiting. In: Security, Privacy and Trust in Modern Data Management, pp. 293–312. Springer, Heidelberg (2007)Google Scholar
  7. 7.
    Škorić, B., Tuyls, P.: Strong Authentication with Physical Unclonable Functions. In: Security, Privacy and Trust in Modern Data Management, pp. 133–148. Springer, Heidelberg (2007)Google Scholar
  8. 8.
    Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Communications of the ACM 13(7), 422–426 (1970)zbMATHCrossRefGoogle Scholar
  10. 10.
    Broder, A., Mitzenmacher, M.: Network applications of bloom filters: A survey. Internet Mathematics 1(4), 485–509 (2004)zbMATHMathSciNetGoogle Scholar
  11. 11.
    Merkle, R.C.: Protocols for public key cryptosystems. IEEE Symposium on Security and Privacy 122 (1980)Google Scholar
  12. 12.
    Guajardo, J., Škorić, B., Tuyls, P., Kumar, S.S., Bel, T., Blom, A.H., Schrijen, G.J.: Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions. Information Systems Frontiers 11(1), 19–41 (2009)CrossRefGoogle Scholar
  13. 13.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)Google Scholar
  14. 14.
    Škorić, B., Tuyls, P.: Robust key extraction from physical unclonable functions. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 407–422. Springer, Heidelberg (2005)Google Scholar
  15. 15.
    Mitzenmacher, M., Upfal, E.: Probability and Computing: Randomized Algorithms and Probabilistic Analysis. Cambridge University Press, New York (2005)zbMATHGoogle Scholar
  16. 16.
    Micali, S., Reyzin, L.: Min-round resettable zero knowledge in the public key model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 373–393. Springer, Heidelberg (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Heike Busch
    • 1
  • Stefan Katzenbeisser
    • 1
  • Paul Baecher
    • 1
  1. 1.Darmstadt University of TechnologyGermany

Personalised recommendations