The characteristic novelty of what is generally meant by a “physical unclonable function” (PUF) is precisely defined, in order to supply a firm basis for security evaluations and the proposal of new security mechanisms. A PUF is defined as a hardware device which implements a physical function with an output value that changes with its argument. A PUF can be clonable, but a secure PUF must be unclonable.

This proposed meaning of a PUF is cleanly delineated from the closely related concepts of “conventional unclonable function”, “physically obfuscated key”,“random-number generator”, “controlled PUF” and “strong PUF”. The structure of a systematic security evaluation of a PUF enabled by the proposed formal definition is outlined. Practically all current and novel physical (but not conventional) unclonable physical functions are PUFs by our definition. Thereby the proposed definition captures the existing intuition about what is a PUF and remains flexible enough to encompass further research.

In a second part we quantitatively characterize two classes of PUF security mechanisms, the standard one, based on a minimum secret read-out time, and a novel one, based on challenge-dependent erasure of stored information. The new mechanism is shown to allow in principle the construction of a “quantum-PUF”, that is absolutely secure while not requiring the storage of an exponentially large secret. The construction of a PUF that is mathematically and physically unclonable in principle does not contradict the laws of physics.


Security Requirement Security Level Security Mechanism Very Large Scale Integration Security Evaluation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Armknecht, F., et al.: A Formal Foundation for the Security Features of Physical Functions. In: IEEE Symposium on Security and Privacy (SSP), pp. 397–412. IEEE Computer Society (May 2011)Google Scholar
  2. 2.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Sunar, B., Tuyls, P.: Memory Leakage-Resilient Encryption Based on Physically Unclonable Functions. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 685–702. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Bennett, C.H., Brassard, G., Breidbart, S., Wiesner, S.: Quantum Cryptography, or Unforgeable Subway Tokens. In: Advances in Cryptography: Proceedings of CRYPTO 1982, pp. 267–275. Plenum Press (1983)Google Scholar
  4. 4.
    Borel, E.: Probabilities and life. Dover (1962)Google Scholar
  5. 5.
    Busch, H., Sotáková, M., Katzenbeisser, S., Sion, R.: The PUF Promise. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 290–297. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Fischer, J., Loss, D.: Dealing with decoherence. Science 324, 1277 (2009)CrossRefGoogle Scholar
  7. 7.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled physical random functions. In: Proceedings of the 18th Annual Computer Security Applications Conference, ACSAC 2002 (2002)Google Scholar
  8. 8.
    Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Delay-Based Circuit Authentication and Applications. In: Proc. of the 18th Annual ACM Symposium on Applied Computing (March 2003)Google Scholar
  9. 9.
    Gassend, B., van Dijk, M., Clarke, D.E., Torlak, E., Tuyls, P.: Controlled physical random functions and applications. ACM Trans. Inf. Syst. Secur. 10(4), article 15 (2008)Google Scholar
  10. 10.
    Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA Intrinsic PUFs and Their Use for IP Protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Lim, D., et al.: Extracting Secret Keys From Integrated Circuits. IEEE Trans. on Very Large Scale Integration (VLSI) Systems 13(10), 1220 (2005)Google Scholar
  12. 12.
    Landauer, R.: Information is physical. Physics Today 23 (May 1991)Google Scholar
  13. 13.
    Maes, R., Verbauwhede, I.: A discussion on the Properties of Physically Unclonable Functions. In: TRUST 2010 Workshop, Berlin (2010)Google Scholar
  14. 14.
    Pappu, R.: Physical One-Way Functions, PhD thesis. MIT (2001); Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Science 297, 2026 (2002)Google Scholar
  15. 15.
    Rührmair, U., Söltner, J., Sehnke, F.: On the Foundations of Physical Unclonable Functions, Cryptology ePrint Archive, Report 2009/277Google Scholar
  16. 16.
    Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: ACM Conference on Computer and Communications Security (CCS), pp. 237–249 (2010)Google Scholar
  17. 17.
    Rührmair, U., Jaeger, C., Algasinger, M.: An Attack on PUF-based Session Key Exchange, and a Hardware-based Countermeasure: Erasable PUFs. In: 15th International Conference on Financial Cryptography and Data Security, St. Lucia, February 28-March 4 (2011)Google Scholar
  18. 18.
    Scarani, V., Kurtsiefer, C.: The black paper of quantum cryptography: real implementation problems, arXiv:0906.4547v1 (2009)Google Scholar
  19. 19.
    Tarnovsky, C.: Deconstructing a “secure” processor. In: Black Hat Conference, Washington (2010),
  20. 20.
    van Tilborg, H.C.A. (ed.): Encyclopedia of cryptography and security. Springer, New York (2005)zbMATHGoogle Scholar
  21. 21.
    Wiesner, S.: Conjugate coding. Sigact News 15, 78 (1983)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Rainer Plaga
    • 1
  • Frank Koob
    • 1
  1. 1.Federal Office for Information Security (BSI)BonnGermany

Personalised recommendations