A PUF, short for physical unclonable function, is an object containing an internally disordered structure either by default or by design. Various objects contain internal disorder in their nanoscale structure like the fibers of a piece of paper, slight manufacturing differences on computer chips or even the structured surface of a wall. Each piece is unique and cannot be physically cloned, not even by its manufacturer. While these slight differences are often seen as a nuisance, these can be exploited for IT Security purposes. If an external stimulus is introduced to such an object, e.g. a laser beam to a transparent object, it reacts in a unique way, e.g. by creating a speckle pattern. If the angle of the laser beam or its position are changed, different pattern emerge. Thus, various stimuli, called challenges, can be used to create different outputs, referred to as responses. If the same challenge is introduced to such a PUF, the same response is outputted all the time, whereas changes within the PUF or the use of a different PUF lead to a different response. Hence, knowing this unique challenge-response behavior, one is able to identify the PUF and detect changes within the PUF. This feature can be exploited for various cryptographic protocols like authentication purposes. Image you know that your best friend owns a PUF and you know how this PUF behaves when a laser beam lights this PUF. Then, you are able to identify your best friend by just examining the PUF’s behavior. Thus, this PUF can be seen as a secure tag or label. This technique can be used to counterfeit pirated products like medicine by placing a PUF on the packaging. Forgers are not able to physically clone this PUF which is why, e.g. a pharmacy is able to check the product’s authenticity.
Name: Veronika Bauer
Field of study: Informatics
Supervisor: Prof. Dr. Dieter Kranzlmüller, Prof. Dr. Dr. Ulrich Rührmair, M.Sc. Steffen Illium
Chair: Institute of Informatics LMU Munich