
Physical Unclonable Function - kushti
https://en.wikipedia.org/wiki/Physical_unclonable_function
======
Natanael_L
Quantum effect based PUFs using IR lasers would be really neat for things like
authentication tags. A provably unclonable key would be incredibly useful,
especially if it doesn't need contact.

There's also QKD variants based on mutual access to PUFs, using the PUF as the
equivalent to a signing keypair in a key exchange. QKD in general might be
pretty redundant, but that particular use would certainly have its niches.

------
doomrobo
I believe credit card chips are examples of PUFs. CC terminals do a challenge-
response through the chip in order to verify it, and the only way to pass the
challenges would be with a perfect copy of the embedded chip (which is
presumably difficult to physically steal). This is why chips+pin is an
improvement on the CC swipe: because anybody can steal a magstripe code.

~~~
nickpsecurity
Nah, a good example of PUF in that space is that company making stuff that
fingerprints the magnetic strips. The manufacturing leaves impurities that
vary on a device by device basis. Each has different magnetic properties.
Developing a stripe with exact same properties might be quite difficult.
Hence, it's a PUF.

Whereas, chips get cloned all the time. Sometimes, they do it down to the
transistors.

~~~
dTal
In fact magnetic stripe cards are simply digital data and easily copied (and
have been for decades). "Chip and pin" was introduced specifically to combat
this, and is indeed an example of an attempt at implementing a PUF.

~~~
nickpsecurity
I think you're missing the concept. PUF's are ususlly based on electrical or
other physical properties of underlying hardware. For credit cards, the data
is stored on a stripe and easy to copy. The stripe itself has certain magnetic
properties due to manufacturing variances and impurities that can be
fingerprinted. Readers, upon inserting card, both read data and profile stripe
itself then send both for authentication. See magnetic topic here:

[https://en.m.wikipedia.org/wiki/Types_of_Physical_unclonable...](https://en.m.wikipedia.org/wiki/Types_of_Physical_unclonable_function)

Survey of other techniques here:

[https://www.google.com/url?sa=t&source=web&rct=j&url=http://...](https://www.google.com/url?sa=t&source=web&rct=j&url=http://digital.csic.es/bitstream/10261/96029/1/Using%2520Physical.pdf&ved=0ahUKEwj_77qK0_3KAhWLuB4KHci6AykQFggnMAE&usg=AFQjCNFnC7vuH1pHCYuWJBpjfCYCJEVlwA&sig2=_tNNuLOacl3QOhb3QP5yUQ)

------
leereeves
Is it necessary to clone such a device, or would it suffice to implement only
the challenge/response pairs stored on the device that sends the challenges
and checks the responses?

~~~
vinceguidry
You would need to clone the device, as the possible challenges are infinite as
they are mathematically-generated. The scheme would just be a glorified one
time pad otherwise.

~~~
leereeves
But what can be done with the challenges that uses the "infinite" set of
possible challenges instead of a finite subset that has been stored on another
device?

In other words, if a fake responds with anything it wants for challenges that
aren't stored on the other device (the challenger), how would the challenger
know the response didn't match what the real PUF would send?

~~~
vinceguidry
The responses are verified mathematically in a manner akin to a hash function.
It's hard to know what the PUF will send, but easy to verify that it actually
came from the PUF.

~~~
leereeves
Do you have a source? I don't see that detail in the Wikipedia article and
didn't find confirmation in a few Google searches.

~~~
vinceguidry
It's right there in the first sentence.

> a physical unclonable function (PUF, sometimes also called physically
> unclonable function) is a physical entity that is embodied in a physical
> structure and is easy to evaluate but _hard to predict_.

~~~
leereeves
I'm not sure "evaluate" means "verify that it actually came from the PUF",
though it is one possible interpretation.

~~~
vinceguidry
Think of it like this. Forget that the PUF is a physical device and just
consider the "function" part. A function is a piece of math that maps input to
output. For example, f(x) = 2x. This function is easy to compute and easy to
predict. A hash function is easy to compute but hard to predict.

A function doesn't have to rely on any kind of arithmetic, you can have a
random function that simply maps all inputs to random outputs, or something
silly like a function that hands its input to a two-year old, who then points
out a star in the sky, then an astronomer takes a picture and gives that as a
return to the function.

A Physically Unclonable Function is a function baked into hardware in a
specific way that, like hash functions, allows computation but resists
prediction. The article describes in a general sense how this is accomplished,
by making the output of the function rely on impossible-to-replicate physical
features of the circuit. Even though the actual output is unpredictable, you
can still tell it's from the PUF due to purposefully-added design constraints.

~~~
leereeves
I understand the idea, I'm just looking for confirmation - more than one
vague, uncited sentence on Wikipedia whose meaning is unclear.

Have you worked with these?

~~~
vinceguidry
There's plenty of references at the bottom, why don't you dive into these
yourself instead of asking me to do it for you? I found the article perfectly
clear.

~~~
leereeves
I ask because you seem to be acting like an expert. Have you based everything
you said here solely on your interpretation of the Wiki article?

~~~
vinceguidry
I took an intro to crypto course on Coursera a few years ago.

