Physically Unclonable Functions (PUFs) Applications, Models, and Future Directions

Today, embedded systems are used in many security-critical applications, from access control, electronic tickets, sensors, and smart devices (e.g., wearables) to automotive applications and critical infrastructures. These systems are increasingly used to produce and process both security-critical and privacy-sensitive data, which bear many security and privacy risks. Establishing trust in the underlying devices and making them resistant to software and hardware attacks is a fundamental requirement in many applications and a challenging, yet unsolved, task. Solutions solely based on software can never ensure their own integrity and trustworthiness while resource-constraints and economic factors often prevent the integration of sophisticated security hardware and cryptographic co-processors. In this context, Physically Unclonable Functions (PUFs) are an emerging and promising technology to establish trust in embedded systems with minimal hardware requirements. This book explores the design of trusted embedded systems based on PUFs. Specifically, it focuses on the integration of PUFs into secure and efficient cryptographic protocols that are suitable for a variety of embedded systems. It exemplarily discusses how PUFs can be integrated into lightweight device authentication and attestation schemes, which are popular and highly relevant applications of PUFs in practice. For the integration of PUFs into secure cryptographic systems, it is essential to have a clear view of their properties. This book gives an overview of different approaches to evaluate the properties of PUF implementations and presents the results of a large scale security analysis of different PUF types implemented in application-specific integrated circuits (ASICs). To analyze the security of PUF-based schemes as is common in modern cryptography, it is necessary to have a security framework for PUFs and PUF-based systems. In this book, we give a flavor of the formal modeling of PUFs that is in its beginning and that is still undergoing further refinement in current research. The objective of this book is to provide a comprehensive overview of the current state of secure PUF-based cryptographic system design and the related challenges and limitations. Table of Contents: Preface / Introduction / Basics of Physically Unclonable Functions / Attacks on PUFs and PUF-based Systems / Advanced PUF Concepts / PUF Implementations and Evaluation / PUF-based Cryptographic Protocols / Security Model for PUF-based Systems / Conclusion / Terms and Abbreviations / Bibliography / Authors' Biographies

Preface.- Introduction.- Basics of Physically Unclonable Functions.- Attacks on PUFs and PUF-based Systems.- Advanced PUF Concepts.- PUF Implementations and Evaluation.- PUF-based Cryptographic Protocols.- Security Model for PUF-based Systems.- Conclusion.- Terms and Abbreviations.- Bibliography.- Authors' Biographies .

Christian Wachsmann is a postdoctoral researcher at the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He received his Ph.D. in computer science from Technische Universität Darmstadt, Germany. His current research focuses on the design, development, formalmodeling, and security analysis of security architectures and cryptographic protocols to verify the software integrity (attestation) of embedded systems. Christian is the main author of more than 30 scientific publications in internationally renowned journals and conferences on information and communications security.Ahmad-Reza Sadeghi is a full professor of computer science at Technische Universitat Darmstadt, Germany. He is the head of the System Security Lab at the Center for Advanced Security Research Darmstadt (CASED) and Director of the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He holds a Ph.D. in computer science from the University of Saarland in Saarbrucken, Germany. Prior to academia, he worked in research and development of telecommunications enterprises, such as Ericsson Telecommunications. He has served on the Editorial Board of the ACM Transactions on Information and System Security.