Infineon- Physically “Unclonable” Functions (PUF) - ready to serve government security?

July 4, 2013
Recently, so called Physically “Unclonable” Functions (PUF) received particular attention in the chip card market as a promising way to provide “silicon fingerprints”. Such structures could make electronic devices identifiable like biometrics do for human beings. As some early birds of this new PUF technology slowly mature from academic research to the implementation of prototypes, several severe security challenges become apparent that may jeopardize the promising ambitions of “silicon fingerprints”.  

Current PUF implementations lack proof of security 
Current security research demonstrates how Physically “Unclonable” Functions can indeed be cloned in a few hours (see e.g. link below: "Cloning Physically Unclonable Functions"). Next to that, a vast array of well-known attack classes has been successfully deployed against PUF implementations. For instance, PUFs have been attacked with side channel attacks (using the unintended leakage of secret information), fault attacks and physical manipulation of the chip. Manipulated PUF implementations have also been identified as a potential gateway for the introduction of Trojan Backdoors into security chips. In this case an assumed security function would in fact turn out to be a non-identifiable entrance for invaders. 

PUF may introduce weaknesses to formerly secure systems 
Applications with high security demand such as payment and government identification successfully rely on smart card solutions as solid root of trust since more than a decade. Independent certification schemes (e.g. Common Criteria & EMVCo) provide reliable security evidence that is up to date with the evolving attack methods. Adding PUF structures to smart cards used in these well proven applications may severely weaken the system security. Failures in such security critical applications are major risks for the governmental or commercial operators and can even put well established application classes into question.  

Current PUF implementations potentially suited for low security applications 
The verification of PUFs as “silicon fingerprints” in real products needs a safe playground that allows for learning without threatening valuable assets. PUFs in its current state should be used in low security applications and prototypes only. If early PUF implementations fail in large scale in critical systems, the whole technology may be at stake and the security industry and its customers will lose an opportunity for innovation.  

The future of silicon identity 
Secure identification or “fingerprinting” of chip card products is a strong requirement from many applications and has been addressed in different technical ways. Several solutions are already available as implementations that are independently security certified by Common Criteria. Further developments of “silicon biometrics“ show promising new technical properties and may contribute to raise the security level as soon as they have proven their reliability.  

Please follow the links below to find references to additional material on the exciting prospects and challenges of silicon identity technologies that today are frequently referred to as “PUF”: 
Cloning Physically unclonable Functions 
Cloning the Unclonable 
Literature Selection: PUF Attacks and Backdoor threats 

Please feel free to contact us for further information: SiliconIdentity(at)infineon.com