Atomically unique physical security devices
In nanostructures, the position of impurity atoms, and their exact shape and size, all influence their properties. This makes it virtually impossible to produce two devices that operate identically. This is a major problem for many applications, but research led by the Young-Quantum group has developed an exciting application for this inherent irreproducibility. Using this effect we have invented the first physical security devices with atomic sensitivity. The underlying security is based on a simple quantum technology.
We rely heavily on electronic devices in our daily lives. For example, we use them to carry out financial transactions, communicate with other people, monitor our health and interact with our environment. Secure operation of digital devices is vital, as they are often trusted to fulfil critical tasks, and normal cryptographic protocols are used to achieve this. These protocols rely on secret information that is either stored on devices or provided by users. It has been shown, however, that attacks on digital devices can leak the secret information stored within, and users are known to be a weak point when it comes to keeping a secret.
Physical unclonable functions (PUFs) are relatively recent inventions, which provide an alternative method to generating a secret. Instead of storing the secret in digital memory, or asking a user to provide it, it is derived from a physical characteristic of the system. A PUF can be constructed in various ways. For example, scattering patterns of an optical medium or chip-specific transistor switch delay variations can be used to generate PUFs. The assumption is that the secret cannot be copied, as it is bound to a physical entity which cannot be cloned. Furthermore, it is assumed that the probability of finding two devices with identical physical characteristics is very low.
Existing PUFs have limitations, as they are often difficult to produce and handle, and more importantly, there is no guarantee that they actually cannot be cloned. Arbiter PUFs, Ring Oscillator PUFs, XOR PUFs, Lightweight Secure PUFs and Feed-Forward PUFs have all been attacked using machine learning techniques. An SRAM-PUF was cloned by Helfmeier et al., and it has been shown that some existing PUF implementations are vulnerable to side-channel attacks.
Resonant tunneling diodes (RTDs), simple electronic structures exhibiting quantum confinement, were recently proposed for operation as PUF devices by the principle investigators. The RTD encapsulates a quantum nanostructure between two electrical contacts and displays an exotic I-V characteristic not seen in classical devices. The quantum nanostructure behaves such that it only allows electrons to exist at well-defined energy levels within the nanostructure. Only when the energy of the incoming electrons is equal with one of these energy levels can current flow through the device, as the electrons have to quantum mechanically tunnel and use the energy levels as a stepping stone. Thus, this type of diode allows current to flow only at well-defined voltages, which is dependent on the nanostructure placed within it. Further increase of the voltage results in a peak in the spectrum due to a drop in current and a region of negative differential resistance (NDR), a defining characteristic of such a device. This peak is highly dependent on the quantum confinement exhibited within the nanostructure, which is subject to the overall atomic arrangement of the device. Hence, the device was named a quantum confinement PUF (QC PUF), and represents the first PUF whose output is sensitive to atom-scale variations. The probability of creating, either on purpose or accidentally, two devices that are exactly the same is negligible, because each device consists of hundreds of thousands of atoms. Therefore, each manufactured device exhibits a spectrum with a uniquely positioned peak. Properties of this peak can be used as the input of a function providing unique device identification. Alternatively, the information may be treated as a secret and could then be used to derive key material.
A QC PUF, besides preventing cloning, has other important benefits. A QC PUF can be produced together with an integrated circuit (IC) on the same wafer without introducing additional manufacturing steps. As a QC PUF is simple and small in size many can be included within a chip, giving a simple scaling mechanism for the size of the provided secret.
The QC PUFs inception has led to a great deal of excitement surrounding the possibilities for this technology. This proposal will build upon this recent foundational work, investigating how their nanoscale properties can be harnessed to deliver novel functionalities, whilst exploring their fundamental security potential. Methods of implementation, protecting devices against weaknesses inherent in other technologies, will be developed.