Paper 2011/189

SIMPL Systems as a Keyless Cryptographic and Security Primitive

Ulrich Rührmair

Abstract

We discuss a recent cryptographic primitive termed SIMPL system. Like Physical Unclonable Functions (PUFs), SIMPL systems are disordered, unclonable physical systems with many possible inputs and a complex input-output behavior. Contrary to PUFs, however, each SIMPL system comes with a publicly known, individual numeric description that allows its slow simulation and output prediction. While everyone can determine a SIMPL system’s output slowly by simulation, only its actual holder can determine the output fast by physical measurement. This added functionality allows new public key like protocols and applications. But SIMPLs have a second, perhaps more striking advantage: No secret information is, or needs to be, contained in SIMPL systems in order to enable cryptographic security. Neither in the form of a standard digital key, nor as secret information hidden in the random, analog features of some hardware, as it is the case for PUFs. The security of SIMPL systems instead rests on (i) an assumption regarding their physical unclonability, and (ii) a computational assumption on the complexity of simulating their output. This provides SIMPL systems with a natural immunity against any key extraction attacks, including malware, side channel, invasive, and modeling attempts. In this manuscript, we give a comprehensive discussion of SIMPLs as a cryptographic and security primitive. Special emphasis is placed on the different cryptographic protocols that are enabled by this new tool.