In this paper we propose a new security primitive: the quantum-readout PUF (QR-PUF). This is a classical PUF which is challenged using a quantum state, e.g. a single-photon state, and whose response is also a quantum state. By the no-cloning property of unknown quantum states, attackers cannot intercept challenges or responses without noticeably disturbing the readout process. Thus, a verifier who sends quantum states as challenges and receives the correct quantum states back can be certain that he is probing a specific QR-PUF without disturbances, even in the QR-PUF is far away `in the field' and under hostile control. For PUFs whose information content is not exceedingly large, all currently known PUF-based authentication and anti-counterfeiting schemes require trusted readout devices in the field. Our quantum readout scheme has no such requirement.
Furthermore, we show how the QR-PUF authentication scheme can be interwoven with Quantum Key Exchange (QKE), leading to an authenticated QKE protocol between two parties. This protocol has the special property that it requires no a priori secret, or entangled state, shared by the two parties.
Category / Keywords: quantum key distribution, quantum cryptography, physical unclonable function, PUF Date: received 23 Jul 2009, last revised 4 Mar 2013 Contact author: b skoric at tue nl Available format(s): PDF | BibTeX Citation Note: Correction of an error in Theorems 1 and 2. Version: 20130304:192745 (All versions of this report) Short URL: ia.cr/2009/369