Paper 2015/1052

PLayPUF: Programmable Logically Erasable PUFs for Forward and Backward Secure Key Management

Chenglu Jin, Xiaolin Xu, Wayne Burleson, Ulrich Rührmair, and Marten van Dijk

Abstract

A silicon Physical Unclonable Function (PUF) is a hardware security primitive which implements a unique and unclonable function on a chip which, given a challenge as input, computes a response by measuring and leveraging (semiconductor process) manufacturing variations which differ from PUF to PUF. In this paper, we observe that by equipping a PUF with a small, constant-sized, tamper-resistant state, whose content cannot be modified, but can be read by adversaries, new and powerful cryptographic applications of PUFs become feasible. In particular, we show a new hardware concept which we call a Programmable Logically erasable PUF (PLayPUF). Its distinctive feature is that it allows the selective erasure of single challenge-response pairs (CRPs) without altering any other PUF-CRPs. The selective erasure of a CRP can be programmed a-priori by using a counter to indicate how many times the CRP can be read out before erasure. We show PLayPUFs can realize forward and {\it backward} secure key management schemes for public key encryption. The new notion of backward security informally means that even if an attacker uncovers a session key through the key management interface, the legitimate user will detect this leakage before he will ever use the session key. Backward security and its implementation via PLayPUFs allow the construction of novel, self-recovering certificate authorities (CAs) without relying on a digital master key. Our new CAs immediately detect key exposure through their interfaces, and recover from it without stopping their service, and without ever issuing certificates based on such exposed keys. This is a crucial step forward in implementing secure key management. We deliver a full proof-of-concept implementation of our new scheme on FPGA together with detailed performance data, as well as formal definitions of our new concepts, including the first definition of stateful PUFs.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. Minor revision.
Keywords
Physical Unclonable FunctionKey ManagementForward SecurityBackward SecurityCertificate Authority
Contact author(s)
chenglu jin @ uconn edu
History
2015-10-30: received
Short URL
https://ia.cr/2015/1052
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1052,
      author = {Chenglu Jin and Xiaolin Xu and Wayne Burleson and Ulrich Rührmair and Marten van Dijk},
      title = {PLayPUF: Programmable Logically Erasable PUFs for Forward and Backward Secure Key Management},
      howpublished = {Cryptology ePrint Archive, Paper 2015/1052},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/1052}},
      url = {https://eprint.iacr.org/2015/1052}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.