Paper 2019/388

Towards Secret-Free Security

Ulrich Rührmair


While digital secret keys appear indispensable in modern cryptography and security, they also routinely constitute a main attack point of the resulting hardware systems. Some recent approaches have tried to overcome this problem by simply avoiding keys and secrets in vulnerable systems. To start with, physical unclonable functions (PUFs) have demonstrated how “classical keys”, i.e., permanently stored digital secret keys, can be evaded, realizing security devices that might be called “classically key-free”. Still, most PUFs induce certain types of physical secrets deep in the hardware, whose disclosure to adversaries breaks security as well. Examples include the manufacturing variations that determine the power-up states of SRAM PUFs, or the signal runtimes of Arbiter PUFs, both of which have been extracted from PUF-hardware in practice, breaking security. A second generation of physical security primitives, such a SIMPLs/PPUFs and Unique Objects, recently has shown promise to overcome this issue, however. Perhaps counterintuitively, they would enable completely “secret-free” hardware, where adversaries might inspect every bit and atom, and learn any information present in any form in the hardware, without being able to break security. This concept paper takes this situation as starting point, and categorizes, formalizes, and surveys the currently emerging areas of key-free and, more importantly, secret-free security. Our treatment puts keys, secrets, and their respective avoidance into the center of the currently emerging physical security methods. It so aims to lay the foundations for future, secret-free security hardware, which would be innately and provably immune against any physical probing and key extraction.

Available format(s)
Publication info
Preprint. Minor revision.
Physical CryptographyPUFsSIMPLsPPUFsUNOsSecret-Free SecuritySecret-Free CryptographyHardware Security
Contact author(s)
ruehrmair @ ilo de
2019-04-18: received
Short URL
Creative Commons Attribution


      author = {Ulrich Rührmair},
      title = {Towards Secret-Free Security},
      howpublished = {Cryptology ePrint Archive, Paper 2019/388},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.