Authenticating and protecting digital information in portable devices

A secure alternative

Secret keys embedded in portable and consumer devices protect owners from electronic fraud and content providers from illegal use of content. Those keys are vulnerable to attack by a motivated adversary or owner, since available protection schemes are too expensive and bulky for most applications. This project proposes Physical Unclonable Functions (PUFs) as a more secure alternative to digital keys. The conventional way of protecting a digital secret key in a microchip or integrated circuit is to house it in an expensive, tamper-resistant package. PUFs would let the chip itself act as the key. At the microscopic scale, circuits are never identical, even on chips manufactured the same way. The PUF is a simple circuit with a huge number of paths and a sub-circuit that acts as a stopwatch. Timing input delays along a few hundred of the paths can generate a unique fingerprint for each apparently identical chip. That fingerprint can act as a key to, for instance, unlock proprietary software or authenticate an on-line transaction. With PUFs, each device would be bound to a unique random unclonable function that serves as its identity.