18th Annual Computer Security Applications Conference
December 9-13, 2002
Las Vegas, Nevada


Controlled Physical Random Functions

Blaise Gassend, Dwaine Clarke and Srinivas Devadas
Massachusetts Institute of Technology
USA

Marten van Dijk
Philips Research
Netherlands

A Physical Random Function (PUF) is a function that is easy to evaluate but hard to characterize. We introduce controlled physical unknown functions (CPUFs) which are PUFs that can only be accessed via an algorithm that is physically bound to the PUF in an inseparable way. Controlled PUFs enable several applications including certified execution, where a certificate is produced that proves that a specific computation was carried out on a specific processor. Certified execution has many benefits, including protection against malicious volunteers/entities in grid computing, anonymous computing and other forms of distributed computation. An integrated circuit (IC) containing a controlled PUF can be authenticated using challenge-response pairs (CRP's). We describe protocols for CRP management that protect against a man-in-the-middle attack. We also describe protocols through which controlled PUF's can be used in the applications of smartcard identification and certified execution, and briefly discuss a software licensing application.

Keywords: physical unknown function, anonymous computation, physical one-way function, man-in-the-middle, smartcard, authentication

Read Paper Read Paper (in PDF)