1
1 Introduction
In today’s world of globalization in the electronics industry, the continuing search for the lowest
bidder often results in components that underperform, perform incorrectly or simply don’t perform at
all. In the consumer electronics market, this is usually only a minor annoyance as a legitimate supplier
will generally refund or replace the components in question. However, in a secure or other high-risk
situation, not only must the components perform reliably and correctly, but they must also only perform
the operations the original manufacturer specifies. Many companies manufacture components outside
of their supervision where defects or malicious functionality can be easily introduced. For example, it is
often cheaper for a company to design a component in the U.S. and have it manufactured in another
country with cheaper labor rates. To put this into perspective, the Pentagon produces in secure facilities
only about two percent of the components used in military systems [1]. Recently, in 2008, the F.B.I. and
the Pentagon discovered that a large amount of counterfeit networking components were being used by
U.S. military agencies [2]. While these components in particular were not constructed with malicious
intent, the possibility of a hostile entity hiding the relatively small amount of functionality needed to
compromise secure systems within the highly complex hardware used today is very real and dangerous.
To solve this problem, we need an inexpensive form of hardware authentication for both
components within secure systems and components that interface with those systems. This
authentication is beneficial for all parties involved with the secure application. For the designers of the
secure application, it ensures that they are using the correct components within their system and that
those components will withstand given tolerances and handle given situations. For the manufacturers
of the components, it ensures that the components being used in a system are produced following their
specifications and are not counterfeit or otherwise defective. For the users of the system, it ensures
that both the system and the user are legitimately engaging in use of the system and activities on that
system are done so over a defined set of rules and security levels. For example, the components of a life
support system must be of the highest quality so that those relying on the system are not put in danger.
At any given point during the life cycle of the system, we should know that every component is working
as specified.
To achieve these goals in a hardware-based environment, we call upon the services of PUFs or
Physically Unclonable Functions. The term PUF is used to describe a broad class of algorithms and
measuring protocols that produce uniquely random data thanks to miniscule differences in construction
brought about by the fact that we live in an analog world. We can use these PUFs as a sort of fingerprint
for hardware devices, a way to identify and differentiate them from the time they are born, that is when
评论0