A physical unclonable function (PUF) establishes a data string, such as the initial data string, which depends upon partially random physical characteristics of the physically unclonable function. The physical characteristics are caused by variations during the manufacturing of the PUF. A PUF is relatively easy to make as process variations are unavoidable, but reproducing the natural variations, and thus duplicating the PUF is very hard, if not impossible. A PUF thus provides intrinsic protection against cloning.
On the other hand the contents of a PUF cannot be predetermined, and PUF responses are somewhat noisy.
Physical unclonable functions have proven to be advantageous alternatives for many forms of secure identification, including the storing of keys, identifiers and the like in secure memories.
The data string may depend on a stable state in which a configuration of components of the PUF settles upon the component's power-up. The particular stable state into which the configuration settles dependent at least in part upon at least partially random physical characteristics of the particular components. An example of a PUF is a volatile memory which shows a power-up contents which depends on the partially random physical characteristics of the memory. Manufacturing variations lead to different physical characteristics for different memories.
This property of PUFs makes them suitable for a range of applications. For example, PUFs may be used to combat counterfeiting. As a further example, PUFs are used to create cryptographic keys. Using a PUF the need for secure memory to store a key is circumvented. A PUF furthermore provides natural protection against unauthorized attempts to obtain the cryptographic key through physical reverse engineering (also known as tampering), since damage inflicted on the PUF during the attempt would change the initial data string beyond repair.
PUFs have been advantageously applied in electronic devices. Even tiny manufacturing variations which are unavoidable during manufacture of an IC lead to different properties of the IC. These different properties are normally suppressed, in an effort to obtain a batch of ICs that operate in the same manner. However, to create a PUF the differences among individual ICs in a batch of ICs are exploited.
Since the behavior of a PUF depends on small variations, a certain error percentage is unavoidable. An error correction procedure can be used to correct for these fluctuations, and make sure that the reliable data string is identical, each time it is derived from the PUF. Using so-called helper data the initial data string is mapped to one or more error correctable data words. An error correctable data word is a data word which is close to a code word of an error correcting code. An error correctable data word may be seen as the sum of a code word and an error word. By applying an error correcting algorithm corresponding to the error correcting code, the error correctable data words are decoded into corrected and decoded data words. Possibly the code words close to the error correctable data words are computed as an intermediate step.