Image detection in general is widely used to identify objects, people, and biometric prints. Examples of authentication based on image detection are numerous. As shown in FIG. 1, in a pure image detection based authentication scheme (such as in facial recognition techniques), a captured image of interest is compared with a reference image that is stored in a database. Many processing algorithms exist for determining a match between the captured image and the stored image, all of which involve comparison of the values of all or a subset of the pixels in the two images. As a result, large image files are often exchanged over communication lines between the image capture device and other authentication components. In particular, high-resolution images may include many mega-bits of data, which may cause large transmission delays in bandwidth-limited communication channels. Clever techniques have been developed to reduce the size of the files for the purpose of trusted authentications, such as minutia for finger print; nevertheless, transferring image data files through secure and non-secure communication lines has limited applicability.
Basic image capture authentication is also susceptible to common computer system intrusion (i.e., “hacking”) techniques. FIG. 2 illustrates such a concern for a generic system of a merchant authenticating a client. In this example, the authentication module detects the image of an object brought by a client, such as an “unclonable” (described further below) hologram located on a credit card. The image is captured and encrypted. To perform the authentication, the digital image of the object has to be transmitted through the non-secure communication line to a secure server that compares the captured image to the image stored in the database. During this transaction, a malicious party, called “Black Hat,” can use a separate image detector to detect the image of the object, and can intercept the encrypted image transmitted from the authentication module to the secure server. Using such “man in the middle” hacking techniques, side channel attacks, or other hacking techniques, the Black Hat can compromise the encryption and perform fraudulent transactions with stolen authentication information.
Unclonability is the property of a physical object or element, or of a digital image or function, to be non-reproducible. This is ensured if the images, or physical elements, are extremely complex and random such that making a copy is impossible. Unclonable images can be produced with natural elements, i.e. DNA, and the use of nanomaterials that are based on extremely small and random elements. A physically unclonable function (PUF), as used herein, is a physical device or function whose output depends upon the device's physical characteristics. The physical characteristics, such as critical dimensions, doping levels of semiconducting layers, particle orientations, and threshold voltages, make the device unique and difficult to duplicate. A PUF may therefore be utilized as a hardware implementation of a one-way function.
PUFs are strengthening the level of security of emerging data security methods. In such systems, PUFs operate as a set of cryptographic primitives useful in authentication procedures. The underlying mechanism of PUF authentication is the creation of a large number of challenge (i.e. input) and response (i.e. output) pairs (called CRPs) that are unique to each PUF device. Once deployed during an authentication cycle, the PUFs are queried with challenges. Authentication is granted when the rate of matching responses is statistically higher than a threshold validation parameter. The present systems and methods implement an authentication architecture that combines the security advantages of image-capturing a physically possessed unclonable token with the security advantages of PUFs to produce PUF images and a PUF image authentication process that overcomes the drawbacks of previous systems described above.