1. Field of the Invention
This invention relates to a method and device for secure communication.
2. Description of the Related Art
(Note: This application references a number of different publications as indicated throughout the specification by one or more reference numbers within brackets, e.g., [x]. A list of these different publications ordered according to these reference numbers can be found below in the section entitled “References.” Each of these publications is incorporated by reference herein.)
The one-time-pad (OTP) is an often-cited example of a perfectly secure encryption standard for two-party communication. Any information contained in a binary message can be completely removed by performing an exclusive- or operation between the message and a unique random binary sequence of equal length. Decryption of this encoded message is impossible without access to the original random sequence (i.e., the symmetric key). Thus, if both parties can meet to establish a shared list of uniquely random sequences before any long-distance communication, the OTP proves unbreakable by passive attackers [1].
Since both parties must store a random key that is at least as long as the combined length of their shared messages, the OTP has often been viewed as somewhat impractical.
Continuing advances in solid-state memory storage (˜Tb/mm3) and efficient random number generation (10-100 Gb/s) [2], however, are beginning to offer increasingly practical options for OTP use in situations where security is paramount.
This security can only be guaranteed if the shared symmetric key is kept completely secret from any adversary. Several recent software-based attacks have revealed the inherent insecurity of storing keys digitally, even for jointly digital and physical-based devices [3,4]. These forms of attack can easily uncover, replicate, and distribute secret keys or their associated algorithms, often without the knowledge of their users.
A more secure alternative to the digital storage of OTP keys is to use a physical unclonable function (PUF) [5]. PUF's take the form of a disordered system that contains all desired randomness within its physical structure. This physical randomness can be probed with an input, or challenge, and it will output a response that depends on the microscopic three-dimensional distribution of disordered particles. Due to the large space of possible micro-scale interactions, an ideal PUF can produce a large number of mutually random responses from a large set of challenges that vary little.
PUF's have been investigated for authentication, identification, and key establishment, among other uses [7-9]. However, their use as a storage device for an OTP symmetric key has not been explored. One or more embodiments of the present invention propose both an optical setup (Section I) and a general encryption protocol (Section II) to use volumetric scattering PUF's for secure OTP communication. A main difference between the proposed optical PUF setup and previous setups is the introduction of digital control over the input optical field via an SLM inserted directly in the incident beam's optical path. Another design, not for communication and using a different optical arrangement, is included in a patent application by Ophey et al. [14]. Unlike the Ophey patent application [14], one or more embodiments of the current invention using digital control enables two or more devices to establish a list of secret key pairs for future communication, even though each device contains a scattering element with a mutually random microstructure. Given the ability for two communicating parties to meet beforehand, this OTP-PUF combination sets the bar very high for most forms of possible attack.