A Physical Uncloneable Function (PUF) is a structure used for creating a tamper-resistant environment in which parties may establish shared secrets and/or cryptographic material such as encryption keys. A PUF is a physical token to which an input—a challenge—is provided. When the challenge is provided to the PUF, it produces a random analog output referred to as a response. Because of its complexity and the physical laws it complies with, the token is considered to be ‘uncloneable’, i.e. unfeasible to physically replicate and/or computationally model. A PUF is sometimes also referred to as a Physical Random Function. A PUF can be substantially strengthened if it is combined with a control function. In practice, the PUF and an algorithm that is inseparable from the PUF are comprised within a tamper-resistant chip, a so-called controlled PUF (CPUF). The PUF can only be accessed via the algorithm and any attempt to by-pass or manipulate the algorithm will destroy the PUF. The algorithm, which is implemented in hardware, software or a combination thereof, governs the input and output of the PUF. For instance, frequent challenging of the PUF is prohibited, certain classes of challenges are prohibited, the physical output of the PUF is hidden, only cryptographically protected data is revealed, etc.
A PUF can be used as a generator of cryptographic key material in that bit strings may be derived from the output of the PUF. An example of such a PUF is a 3D optical medium containing light scattering elements at random positions. An input—i.e. a challenge—to the optical medium can e.g. be angle of incidence of a laser beam that illuminates the PUF, and an output—i.e. a response—is a speckle pattern created by the light scattering elements as a result of a particular angle of incidence. This response may be detected with a camera and quantized into a cryptographic key. Another way of creating a PUF that may be used as a source of cryptographic key material is to cover an integrated circuit (IC) with a coating in which dielectric particles are interspersed. These particles typically have different dielectric constants and more or less random shapes, dimensions and locations due to production processes. Sensor elements are arranged at a top metal layer of the IC to locally measure capacitance values at different coating positions. In this example, the coating itself constitutes a physical uncloneable function. As a result of the random nature of the dielectric particles, the measured capacitance values make excellent key material. The IC provided with a PUF in the form of a coating measures capacitances and converts the capacitance values into bit strings from which the cryptographic keys are derived. An important security requirement when converting the capacitance values into bit strings is that the bit strings are uniformly distributed. Hence, if m-bit key strings are derived by the IC, all possible m-bit strings should be equally probable. This way the derived cryptographic keys have full m-bit entropy and the best an attacker can do is to guess a correct key with a probability 2−m. 
In practice, the distribution of measured capacitance values for a large set of apparently identical coating PUFs will not be uniform. Typically, the measured values will correspond to a Gaussian (normal) distribution or a binomial distribution. The distribution of capacitance values, for a set of coating PUFs, measured at different positions of the respective coating PUF (i.e. interclass distribution) follows a distribution with a mean value μ and standard deviation Σ. Further, when a measurement at a particular position of a particular coating PUF is repeated multiple times, the measured capacitance values will differ as a result of measurement noise such as temperature variations, stray electromagnetic fields, etc, even though they theoretically should be identical. Hence, the distribution of capacitance values measured at a certain coating location i of a certain PUF j (i.e. intraclass distribution) follows a distribution with a mean μij and standard deviation σij.
A way of attaining uniformity among the derived cryptographic keys is to quantize the measured capacitance values into equiprobable intervals during an enrollment phase. Thus, the capacitance values are divided into quantization intervals in a manner such that the probability of each interval, i.e. the area constrained by a capacitance value probability density function and the two interval boundaries of each respective interval, is the same for each quantization interval. As a consequence, when a specific coating PUF is randomly selected and measured among a set of coating PUFs, each key has an equal probability of being derived after quantization. Further, the intraclass distribution, i.e. the distribution of capacitance values that is a result of repeated measurements at a certain coating location of a certain PUF, must be taken into account. This is achieved by considering the statistics of the intraclass distribution and using these statistics when defining the quantization intervals.
In order to define appropriate quantization levels when converting analog capacitance values into digital cryptographic keys, the distribution of capacitance values over a large set of coating PUFs must be known. In the production process of the coating PUFs, this is a problem. When a first batch of coating PUFs is produced, the quantization boundaries cannot immediately be programmed into the IC of the respective PUF, since statistics about the distribution of capacitance values for this batch must be obtained by measuring a large number of PUFs. After a sufficiently large number of PUFs have been produced and measured, an additional programming step is required for the IC associated with each coating PUF to store the appropriate quantization levels in a memory associated with the IC. This is a costly procedure in the production process.