Field of the Invention
The present embodiments herein generally relate to the field of authentication and more particularly, the embodiments herein generally relates to methods and systems for authenticating articles using Spatial-Light-Modulator signatures.
Discussion of the Related Art
Authentication has become an important requirement in today's globally interconnected technological environment. An example of the necessity of secure authentication is the common occurrence of counterfeit—or otherwise unauthorized—goods being manufactured, distributed, and sold in direct competition with authentic goods in the commercial manufacturing world. The semiconductor industry is particularly vulnerable to these types of attacks as the global supply chain provides numerous opportunity for tampering and/or counterfeiting. To combat these types of attacks it is desirable to have a secure method of authentication at each step in the supply chain. Secure authentication requires the use of tamper-indicating devices (i.e., seals or security seals) and integrated systems designed to provide information of unauthorized entry or access into protected areas. In addition to the semiconductor industry, secure authentication has a myriad of other applications ranging from, but not limited to, hazardous waste accountability, security records management, inventory and cargo security, theft prevention and detection, international treaty monitoring, customs, and tamper-evident packaging of consumer products.
While many of the secure authentication's applications are modern, various forms of tamper-indicating devices have been used for hundreds of years with mixed degrees of success (i.e. the ability to indicate unauthorized access). Detailed background information on tamper-indicating devices (e.g., seals) is described in, “Tamper-Indicating Seals,” by Roger G. Johnston, Am. Sci. 94 (6), 515-523 (2006). Generally, seals fall into two major categories: passive and active. Passive seals, such as, but not limited to, tamper-evident containers and enclosures, fiber optic bundles that show changes in light transmission when cut, and other devices or components that that show evidence of being opened or showing irreversible damage or changes, work without a power source and are usually inexpensive one time use devices. Active seals, by contrast, are typically powered by electricity, either internally or externally, and are often reusable. Additionally, active seals typically can be interfaced either wirelessly or wired to a host system or network providing real time monitoring of the seals state.
At this point it is important to note that the seal itself, either active or passive, does not generally provide resistance to tampering but only records information that it has occurred. The requirement of traditional seals to store evidence of tampering in a non-erasable manner is one of the fundamental difficulties of secure authentication. One solution to this problem is to use ‘anti-evidence’ based seals, in which the seals store information that tampering has not occurred. If the seal is tampered with the information is destroyed and its absence indicates tampering.
While anti-evidence seals address the need to store evidence of tampering, they have a vulnerability to counterfeiting, in which an attacker can produce a duplicate seal containing the ‘anti-evidence’ and merely replace the seal after attacking the original seal. The best defense to counterfeiting attacks is the usage of physically unclonable functions (PUFs). PUFs are physical features embodied in a physical structure that are unfeasibly difficult to reproduce. Some examples of PUFs are: scattering composites, material surface and volume defects, Static RAM (SRAM) devices, and field programmable gate arrays (FPGAs). PUFs typically are interrogated using a challenge/response approach via either electronic or optical means, with optically based systems being called optical PUFs (O-PUFs).
A specific example of an optical PUF implementation is based on measuring the transmissive speckle patterns of scattering tokens added to devices such as credit cards. The 2D speckle pattern is then filtered using a multiscale Gabor transform, resulting in a 1D key. Such a Gabor transform has the following properties: it converts an input of arbitrary length into a fixed-length output; changing one input bit changes about half of the output bits; it is not possible to find an input for a given output; and it is almost impossible for two inputs to have the same output. This key is first measured after the token is manufactured or activated. In a challenge/response approach, whenever the token is used, the speckle pattern is re-measured and the 1D key produced and compared with the original key in the database. Because of the random nature of the token (scattering medium), it is impossible to counterfeit it.
A different O-PUF approach in use is Laser Surface Authentication (LSA), reported by Cowburn in 2008, and commercially pursued by INGENIA Technologies. In this approach, a laser is focused onto an extrinsic scattering marker or intrinsic scattering surface and several detectors at fixed locations measure the intensity of the scattered light. The intensity distribution is then stored in a database for future authentication requests. Assuming the scattering is due to a random distribution of scattering particles in an extrinsic marker, or a random distribution of intrinsic surface defects, the intensity distribution will be unique to the specific surface.
The last specific example of an O-PUF implementation is Laser Speckle Photography (LSP), which has been developed to detect surface tampering. In this approach, a scattering surface is illuminated by a laser projector and a camera records the resultant speckle pattern. The speckle pattern of the pristine surface can then be used to make comparisons to speckle patterns recorded at later times. A change in the speckle pattern compared to the pristine response implies that the surface has been tampered with.
In the specific examples considered above a surface is interrogated by a fixed optical signal. A different, more robust, approach to implementing O-PUFs is to use optical modulation (such as a spatial light modulator or digital-mirror-device) to control the optical response of a surface. In these approaches the modulation pattern becomes part of the challenge/response system adding another layer of complexity, which helps with making the PUF truly unclonable.
Table I below provides an overview of several implementations of optical PUFs. Depending on the specific configuration, a Spatial Light Modulator (SLM) may or may not be required. In all cases, a laser is used for illumination to provide coherent light. CCD arrays are used to measure the responses. There are usually strict alignment requirements, often requiring markers, to ensure that challenges are measured at the same location as the original measurement.
TABLE IExamples of various O-PUFs.Time formeasuring opticalMethodObjectSLMsignature1Scattering tokenScattering particles inNFastepoxy2Linear luminescent Luminescent particle inYSlowtokenepoxy3Non-Linear 2-Photon Luminescent particle inYSlowtokenepoxy4Scattering tokenScattering particles inYFastepoxy5Laser surface Intrinsic surfaceNFastauthentication (LSA)6Laser speckle Intrinsic surfaceNFastphotography (LSP)
In addition to the basic challenge-response mechanism of the above listed O-PUFs other techniques have been developed to help enhance their reliability and security. For instance, in 2005, Skoric et al. described the use of polarizing elements to reduce effects from surface scratches or dirt, an application of a Gabor transform to extract bit strings from speckle patterns, and error correcting codes to help reduce false positives. As another example, in 2013, Goorden et al. made major improvements in the security of O-PUFs using quantum secure authentication (QSA). QSA uses low photon numbers and entangled photons to protect against “man-in-the-middle” attacks, as such attacks would change the quantum states of the photons, indicating an attack.
All of the above mentioned techniques are designed to try and address the modern requirements of secure authentication. A successful secure authentication technique needs to unambiguously indicate that tampering and/or counterfeiting has occurred, be resistant to false positives, and be of a degree of complexity making counterfeiting unfeasibly difficult. The novel embodiments of the present invention is directed to such a need.