Trustworthy computing (with software) cannot exist without trustworthy hardware to build it on. Even if an integrated circuit is produced using rigorous procedures in a “Trusted Foundry” and certified as “trustworthy,” technology must be developed to ensure against wholesale replacement of the component with a separately manufactured but subverted “look-alike” after the point of certification. Without detection of subversion by wholesale component substitution, today's information processing systems are vulnerable to sophisticated adversaries that can fabricate “look-alike” components that perform the same function as the intended component but which may contain additional subversion artifices that can be later triggered by an adversary to disrupt or compromise operation.
Using physical system protection schemes to prevent subversive attacks in deployed information processing hardware is technically difficult and expensive. An alternative to resisting subversive attack with physical system protection schemes is to employ robustly authenticated and protected hardware architectures to enable tracing of the origin of these components. Physically Unclonable Function (PUF) technology may be leveraged to detect and deter adversaries from attempting subversion by insertion of subversive functionality and by instantiation of counterfeit components (subversion via substitution). PUFs are derived from the inherently random, physical characteristics of the material, component, or system from which they are sourced, which makes the output of a PUF physically or computationally very difficult to predict. Silicon-based microelectronics appear to be a potentially rich source of PUFs because subtle variations in the production processes result in subtle variations in the physical and operational properties of the fabricated devices. Additionally, each device can have millions of exploitable transistors, circuits, and other active and passive components. Accordingly, PUFs extracted from microelectronics are of keen interest because of their potential applications to cyber security.
Trusted foundry processing of silicon-based microelectronics requires enormous investments to protect against subversion; however, this investment imparts trust only during the fabrication phase of a component's life cycle. Without the equivalent of rigorous two-person control of the component during the deployment phase of its life cycle, it can be difficult to demonstrate authenticity even for components from today's trusted foundries.
In high-assurance authentication systems, it is becoming common practice to combine multiple authentication “factors” to increase the work factor required of an adversary to spoof the authentication. In particular, smart cards are beginning to combine “something you have” with “something you know” (a personal identification number or “PIN”). These authentication devices sometimes also store a digitally signed copy of a “biometric” such as information about a person's characteristic fingerprint in order to facilitate using “something you are” (a biometric) as part of the authentication. These ancillary authentication data are checked in a serial fashion in today's systems. If the correct PIN is entered (something you know), then if the fingerprint is checked to be correct (something you are), then the smart card performs a cryptographic challenge based on “something you have” (a private key stored in the smart card device). However, the conventional authentication systems do not integrally combine “something you have” with “something you know” and/or “something you are” into a single cryptographic authentication challenge. Without this integral binding of “something you have” with “something you know” and/or “something you are” cryptographically into a single challenge, the authentication can be more easily spoofed by subversion (replacement of the device with a similar device that ignores the ancillary authentication data). The subverted device must only extract or deduce the single secret (private key) and complete a simple cryptographic challenge, thus mimicking the last stage of the smart card's authentication process.