Fact-checked by Grok 2 weeks ago

Physical unclonable function

A physical unclonable function (PUF) is a primitive embodied in a physical system that maps a given input, known as a challenge, to a specific output, called a response, in a way that is easy to evaluate using the device but computationally infeasible to predict or replicate without it, due to inherent random variations. These variations arise from unavoidable imperfections in fabrication processes, such as wafer doping inconsistencies or delay differences, ensuring that each PUF instance produces unique challenge-response pairs (CRPs) that serve as device-specific fingerprints. PUFs are designed to be unclonable, meaning even the manufacturer cannot produce identical copies with high fidelity, providing a tamper-evident alternative to traditional cryptographic keys stored in . The concept of PUFs was first formalized in 2002 by Pappu et al. for optical implementations and concurrently by Gassend et al. for silicon-based systems, building on earlier ideas of physical one-way functions to address limitations in software-based , such as vulnerability to key extraction attacks. Key properties of PUFs include (distinct responses across devices), (consistent responses under stable conditions for the same device), (unpredictable responses), and unclonability (resistance to duplication), though real-world PUFs often require error-correction mechanisms like fuzzy extractors to mitigate noise from environmental factors such as or aging. These properties make PUFs particularly valuable in resource-constrained environments, where they enable hardware-rooted without relying on that could be compromised. PUFs are classified into weak and strong variants, with weak PUFs offering limited CRPs for and strong PUFs supporting exponentially many CRPs for protocols. Common types include the PUF, which exploits startup state variations in cells; the (RO) PUF, based on differences in oscillating circuits; the arbiter PUF, utilizing path delay asymmetries in multiplexed s; and optical PUFs, which rely on light scattering in particle-embedded materials. Applications span (IoT) device , secure key derivation for , intellectual property protection in integrated circuits, and anti-counterfeiting in supply chains, with growing adoption in amid over 20 billion connected devices as of 2025. Despite their promise, challenges persist, including susceptibility to modeling attacks that infer responses from observed CRPs and the need for robust protocols to counter side-channel vulnerabilities.

Fundamentals

Concept and Principles

A physical unclonable function (PUF) is a hardware-based that maps a set of to corresponding responses by exploiting inherent in the physical structure of a device, producing unique and unclonable outputs for each instance. This randomness arises from uncontrollable manufacturing variations at the nanoscale, such as doping fluctuations, oxide thickness inconsistencies, or interconnect irregularities during fabrication, which serve as sources to ensure that no two devices generate identical responses to the same . The core idea is that these physical disorders create a complex, device-specific "fingerprint" that is easy to evaluate but computationally infeasible to replicate or predict without physical access to the exact instance. The fundamental mechanism of a PUF operates through challenge-response pairs (CRPs), where a challenge C is an input stimulus—such as an electrical signal, voltage configuration, or optical pattern—that elicits a measurable response R from the physical system. These CRPs capture the device's unique behavior: for a given PUF instance, the same challenge always yields the same response (reproducibility), while responses across different devices are statistically random and unpredictable (randomness). Mathematically, a PUF can be modeled as a function R = f(C, P), where C is the challenge, P represents the unique physical instance of the device (embodying its random variations), and f is the evaluating function derived from the hardware's physical properties. This model highlights the instance-dependent nature of the output, ensuring that even identical designs produce distinct functions due to fabrication imperfections. Unclonability stems from that exact replication of a PUF is practically infeasible, as it would require reproducing the , nanoscale physical disorder with perfect fidelity—a task beyond current precision, akin to an informal of physical where small variations amplify into irreproducible outcomes. Ideal PUFs exhibit high in their responses, with inter-device variability approaching 50% (random bit flip probability), while maintaining low intra-device error rates for reliability. In cryptographic applications, PUFs enable device authentication and secret without non-volatile storage of sensitive data; instead, keys are derived on-the-fly from CRPs, providing a tamper-resistant alternative to traditional methods like EEPROM-stored secrets. This approach leverages the PUF's inherent uniqueness for tasks such as secure fingerprinting, where a verifier can authenticate a device by querying known CRPs and verifying the responses.

Historical Development

The concept of physical unclonable functions (PUFs) traces its origins to 2001, when Ravikanth Pappu and colleagues at introduced "physical one-way functions" (POWFs) in his thesis, leveraging optical scattering patterns from transparent resin tokens containing embedded silica particles for anti-counterfeiting applications. These structures were designed to produce unique, unpredictable responses to challenges, exploiting random physical variations that are computationally infeasible to clone or replicate exactly. The work laid the groundwork for hardware-based security primitives by demonstrating how physical disorder could serve as a tamper-evident identifier, initially focused on optical implementations for security. In 2002, the focus shifted from optical to silicon-based PUFs with the seminal paper by Blaise Gassend, Srinivas Devadas, and collaborators at , who coined the term "physical unclonable function" and proposed the first realizations using delays to generate challenge-response pairs from manufacturing variations. This innovation enabled PUFs to be embedded directly in standard processes without additional fabrication steps, distinguishing strong PUFs capable of supporting numerous challenge-response pairs from weaker variants with limited inputs. Early developments in the mid-2000s built on this by exploring delay-based architectures, such as arbiter PUFs, which amplified path mismatches in circuit wires for in resource-constrained devices. By 2007, Guajardo et al. extended the paradigm to weak PUFs by proposing -based implementations, utilizing the random power-up states of SRAM cells in FPGAs as intrinsic fingerprints for IP protection and key generation. The 2010s marked the maturation of PUF technology, with widespread adoption in (IoT) security for low-overhead device authentication and key derivation, driven by the need for silicon-rooted trust in distributed systems. Commercial prototypes emerged prominently through Intrinsic ID, a spin-off from Research, which licensed PUF technology and released its first integrated solutions around to generate stable cryptographic roots from noisy startup values without dedicated hardware. Concurrent research addressed reliability challenges, revealing typical intra-device bit error rates of 1-5% due to environmental factors like temperature and voltage, prompting advancements in error correction via fuzzy extractors and BCH codes to achieve near-100% key stability. Standardization efforts gained momentum in the late to establish consistent evaluation metrics for PUF quality, including uniqueness, reliability, and randomness, with the initiating work on ISO/IEC 20897 in 2019, which was published in 2020 as the core model for PUF-based security techniques. Part 2 of the standard, specifying test and evaluation methods, followed in 2022. Around 2020, initial explorations integrated PUFs into quantum-resistant cryptographic protocols, leveraging their hardware entropy to bolster against future quantum threats in hybrid schemes combining symmetric keys with post-quantum algorithms. Subsequent developments from 2021 to 2025 have advanced quantum physical unclonable functions (QPUFs) and their applications in secure .

Classification

Strong versus Weak PUFs

Weak physical unclonable functions (PUFs) are defined by their support for a limited number of challenge-response pairs (CRPs), typically fewer than $2^{20}, where responses are inherently difficult to access externally without invasive physical intervention. This restricted CRP space minimizes the potential , making weak PUFs particularly suitable for applications like cryptographic , where stability and secrecy are paramount. Strong PUFs, on the other hand, exhibit an exponentially large CRP space, often exceeding $2^{64} pairs, with interfaces designed for public accessibility to enable querying of diverse . This vast entropy supports advanced security protocols, such as device authentication, by allowing through the submission of a challenge and comparison of the resulting response against a stored reference. In comparison, weak PUFs tend to demonstrate higher reliability and lower noise in responses due to their simpler architectures, but they remain vulnerable to physical attacks—such as invasive readout—if an adversary gains direct hardware access to extract the limited CRPs. Strong PUFs, while offering greater diversity and unpredictability for handling numerous unique challenges, face risks from modeling attacks, in which attackers collect a subset of CRPs to construct mathematical models that predict responses to unseen challenges. Evaluation of both categories often relies on metrics like CRP density, defined as the number of unique CRPs per unit area, which is generally higher in strong PUFs owing to their exponential scaling with hardware size; and uniqueness, quantified by the average inter-device between responses to the same challenge across multiple devices, ideally approaching 50% to mimic ideal random bit strings. Weak PUFs find typical use in internal key storage for secure elements, leveraging their obfuscated responses for device-specific secrets, whereas strong PUFs enable public-key-analogous operations, such as challenge-response in distributed systems like the .

Implicit versus Explicit PUFs

Physical unclonable functions (PUFs) are classified as implicit or explicit based on the source of used to generate challenge-response pairs (CRPs). Explicit PUFs derive responses from deliberately engineered physical structures designed to amplify variations, such as etched patterns, conductive loops, or dispersed particles in a medium that create unique or effects. In contrast, implicit PUFs generate responses from inherent in existing device behaviors, such as path delay differences in logic gates or power-up states in cells, without requiring additional structures. Examples of explicit PUFs include coating PUFs, where responses arise from variations in a particle-filled layer, and plasmonic PUFs using distributions to modulate responses. Implicit PUFs, on the other hand, encompass designs like ring oscillator PUFs, which measure frequency differences due to threshold variations, or PUFs that exploit metastable startup values from cross-coupled inverters. The distinction leads to key trade-offs in design and performance. Explicit PUFs provide greater control over , enabling higher per unit area through optimized structures, but they increase fabrication area, cost, and complexity due to the need for specialized processing steps. Implicit PUFs are cost-effective and area-efficient, leveraging existing circuitry for "free" , yet they often exhibit higher noise sensitivity and lower tunability, resulting in reduced extraction efficiency. Evaluation of these PUFs focuses on entropy extraction efficiency, which measures usable unique bits per response, and reliability metrics such as (BER) under environmental variations like or voltage fluctuations. For instance, implicit PUFs may achieve BERs around 1-5% in stable conditions but degrade more under due to their reliance on subtle process variations, while explicit PUFs can maintain lower BERs (e.g., <1%) through amplified features, though at the expense of evaluation overhead. Historically, early optical PUFs, introduced by Pappu et al. in 2002, exemplify explicit designs by using laser challenges on translucent tokens embedded with light-scattering particles to produce unique speckle patterns as responses.

Intrinsic versus Extrinsic PUFs

Physical unclonable functions (PUFs) are classified as intrinsic or extrinsic based on their integration within the device manufacturing lifecycle and the source of their uniqueness. Intrinsic PUFs exploit the random manufacturing variations inherent to standard integrated circuit (IC) fabrication processes, such as fluctuations in transistor threshold voltages or interconnect delays, without necessitating any alterations to the circuit design or extra processing steps. This approach embeds the PUF functionality directly into existing hardware components, enabling seamless incorporation during normal production. Extrinsic PUFs, on the other hand, require intentional modifications or supplementary fabrication procedures to generate their unique physical characteristics, such as laser etching patterns on silicon surfaces or the deposition of specialized coatings and external tokens. These added steps create deliberate disorder that forms the basis of the PUF's response, often allowing for external verification mechanisms. A key advantage of intrinsic PUFs is their negligible overhead in area, power consumption, and production yield, as they repurpose existing process variations, promoting high scalability and compatibility with system-on-chip (SoC) integration for broad deployment in embedded systems. However, this reliance on uncontrolled variations can result in lower predictability and quality control, potentially leading to higher error rates that demand robust post-processing. In contrast, extrinsic PUFs provide enhanced control over uniqueness and entropy through engineered features, yielding more reliable responses for applications like modular security tokens, but at the expense of increased manufacturing complexity, cost, and potential yield reductions due to the additional steps. Evaluation of both categories typically involves metrics assessing overhead and performance, such as area utilization (intrinsic PUFs often add less than 1% to chip area), power draw (minimal for intrinsic due to no extra circuitry), and yield impact (negligible for intrinsic versus measurable reductions for extrinsic). Uniqueness and randomness are quantified using NIST statistical test suites, where responses from intrinsic PUFs demonstrate high min-entropy (e.g., approaching 1 bit per cell in mature processes) to confirm suitability for key generation, while extrinsic designs may excel in inter-device hamming distance (>45% typical) but require careful calibration to mitigate environmental sensitivities. Intrinsic PUFs are particularly well-suited for environments, whereas extrinsic variants facilitate modular solutions, such as attachable devices.

Types

Electrical and Magnetic PUFs

Electrical and magnetic physical unclonable functions (PUFs) leverage inherent manufacturing variations in electrical and magnetic properties of integrated circuits to produce unique, device-specific responses to challenges. These PUFs are particularly suited for silicon-based implementations due to their compatibility with processes, enabling seamless integration into standard chip fabrication without requiring specialized materials or post-processing steps. Common variants include those based on memory cells, delay elements, and magnetic tunnel junctions, each exploiting distinct physical phenomena for response generation. The (SRAM) PUF is one of the earliest and most widely adopted electrical PUFs, relying on the random initial values that SRAM cells assume upon power-up. These values arise from process-induced variations in threshold voltages, which cause slight mismatches in the cross-coupled inverters within each cell, leading to a stable but unpredictable state (either '0' or '1'). As a weak PUF, the SRAM design typically accesses a fixed array of cells—often the entire on-chip SRAM—to generate a limited set of challenge-response pairs (CRPs), usually on the order of thousands, making it suitable for rather than exhaustive protocols. It exhibits high reliability, with bit error rates below 1% under nominal conditions, achieving stability around 99% across temperature and voltage variations, though environmental factors can introduce requiring selective bit stabilization. Ring oscillator (RO) PUFs represent a delay-based electrical PUF that measures frequency differences among multiple identical ring oscillators formed by inverting delay stages. Manufacturing variations in gate lengths, doping, and interconnects cause each oscillator to operate at slightly different frequencies; challenges select pairs of oscillators via multiplexers (MUXes), and the response bit is determined by comparing their cycle counts over a fixed period using a comparator. Classified as a strong PUF due to its potential for generating up to 2^n CRPs from n stages, the RO PUF is highly configurable and scalable, with implementations supporting millions of bits. However, it suffers from bit error rates (BER) typically ranging from 1% to 5%, influenced by noise from supply voltage fluctuations and temperature changes, often necessitating error correction techniques like BCH codes to achieve reliable key extraction. The arbiter PUF is another prominent delay-based electrical variant, employing parallel paths of switchable delay elements (e.g., two-wire pairs routed through multiplexers) to quantify path-length differences caused by process variations. A challenge bit string determines the routing configuration for each stage, routing signals through upper or lower paths; the signals arrive at a final arbiter (e.g., a D-flip-flop or ), and the response bit is the sign of the total delay difference: \text{sign}(\Delta t_1 - \Delta t_2), where \Delta t_1 and \Delta t_2 are the cumulative delays of the two paths. As a strong PUF, it supports a large CRP space but is vulnerable to modeling attacks, where algorithms can predict responses from a subset of observed CRPs by approximating the linear delay model. Like the RO PUF, its BER (around 1-3%) requires error mitigation for practical deployment. Magnetic PUFs exploit random variations in magnetic domains or tunneling resistances within elements, offering persistence without power consumption. In magnetoresistive (MRAM)-based designs, such as spin-transfer torque (STT)-MRAM, the PUF response derives from differences in magnetic tunnel junction (MTJ) resistances or switching times, influenced by nanoscale variations in barriers and ferromagnetic layers during fabrication. These PUFs are emerging for applications requiring non-volatility, with responses generated by reading states under applied currents or fields; reliability exceeds 95% in controlled settings, though to magnetic interference demands shielding. Electrical PUFs dominate implementations owing to their native integration with processes, enabling low-cost, high-volume production in standard logic chips, whereas magnetic PUFs, particularly MRAM variants, excel in tamper-resistant scenarios due to their non-destructive readout and resilience to physical probing. Both categories benefit from error correction to handle noise in RO and arbiter designs, and while arbiter PUFs face risks from electromagnetic side-channels, their overall utility in secure derivation remains significant.

Optical PUFs

Optical PUFs exploit the unique light-scattering properties of disordered materials to generate unclonable responses, serving as a foundational type of physical unclonable function first proposed in 2002. The basic mechanism involves illuminating a diffusive medium, such as a transparent disk embedded with randomly distributed microscopic refractive particles like spheres, with a coherent beam. This causes multiple within the 3D volume of the material, producing a distinctive speckle of interference fringes that is captured as the PUF response, often via a CCD camera or photodiodes. The randomness arises from the fixed positions of scatterers, which are determined during fabrication by processes akin to frozen , ensuring each device yields a non-reproducible even under identical challenges. Optical PUFs are classified into non-coherent and coherent variants, with the former typically using token-based setups where photodiodes detect intensity at fixed points without full imaging, and the latter employing holographic or full-speckle capture for richer responses. These designs enable exceptionally high challenge-response pair (CRP) counts, potentially exceeding 2^{1000} due to the vast in 3D volume scattering, far surpassing many electronic PUFs in . As extrinsic strong PUFs, they require a separate physical and support numerous independent CRPs, making them suitable for robust . Key advantages include tamper-evidence, as any physical alteration disrupts the delicate scattering structure and alters the speckle pattern irreversibly, and high derived from the unpredictable particle distributions. In stable environmental conditions, such as controlled and , bit rates (BER) remain below 1%, ensuring reliable response reproduction without extensive correction. The mathematical foundation lies in the speckle field's intensity correlations, where the observed pattern I(\mathbf{r}) at position \mathbf{r} results from the coherent superposition of scattered waves, governed by: I(\mathbf{r}) = \left| \sum_j a_j e^{i \phi_j(\mathbf{r})} \right|^2 with a_j and \phi_j denoting the amplitude and phase from each scatterer j. Uniqueness stems from the 3D Fourier transform of the scatterer density function \rho(\mathbf{x}), where the far-field speckle approximates the magnitude squared of this transform, |\mathcal{F}\{\rho(\mathbf{x})\}|^2, rendering inversion computationally infeasible due to phase retrieval ambiguities in disordered media. Primarily applied in anti-counterfeiting labels and secure tags, optical PUFs provide non-electronic, photonic solutions for product , leveraging their historical precedence as the inaugural PUF .

Emerging Types

Recent advancements in physical unclonable functions (PUFs) have introduced innovative variants that address scalability, integration, and challenges in emerging paradigms, particularly since 2023. These developments leverage novel materials and architectures to enhance generation, reduce hardware overhead, and ensure compatibility with post-quantum threats, building on foundational optical and electrical principles while mitigating vulnerabilities in traditional setups. Nanoseed-based PUFs, introduced in 2025, utilize self-assembled structures to generate optical and electrical for on-demand cryptographic key production. These PUFs overcome limitations in conventional designs, such as fixed response generation and issues, by enabling dynamic through nanoseed-induced variations that achieve near-ideal uniqueness and metrics in tests. The approach integrates assemblies into compact devices, facilitating high-entropy responses without extensive post-processing. Virtual PUFs, developed between 2024 and 2025, emulate physical PUF behavior through software models derived from hardware , such as encoder-decoder neural networks trained via split learning. This enables secure remote for devices without exposing physical hardware to attacks, as the virtual model reconstructs challenge-response pairs (CRPs) on demand while preserving the uniqueness of the originating physical . The reduces deployment costs by distributing computation between client and , enhancing in distributed systems. 3D-integrated PUFs, emerging in 2024, stack random number generators (RNGs) and PUF elements in vertical architectures to create compact security chips suitable for resource-constrained IoT applications. These designs minimize area overhead by embedding PUFs within 3D NAND or similar vertical structures, generating stable CRPs alongside true random bits for key derivation with low power consumption. The integration enhances tamper resistance and supports scalable manufacturing for edge devices. Post-quantum intrinsic PUFs, advanced since 2023, incorporate lattice-based cryptographic variations to produce quantum-resistant CRPs, countering side-channel and quantum attacks on traditional PUF-derived keys. By entangling PUF responses with lattice problems like the short integer solution (SIS), these PUFs generate authentication protocols that maintain security against Grover's and Shor's algorithms, with implementations achieving lightweight overhead for constrained environments. This hybrid approach ensures long-term robustness in cryptographic primitives. In-memory computing PUFs, proposed in 2025, embed PUF functionality directly into resistive RAM (ReRAM) arrays to enable simultaneous and computation, protecting model weights, inputs, and architectures from extraction attacks. Frameworks like use memristive variability for in-situ and , allowing secure with minimal latency penalties while safeguarding data throughout processing. This integration supports efficient, hardware-accelerated in deployments.

Technical Aspects

Error Correction Techniques

Physical unclonable functions (PUFs) exhibit noise in their responses due to environmental factors such as and supply voltage fluctuations, as well as temporal variations like aging and uncertainties, leading to bit error rates (BER) typically ranging from 1% to 15% in raw outputs. To mitigate this instability and enable reliable , fuzzy extractors are employed, which process noisy PUF responses to produce uniform cryptographic keys while ensuring reproducibility from sufficiently similar inputs; these mechanisms integrate information reconciliation via error-correcting codes () and privacy amplification through strong extractors. Common ECCs in fuzzy extractors for PUFs include BCH codes and Reed-Solomon codes, which correct errors by storing helper data that reveals partial information about the original response without compromising secrecy. The protocol operates in two phases: during enrollment, a stable PUF response R is generated, encoded with an ECC to compute a syndrome (helper data), and the key is derived via hashing; in reconstruction, a noisy response R' is obtained, and decoding using the syndrome recovers R (or an approximation), from which the key is regenerated as key = hash(decode(R', syndrome)). Advanced techniques enhance efficiency and robustness; for instance, soft-decision decoding leverages reliability estimates from () PUFs to improve error correction beyond hard-decision methods, while cryptographic hashing (e.g., SHA-256) ensures output uniformity during privacy amplification. These approaches incur overhead, with loss due to helper and correction requirements, though optimized bounds and concatenated codes can minimize this for higher key lengths. Post-correction metrics demonstrate effectiveness, achieving failure rates below 1 part per million () across wide temperature (-55°C to 125°C) and voltage (1.0V ±10%) ranges, while maintaining exceeding 128 bits for strength.

Vulnerabilities and Security Analysis

Physical unclonable functions (PUFs) are susceptible to modeling attacks, where an adversary queries the PUF with challenges to obtain challenge-response pairs (CRPs) and constructs a to predict responses for unseen challenges. In such attacks, the adversary treats the PUF as a black-box and uses techniques to approximate its behavior. For instance, the Arbiter PUF, a common electrical PUF design, can be effectively modeled using , achieving over 99% prediction accuracy with approximately 18,000 CRPs for a 64-stage . These attacks exploit the linear delay differences in Arbiter PUFs, allowing the model to interpolate responses with high fidelity after sufficient training data. Machine learning attacks extend modeling threats by employing advanced algorithms like covariance matrix adaptation evolution strategy (CMA-ES) or neural networks, providing provable bounds on the number of CRPs needed to break strong PUFs. These methods are particularly effective against complex variants, such as XOR Arbiter PUFs, by optimizing non-linear mappings. Recent analyses demonstrate the vulnerability of strong PUFs to such attacks, highlighting the need for designs with robust obfuscation. Such attacks underscore the need for evaluating PUFs under worst-case CRP budgets, as prediction errors drop below 5% once the model converges. Side-channel attacks target implementation-specific leakages, such as consumption or electromagnetic emissions, to extract PUF responses without direct CRP access. For transient effect (TERO) PUFs, electromagnetic analysis () on traces enables recovery of up to 25% of response bits with error rates under 18%. techniques, including pulsed , further disrupt RO PUF operations, altering response stability to reveal underlying sources or force erroneous outputs that aid model reconstruction. These non-invasive methods are practical on FPGA implementations, emphasizing hardware-level protections like shielding. Additional vulnerabilities arise from helper data in fuzzy extractor protocols, which can leak information about the PUF's internal state despite being designed for secure . Public helper data enables adversaries to reconstruct partial PUF models, reducing and facilitating attacks by correlating noisy responses. Extrinsic PUFs, which depend on external sensors for , are particularly prone to physical tampering, where attackers replace or manipulate sensors to spoof responses without altering the core PUF. Noise from manufacturing variations, while requiring correction for reliability, can also amplify these risks in susceptible designs like optical PUFs, potentially enabling via precise replication. As of 2025, ongoing research shows continued evolution in threats, including neural network-based modeling and fault-injection attacks that further challenge PUF security. Countermeasures against these threats include CRP techniques, such as non-linear transformations of challenges before PUF evaluation, which increase the effective CRP space and degrade modeling accuracy. Protocol designs incorporating XOR arbiter structures enhance resistance by combining multiple PUF instances, requiring substantially more CRPs for successful attacks. is quantified via metrics like prediction error rate, targeting values above 50% to ensure unclonability, alongside hybrid approaches that limit access during .

Applications and Deployment

Security Use Cases

Physical unclonable functions (PUFs) enable secure device in () environments through challenge-response pair (CRP) protocols, which verify device identity without storing sensitive secrets on the device itself. In these protocols, a verifier sends a to the PUF, which generates a unique response based on the device's inherent physical variations, allowing while minimizing vulnerability to secret extraction attacks. For resource-constrained devices, protocols like HB+ have been adapted to leverage PUFs, such as in the PUF-HB scheme, which provides tamper-resilient by combining the lightweight HB+ mechanism with PUF responses to resist side-channel and modeling attacks. This approach supports in pairwise settings, ensuring efficient verification for distributed networks. PUFs also facilitate secure key generation and storage, serving as a root of trust for protocols like (TLS) and secure boot processes. By deriving cryptographic keys from PUF responses, devices can eliminate the need for non-volatile memory such as , which is susceptible to physical attacks like probing or . Fuzzy extractors post-process noisy PUF outputs to produce stable keys, enabling reproducible for TLS handshakes or firmware integrity checks during secure boot, where the PUF acts as an immutable hardware anchor to verify boot components. This replacement enhances resilience against key compromise in embedded systems. In anti-counterfeiting applications, optical PUFs provide robust identification for supply chain tracking, exploiting random scattering patterns in materials illuminated by lasers to generate unique, unclonable signatures. These signatures can be embedded in RFID tags using weak PUFs, allowing low-cost verification of product authenticity without additional hardware overhead. For instance, optical PUFs based on speckle interference patterns enable non-contact authentication of components, deterring counterfeiting in high-value goods by making exact replication computationally infeasible. RFID-integrated weak PUFs further support scalable tagging in logistics, where responses to simple challenges confirm genuineness at checkpoints. Emerging use cases extend PUFs to post-quantum security and AI model protection. In post-quantum key exchange, PUFs integrate with lattice-based schemes like to generate device-specific keys resistant to quantum attacks, enabling authenticated key distribution in 2024 protocols that combine PUF-derived seeds with post-quantum primitives for cross-domain vehicular networks. For in-memory protection, schemes like employ PUFs to encrypt model weights and inputs during , using PUF-generated keys for layer-wise in compute-in-memory architectures, thereby safeguarding proprietary models from extraction or tampering while maintaining computational efficiency. These applications demonstrate PUFs' adaptability to quantum threats and security. PUFs integrate with for decentralized , where PUF responses serve as tamper-proof identifiers in permissioned ledgers, supporting scalable without central authorities. In -assisted systems, PUF-based CRPs enable lightweight and key agreement, with enrollment phases storing hashed responses on-chain for verification. This integration achieves times under 1 ms and supports thousands of devices, enhancing for decentralized IDs in industrial settings by leveraging PUFs' unclonability for immutable tracking.

Commercial Availability and Standards

Commercial availability of physical unclonable functions (PUFs) has expanded significantly since the early , driven by demand for hardware-rooted security in embedded systems. Leading companies include Intrinsic ID, which has commercialized SRAM-based PUFs since 2010 through licensing of IP cores for and device . Other key players are eMemory Technology and its subsidiary PUFsecurity, offering anti-counterfeiting solutions; ICTK Holdings for mobile secure elements; and Invia Inc. for logic-based PUFs. ID Quantique provides optical PUFs integrated with quantum random number generators for high-security applications. stands out as a major innovator, holding numerous patents on PUF techniques for integration. Verayo, an early pioneer in silicon PUFs, has incorporated its technology into products available as of 2025. PUF products are primarily available as (IP) cores for integration into application-specific integrated circuits () and field-programmable gate arrays (FPGAs), such as (RO)-PUF modules from various vendors. incorporates PUFs into its secure elements, like the A71CH and SE050 chips, used in and automotive applications for root-of-trust establishment. Qualcomm has explored PUF integrations in Snapdragon processors for enhanced device binding, while offers PUF-compatible designs in its TrustZone architecture for system-on-chip () implementations. The PUF market is experiencing growth alongside the broader sector, particularly for and deployments, where PUFs enable scalable device authentication without secure storage. Projections indicate the global security market, including PUF technologies, will reach approximately $59 billion by 2028, fueled by increasing connected devices exceeding 21 billion globally as of 2025. A notable trend from 2023 to 2025 is the rise in virtual PUF licensing models for , allowing software of hardware PUFs in virtualized environments without physical . Standardization efforts aim to ensure reliability and comparability of PUFs. The ISO/IEC 20897-1:2020 and ISO/IEC 20897-2:2022 standards specify requirements and methods for PUFs, respectively, focusing on metrics like , reliability, and . NIST provides guidelines in publications on evaluating PUFs for cryptographic applications. IEEE standards related to indirectly support PUF metrics like stochasticity and inter-device , though a dedicated PUF standard remains under development as of 2025. Despite progress, commercialization faces challenges including certification hurdles under frameworks like and , which require rigorous validation of PUF stability across environmental variations. Interoperability issues arise from diverse PUF types, complicating across multi-vendor ecosystems and hindering widespread adoption.

References

  1. [1]
    [PDF] Controlled Physical Random Functions
    In this paper, we introduce. Controlled Physical Random Functions (CPUFs) which are. PUFs that can only be accessed via an algorithm that is physically bound to ...
  2. [2]
    https://arxiv.org/pdf/1907.12525.pdf
  3. [3]
    [PDF] Silicon Physical Random Functions∗ - People | MIT CSAIL
    The focus of this paper is the silicon realization of PUFs, which we shall term silicon PUFs (SPUFs). Definition 2. A type of PUF is said to be Manufacturer.
  4. [4]
    Review of Physically Unclonable Functions (PUFs) - Frontiers
    Five different physically unclonable functions were explained: SRAM PUF, RO PUF, arbiter PUF, coating PUF and DRAM PUF as well as their structure and operation.
  5. [5]
    PUF-based Security Solutions for IoT: A Survey
    Dec 24, 2020 · This survey paper presents a review of the security challenges of emerging IoT networks and discusses some of the attacks and their countermeasures based on ...
  6. [6]
    https://iot-analytics.com/number-connected-iot-devices/
  7. [7]
    [PDF] Physical Unclonable Functions for Device Authentication and Secret ...
    Jun 8, 2007 · Physical Unclonable Functions (PUFs) are innovative circuit primitives that extract secrets from physical characteristics of integrated circuits ...
  8. [8]
    [PDF] On the Foundations of Physical Unclonable Functions
    Jun 10, 2009 · Abstract. We investigate the foundations of Physical Unclonable Functions from several perspectives. Firstly, we discuss formal and ...
  9. [9]
    [PDF] Physical One-Way Functions - CBA-MIT
    Mar 2, 2001 · This dissertation introduces physical one-way functions and physical one-way hash functions as primitives for physical analogs of cryptosystems.Missing: PUF | Show results with:PUF
  10. [10]
    Physical one-way functions - DSpace@MIT
    This dissertation introduces physical one-way firnctions and physical one-way hash functions as primitives for physical analogs of cryptosystems.Missing: 2002 PUF
  11. [11]
    Silicon physical random functions | Proceedings of the 9th ACM ...
    We introduce the notion of a Physical Random Function (PUF). We argue that a complex integrated circuit can be viewed as a silicon PUF.
  12. [12]
    Hardware Intrinsic Security from Physically Unclonable Functions
    Aug 10, 2015 · Additionally, SRAM PUFs can also be used as a source of randomness [22,137,227], for the realisation of (true or pseudo)random number generators ...<|control11|><|separator|>
  13. [13]
    [PDF] Physical Unclonable Functions for Device Authentication and Secret ...
    Jun 8, 2007 · ABSTRACT. Physical Unclonable Functions (PUFs) are innovative circuit primitives that extract secrets from physical characteristics.
  14. [14]
    Classification, Evaluation, and Tradeoffs in PUFs - All About Circuits
    Jul 18, 2021 · A weak PUF is one that supports a small number of challenge-response pairs. Additionally, the number of CRPs that a weak PUF can generate may ...
  15. [15]
    [PDF] PUFs at a Glance - Security And Privacy Research Group
    Abstract—Physical Unclonable Functions (PUFs) are a new, hardware-based security primitive, which has been introduced just about a decade ago. In this paper ...
  16. [16]
    A Weak-PUF-Assisted Strong PUF with Inherent Security Using ...
    The available CRPs of the DL-PUF design can reach up to 2 64 , and its robust security features are also demonstrated in this paper. We have implemented this ...
  17. [17]
    [PDF] A Formal Foundation for the Security Features of Physical Functions
    First, PUFs must be robust, i.e., able to provide stable outputs, since non-robust PUFs would significantly harm the efficiency of the underlying system.
  18. [18]
    A PUF taxonomy | Applied Physics Reviews - AIP Publishing
    Feb 12, 2019 · In general, implicit randomness arising in PUFs is preferable to explicit varieties, as naturally arising variation requires no additional ...
  19. [19]
    Strengthening Internet of Things Security: Surveying Physical ... - MDPI
    An in-depth survey on the IoT that employs physically unclonable functions (PUFs) was conducted. The first contribution analyzes PUF-based authentication, ...
  20. [20]
    https://www.mdpi.com/2079-9292/14/5/1007
  21. [21]
    Highly Reliable Magnetic Memory-Based Physical Unclonable ... - NIH
    May 8, 2024 · We report highly reliable MRAM-based security devices, known as physical unclonable functions (PUFs), achieved by exploiting nanoscale perpendicular magnetic ...Missing: fluxgate sensors
  22. [22]
    Evaluation of SRAM PUF Characteristics and Generation of Stable ...
    Aug 4, 2025 · It is also proven that the stability of SRAM PUF can be increased to 99.999% and the bit error rate (BER) can be reduced to almost 0% by ...<|separator|>
  23. [23]
    A robust architecture of ring oscillator PUF: Enhancing cryptographic ...
    While those PUFs with a limited number of CRPs are categorized as weak PUFs, like RO-PUFs [5]. However, Weak PUFs offer better stability and unique response ...
  24. [24]
    [PDF] Deep Learning based Model Building Attacks on Arbiter PUF ...
    An n-bit input to a PUF instance, and the corresponding m-bit output generated by the PUF instance, together constitute a. “Challenge-Response Pair” (CRP). P ...
  25. [25]
    Design of Integrated Micro-Fluxgate Magnetic Sensors - MDPI
    The present paper examines in detail the possibility of adopting a model based approach for designing miniaturized fluxgate sensors.Missing: PUF | Show results with:PUF<|control11|><|separator|>
  26. [26]
    Highly Reliable Magnetic Memory-Based Physical Unclonable ...
    May 8, 2024 · We report highly reliable MRAM-based security devices, known as physical unclonable functions (PUFs), achieved by exploiting nanoscale perpendicular magnetic ...
  27. [27]
    Physical One-Way Functions - Science
    Physical one-way functions use coherent transport through a disordered medium, using coherent multiple scattering from inhomogeneous structures, instead of ...
  28. [28]
    [PDF] Optical PUFs Reloaded - Cryptology ePrint Archive
    Optical PUFs are physical unclonable functions (PUFs) that are disordered systems reacting to external stimuli. This paper revisits and enhances their security.
  29. [29]
    Physically Unclonable Functions: A Study on the State of the Art and ...
    PDF | The idea of using intrinsic random physical features to identify objects, systems, and people is not new. Fingerprint identification of humans.
  30. [30]
    A guide for assessing optically imaged physically unclonable ...
    May 6, 2025 · Physically unclonable functions (PUFs) leverage inherently non-reproducible properties to generate unique IDs making them a technology with high ...
  31. [31]
    Nanoseed-based physically unclonable function for on-demand ...
    Apr 25, 2025 · This study introduces nanoseed-based PUFs that overcome the drawbacks of conventional PUFs using optical and electrical randomness originated from nanoseeds.
  32. [32]
    Physical unclonable in-memory computing for simultaneous ... - Nature
    Jan 25, 2025 · We propose RePACK, a threefold data protection scheme that safeguards neural network input, weight, and structural information.
  33. [33]
    Nanoseed-based physically unclonable function for on-demand ...
    Apr 25, 2025 · This study introduces nanoseed-based PUFs that overcome the drawbacks of conventional PUFs using optical and electrical randomness originated from nanoseeds.
  34. [34]
    Encoder Decoder-Based Virtual Physically Unclonable Function for ...
    Encoder Decoder-Based Virtual Physically Unclonable Function for Internet of Things Device Authentication Using Split-Learning. January 2024.Missing: seeds | Show results with:seeds
  35. [35]
    [PDF] Computers & Security - University of Cambridge
    Oct 30, 2024 · This paper presents a scheme that is based on the concept of split learning to construct an encoder–decoder-based Virtual PUF (VPUF) for device ...Missing: seeds remote
  36. [36]
    Vertically integrated security devices with physically unclonable ...
    Dec 25, 2024 · Three-dimensional (3D)-integrated security chip was realized with random number generation (RNG) and physically unclonable function (PUF).
  37. [37]
    Vertically integrated security devices with physically unclonable ...
    Physically unclonable function (PUF) and random number generation (RNG) are commonly used security tools to protect sensitive information from external threats.
  38. [38]
    Lattice-based Lightweight Scheme for Secure Communication in ...
    In this paper, we propose L^{2}S^{2}C^{2} , a novel post-quantum authentication protocol that leverages Physically Unclonable Functions (PUF) and Lattice-based ...
  39. [39]
    [PDF] Lattice PUF: A Strong Physical Unclonable Function Provably ... - arXiv
    In this paper, we propose a strong PUF that is secure against machine learning (ML) attacks with both classical and quantum computers. As a formal framework to ...
  40. [40]
    [PDF] Secure and Robust Error Correction for Physical Unclonable Functions
    This code can be used to correct 30 errors out of 255 bits but is expensive to implement.Missing: seminal | Show results with:seminal
  41. [41]
    [PDF] Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and ...
    Sep 13, 2015 · Abstract. The device-unique response of a physically unclonable func- tion (PUF) can serve as the root of trust in an embedded cryptographic.Missing: seminal | Show results with:seminal
  42. [42]
    [PDF] Modeling Attacks on Physical Unclonable Functions
    ABSTRACT. We show in this paper how several proposed Physical Un- clonable Functions (PUFs) can be broken by numerical mod- eling attacks.
  43. [43]
    [PDF] Attacking Arbiter PUFs Using Various Modeling Attack Algorithms
    Jul 20, 2023 · APUF can be successfully attacked by several machine learning algorithms, such as Logistic Regression (LR) and. Covariance Matrix Adaptation ...
  44. [44]
    [PDF] Side-Channel Analysis of the TERO PUF - Cryptology ePrint Archive
    Physical side-channel attacks based on power or electromagnetic (EM) analysis, such as Differential Power Analysis (DPA) [10,17], have been subject to extensive.
  45. [45]
    [PDF] Robust Fuzzy Extractors and Helper Data Manipulation Attacks ...
    The first helper data manipulation attacks against PUF based key generation were not on fuzzy extractors, but on helper data algorithm based on pattern matching ...
  46. [46]
    https://www.ukrise.org/wp-content/uploads/2023/07/Attacking_Arbiter_PUFs_Using_Various_Modeling_Attack_Algorithms_A_Comparative_Study.pdf
  47. [47]
    Logically reconfigurable PUFs: memory-based secure key storage
    In this paper we introduce a new logically reconfigurable PUF (LR-PUF), based on a memory-based PUF. ... A single poly eeprom cell structure for use in standard ...
  48. [48]
    Physical one-way functions | Guide books - ACM Digital Library
    This dissertation introduces physical one-way functions and physical one-way hash functions as primitives for physical analogs of cryptosystems. Physical one- ...
  49. [49]
    Blockchain-based authentication for IIoT devices with PUF
    It is indispensable to authenticate devices in the IIoT environment. In this paper, we propose two blockchain-based authentication for IIoT devices with PUF.
  50. [50]
    https://ieeexplore.ieee.org/document/8941608
  51. [51]
    https://dl.acm.org/doi/10.1145/2046582.2046594