Secret-free security: a survey and tutorial

Abstract “Classical keys,” i.e., secret keys stored permanently in digital form nonvolatile memory, appear indispensable modern computer security—but also constitute an obvious attack target any hardware containing them. This contradiction has led to perpetual battle between key extractors and protectors over the decades. It is long known that physical unclonable functions (PUFs) can at least partially overcome this issue, since they enable secure without above classical keys. Unfortunately, recent research revealed many standard PUFs still contain other types of “secrets” deeper their structure, whose disclosure adversaries breaks security as well: Examples include manufacturing variations SRAM PUFs, power-up states or signal delays Arbiter PUFs. Most these secrets have already been extracted viable attacks past, breaking PUF-security practice. A second generation primitives now shows potential resolve remaining problem, however. In certain applications, so-called Complex SIMPLs/PPUFs, UNOs are able realize not just free sense, but completely “secret-free” instead. resulting systems, could hypothetically be allowed inspect every bit atom, learn information present system, being break security. Secret-free would hence promise innately immune against malware-based key-extraction: There simply no security–critical extract anymore. Our survey tutorial paper takes described situation starting point, categorizes, formalizes, overviews recently evolving area secret-free . We propose attempt making promising endeavor future designs, those application scenarios where logically possible. others, we suggest techniques combined with methods construct hybrid systems notably reduced surfaces.