Mycophenolic acid acyl-glucuronide esterase
Quantum readout is a proposed method to securely verify the authenticity of an object. The method is inherently secure against attacks using classical computers, provided that the object to be authenticated cannot be copied.
Hands-off versus hands-on authentication of objects
When authenticating an object, one can distinguish two cases.
- Hands-on athentication: The object is fully under the control of the verifier. The verifier can see if the object is of the correct type, size, weight etc.. E.g. he can see the difference between a real tooth and a hologram representing the tooth.
- Hands-off authentication: The verifier does not have full control. E.g. he has line-of-sight but cannot touch the object.
In the hands-on scenario, Physical Unclonable Functions (PUFs) of various types can serve as great authentication tokens. Their physical unclonability, combined with the verifier's ability to detect spoofing, makes it exceedingly hard for an attacker to create an object that will pass as a PUF clone. However, hands-on authentication requires that the holder of the PUF relinquishes control of it, which may not be acceptable, especially if there is the risk that the verifier is an impostor.
In the hands-off scenario, however, reliable authentication is much more difficult to achieve. It is prudent to assume that the challenge-response behavior of each PUF is known publicly. (An attacker may get hold of a genuine PUF for a while and perform a lot of measurements on it without being discovered.) This is a "worst case" assumption as customary in security research. It poses no problem in the hands-on case, but in the hands-off case it means that spoofing becomes a real danger. Imagine for instance authentication of an optical PUF through a glass fiber. The attacker does not have the PUF, but he knows everything about it. He receives the challenge (laser light) through the fiber. Instead of scattering the light off a physical object, he does the following: (i) measure the incoming wave front; (ii) look up the corresponding response in his database; (iii) prepare laser light in the correct response state and send it back to the verifier.
For a long time spoofing in the hands-off scenario has seemed to be a fundamental problem that cannot be solved. The traditional approach to remote object authentication is to somehow enforce a hands-on environment, e.g. by having a tamper-proof trusted remote device probing the object. Drawbacks of this approach are (a) cost and (b) unknown degree of security in the face of ever more sophisticated attacks.
Quantum-physical readout of a PUF
The basic scheme
The problem of spoofing in the hands-off case can be solved using two fundamental information-theoretic properties of quantum physics: (1) A single quantum in an unknown state cannot be cloned .[1] (2) When a quantum state is measured most of the information it contains is destroyed.
Based on these principles, the following scheme was proposed .[2]
- Enrollment. The usual PUF enrollment. No quantum physics needed. The enrollment data is considered public.
- Challenge. A single quantum (e.g. a photon) is prepared in a random state. It is sent to the PUF.
- Response. The quantum interacts with the PUF (e.g. coherent scattering), resulting in a unitary transform of the state.
- Verification. The quantum is returned to the verifier. He knows exactly what the response state should be. This knowledge enables him to perform a "yes/no" verification measurement.
Steps 2-4 are repeated multiple times in order to exponentially lower the false accept probability.
The crucial point is that the attacker cannot determine what the actual challenge is, because that information is packaged in a "fragile" quantum state. If he tries to investigate the challenge state by measuring it, he destroys part of the information. Not knowing where exactly to look in his challenge-response database, the attacker cannot reliably produce correct responses.
Security assumptions
The scheme is secure only if the following conditions are met,
- Physical unclonability of the PUF.
- The attacker cannot perform arbitrary unitary transformations on the challenge quantum. This is more or less equivalent to stating that he does not have a quantum computer.
In contrast to Quantum key distribution schemes, Quantum Readout of PUFs is not unconditionally secure.
Special security properties
Quantum Readout of PUFs achieves
- Hands-off object authentication without trusted hardware at the side of the object.
- Authentication of a quantum communication channel without a priori shared secrets and without shared entangled particles. The authentication is based on public information.
Imagine Alice and Bob wish to engage in Quantum Key Distribution on an ad hoc basis, i.e. without ever having exchanged data or matter in the past. They both have an enrolled optical PUF. They look up each other's PUF enrollment data from a trusted source. They run quantum key distribution through both optical PUFs; with a slight modification of the protocol, they get quantum key distribution and two-way authentication. The security of their key distribution is unconditional, but the security of the authentication is conditional on the two assumptions mentioned above.
Experimental realization
Quantum Readout of speckle-based optical PUFs has been demonstrated in the lab .[3]
Security proofs
Full security proofs are not yet available. Partial results exist [4] [5] that analyze "challenge estimation" attacks, in which the attacker tries to determine the challenge as best as he can using measurements. The false acceptance probability in a single round scales roughly as , with the number of quanta that the attacker can study and the dimension of the state space (Hilbert space).
References
43 year old Petroleum Engineer Harry from Deep River, usually spends time with hobbies and interests like renting movies, property developers in singapore new condominium and vehicle racing. Constantly enjoys going to destinations like Camino Real de Tierra Adentro.
External links
- ↑ W.K. Wootters and W.H. Zurek. "A single quantum cannot be cloned". Nature, 299: 802–803, 1982
- ↑ B. Škorić, "Quantum Readout of Physical Unclonable Functions", International Journal of Quantum Information, 10(1):1250001–1 – 125001–31, 2012.
- ↑ S.A. Goorden, M. Horstmann, A.P. Mosk, B. Škorić, P.W.H. Pinkse, "Quantum-Secure Authentication with a Classical Key", http://arxiv.org/abs/1303.0142
- ↑ B. Škorić, "Quantum Readout of Physical Unclonable Functions", http://eprint.iacr.org/2009/369
- ↑ B. Škorić, A.P. Mosk, P.W.H. Pinkse, "Security of Quantum-Readout PUFs against quadrature based challenge estimation attacks", http://eprint.iacr.org/2013/084