Non-linear optical scattering PUF: enhancing security against modeling attacks for authentication systems

Ruijie Hui; Feiliang Chen; Mo Li; Mo Li; Jian Zhang; Jian Zhang

doi:10.1364/OE.505489

1. Introduction

The rise of Internet of Things (IoT) has led to a proliferation of smart devices, with over 10 billion active IoT devices in 2021 and a projected 73.1 zettabytes of data generated by these devices by 2025 [1]. The explosive growth of devices and data brings significant challenges to authentication security [2–5]. Physical unclonable functions (PUFs) offer a promising solution to these challenges by providing a means of authentication that does not rely on classical knowledge or unverified mathematical assumptions [6–9]. A PUF is a physical entity that possesses natural random characteristics or generated randomness during manufacturing. The inherent complexity and randomness at the micro/nano-scale make it nearly impossible to be cloned, rendering PUFs a potential hardware remedy for mitigating the threats to authentication security.

About two decades ago, Pappu et al. introduced the concept of the physical one-way function (POF), which was the original prototype for the optical PUF (O-PUF) [6]. To distinguish it from other types of O-PUFs like fluorescence-based PUFs and liquid crystal PUFs [9,10], we refer to it as an optical scattering PUF (OS-PUF). The three-dimensional random structure of the OS-PUF, which comprises randomly distributed dielectric particles at the micron scale within a transparent substrate, yields information entropy of several terabytes, surpassing other O-PUFs in this aspect. When the OS-PUF is challenged by a probe laser beam, it exhibits reproducible, stable, and tamper-resistant scattering response for authentication [11–15]. To date, OS-PUF has been regarded as one of the most secure PUFs [16]. However, it is worth noting that contemporary OS-PUFs primarily consist of linear optical media, such as micro glass beads, ZnO, ZrO₂, or TiO₂ nanoparticles [17–20]. Consequently, it becomes plausible to describe the linear behavior of OS-PUFs through the medium of a transmission matrix. In fact, wavefront shaping has been proven as a powerful tool for researchers to successfully measure the transmission matrix of disordered media [21–23], which poses a potential modeling attack risks for high security applications of OS-PUFs. In the case of an OS-PUF authentication system, the OS-PUF illumination area A supports a huge number of independent modes $N = 2\pi An_e^2/\lambda _0^2$ [24,25], where ${\lambda _0}$ is the illumination laser wavelength and ${n_e}$ is the effective refractive index [22,26]. With the support of a large number of modes enabled by the illumination area, it becomes increasingly difficult to measure and calculate the transmission matrix. Hence, the security of the OS-PUF authentication system can be assumed to depends mainly on the temporal complexity resulting from the linear scattering of independent modes.

In order to mitigate the vulnerabilities arising from modeling attacks exploiting the intrinsic linear scattering behavior of OS-PUFs, in this article, we introduce the concept of a nonlinear OS-PUF (NOS-PUF) with embedded high electro-optical coefficient random media. The random fluctuations in the scattering behavior of the NOS-PUF, induced by the strong interaction between the modulation of pump source and electro-optic materials, present formidable obstacles to the development of successful modeling attacks targeting its security. The principles underlying the NOS-PUF authentication system are explained, random models for OS/NOS-PUF are established, and finite element methods are employed to simulate and model the transmission matrix. To enhance the generalizability of the simulation models to capture the average variations in scattering behavior, the NOS-PUF is modeled using an OS-PUF with a fluctuating average refractive index. A modeling attack based on scattering invariant modes (SIMs) for authentication systems is proposed and simulations demonstrate that this attack reduces the security of OS-PUF authentication systems [27]. However, the NOS-PUF authentication system demonstrates remarkable resilience against such attacks, effectively neutralizing their impact when a suitably thick NOS-PUF is employed. In summary, the authentication system based on NOS-PUF exhibits superior resistance against modeling attacks, effectively ensuring the security of authentication.

2. Authentication system based on OS-PUF/NOS-PUF

In an authentication system, the OS-PUF generates a unique response for each challenge issued by the laser, as depicted in Fig. 1(a). It is assumed that this system uses information in one polarization dimension for authentication. Challenges ${C_1},{C_2}, \ldots ,{C_n}$ are created by applying various wavefronts onto the probe laser beam using a transmissive-type spatial light modulator, which produces speckles with random characteristics. The distribution of speckle intensities, represented by $I({x,y} )$, captured on the CCD are then filtered by the image algorithm $\mathbf{F}$ to derive binary key ($BK$) responses ${R_1},{R_2}, \ldots ,{R_n}$. Prior to authentication, these challenge-response pairs (CRPs) are pre-registered in a secure database when the OS-PUF is loaded into the system. A challenge ${C_i}$ is randomly selected during the authentication process. If the loaded OS-PUF is correct, the returned response will exhibit a strong correlation with the corresponding pre-stored ${R_i}$ in the database. The correlation is quantified using Hamming Distance $HD = ({R_i^{\prime} \oplus {R_i}} )/L$, where L is the length of the $BK$. If $HD$ is close to 0, it indicates highly similarity between the compared data sets, resulting in a successful authentication. Conversely, if $HD$ is close to 0.5, it suggests that the two data sets are highly dissimilar, indicating an authentication failure [28].

Fig. 1. Systematic scheme of the authentication system based on (a) OS-PUF and (b) NOS-PUF. P1, P2 are polarizers; SLM is the spatial light modulator. The encoded probe beam ${C_i}$ is scattered by the OS/NOS-PUF and forms unique speckle patterns on the CCD as a physical marker $I({x,y} )$.

Download Full Size | PDF

Figure 1(b) shows the authentication system based on NOS-PUF. Here, the NOS-PUF produces random fluctuations in refractive index when subjected to electrical or optical modulation. The interaction between electro-optic materials and optically generated charge carriers or electric fields induces nonlinear polarization. This polarization exhibits a high intensity, leading to pronounced changes in the refractive index of particles. In the context of NOS-PUF, the random fluctuations in the refractive index of numerous internal particles contribute to the stochastic variations observed in the speckle response. The modulation parameter ${\mathbf{M}_j}(\mathbf{r} )$ represents the modulation in either the electric field or the light field, which is employed to induce changes in the physical properties of the OS-PUF (here is the refractive index of the nanoparticles), thereby realizing nonlinearity. The corresponding CRPs are recorded as $({{C_i},{R_{ij}},{\mathbf{M}_j}(\mathbf{r} )} )$, which are dependent on the interaction between ${C_i}$ and NOS-PUF modulated by ${\mathbf{M}_j}(\mathbf{r} )$. The authentication process can only be successfully completed by the verifier through the insertion of the correct NOS-PUF and the subsequent comparison of the reproducible speckle patterns generated under identical challenges and modulations with the database. Due to the stochastic nature of the interaction between ${\mathbf{M}_j}(\mathbf{r} )$ and the complex medium, it is almost impossible to establish a precise mathematical model that explains the correlation between ${C_i}$ and ${R_{ij}}$. This characteristic strengthens the resistance against modeling attacks that rely on simplistic linear mappings.

3. Attack strategies against OS-PUF authentication system

Here we propose and discuss a novel modeling attack scheme against the generalized OS-PUF authentication systems. Initially, the hacker covertly obtains OS-PUF samples. Assuming that the hacker possesses advanced equipment capable of precisely measuring the transmission matrix of the OS-PUF, as shown in Fig. 2(a), without the knowledge or involvement of the legitimate user. SIMs are manifested by calculating the eigenvalues and eigenvectors derived from the transmission matrix measured by the attacker regarding the OS/NOS-PUF and air. Subsequently, leveraging the obtained transmission matrix, the hacker utilizes the acquired transmission matrix to calculate the eigenvalues and eigenvectors, and employs this information to manipulate the modulation signal of the SLM. Finally, due to the significant resemblance between the speckle patterns generated by SIM through the air and those generated by SIM through the OS-PUF, the imposter potential to successfully pass the authentication process without requiring the embedding of the OS-PUF.

Fig. 2. Attacking authentication system based on OS-PUF. (a) Measurement of the transmission matrix of the OS-PUF. (b) Measurement of the transmission matrix through the air. (c, d) Authentication process of the authentic individual and the imposter.

Download Full Size | PDF

Typically, these matrices are measured either in the space domain or the frequency domain. Previous researches have indicated that measurements carried out in the frequency domain can offer better accuracy and efficiency by utilizing a scan mirror [22,23]. In this study, it is assumed the hacker will record the angular spectral transmission matrix ${\mathbf{T}_\theta }$ of the OS-PUF.

After acquiring the transmission matrix, hackers typically engage in real-time monitoring of the transmitted signals and perform real-time calculations to determine the expected received signals, and use simulated data to deceive the system, ultimately achieving successful impersonation authentication. However, this approach requires simultaneous intrusion into both the transmitter (Central server to SLM) and the receiver (CCD to central server), necessitates real-time computation with additional devices, and may also require knowledge of the specific key extraction algorithm employed by the receiver. The whole process of this scheme is intricate and cumbersome. Here, we present an optimized potential attack scheme based on SIMs, which only requires intrusion into the transmitter and tampering with the challenges constructed using the spatial light modulator. This approach simplifies the complexity of the attack, streamlining the overall process, posing a greater practical threat. To execute this scheme, in the preparation phase, the hacker needs to measure the angular spectral transmission matrix of the air, as depicted in Fig. 2(b). The formula of the SIMs in this case is provided by [27]

(1)$${\mathbf{T}_\theta }{\mathbf{E}_{si}} = {\alpha _i}{\mathbf{T}_\varphi }{\mathbf{E}_{si}} = {A_{so}}{\mathbf{E}_{so}}$$

where ${\mathbf{T}_\theta }$ and ${\mathbf{T}_\varphi }$ are the transmission matrices measured by the attacker regarding the OS/NOS-PUF and air, respectively. ${\mathrm{\alpha }_i}$ and ${\mathbf{E}_{si}}$ represent the calculated eigenvalues and normalized eigenvectors, ${A_{so}}$ and ${\mathbf{E}_{so}}$ are the complex amplitude and normalized output optic fields. SIMs demonstrate a diverse range of patterns where the illuminating light generates highly similar output fields through both the OS-PUF and the air, when subjected to the same pattern challenge. ${\mathbf{O}_d}$ is the defined tamper operator, which can be expressed as a diagonal matrix ${\mathbf{O}_d} = \mathbf{\Lambda }({{\alpha_1},{\alpha_2}, \ldots ,{\alpha_N}} )$. As shown in Fig. 2(c, d), in scenarios where the OS-PUF is not embedded, impostors decompose encoded challenges into SIMs and utilize tampering operators to modify the challenges. The output field of the challenge $\langle{\mathbf{E}_i} = {\mathbf{E}_{si}}\textrm{|}{\mathbf{A}_{si}}\rangle$ with and without OS-PUF, is given by the mapping

(2)$${\mathbf{T}_\theta }:\; \langle{\mathbf{E}_{si}}\textrm{|}{\mathbf{A}_{si}}\rangle \to \mathop \sum \nolimits_N {A_{si}}{A_{so}}{\mathbf{E}_{so}}$$

(3)$${\mathbf{T}_\varphi }:\; \langle{\mathbf{E}_{si}}\textrm{|}{\mathbf{O}_d}\textrm{|}{\mathbf{A}_{si}}\rangle \to \mathop \sum \limits_N {A_{si}}{A_{so}}{\mathbf{E}_{so}}$$

where ${\mathbf{A}_{si}}$ is a vector composed of complex amplitudes ${A_{si}}$ of each SIM. In this scenario, impostors are able to generate highly similar authentication responses to authentic individuals without possessing the OS-PUF. It can be concluded that the OS-PUF authentication system has been successfully compromised by this modeling attack.

4. Simulation details for the authentication

4.1 Simulation model of OS/NOS-PUF

To simulate the properties of OS/NOS-PUF using the finite element method, a two-dimensional model is built as shown in Fig. 3. The OS/NOS-PUF is constructed of transparent optical glue with a refractive index of approximately 1.5, with a width of $w = 100.25 \times {\lambda _0}$ (free-space wavelength ${\lambda _0} = $632 $nm$). The thickness of the OS/NOS-PUF is ∼4 $\mu m$ with a surface inhomogeneity in a wavelength range. The substrate of the OS/NOS-PUF consisted of 500 nano-particles with sizes ranging from 150 $nm$ to 350 $nm$ and a refractive index of approximately 2. They all involve multiple Mie scattering processes. An efficient approach is employed to simulate the transmission matrix of the OS/NOS-PUF in free space by incorporating a perfectly matched layer (PML) and scattering boundary condition (SBC). This approach enabled waves that diffuse outside the model region to be absorbed, facilitating the simulation of the transmission matrix. The input supporting $N = \left\lfloor {2w/{\lambda _0}} \right\rfloor = 200$ independent TE modes, and the simulation is conducted in the frequency domain.

Fig. 3. Simulation model of the OS/NOS-PUF. The distribution of the major scattering objects in the OS/NOS-PUF model is represented by the black dots. w and t are the width and thickness of the OS/NOS-PUF, respectively.

Download Full Size | PDF

The spatially distributed refractive index is chosen as a subset of the modulation parameters $n(\mathbf{r} )\subset {\mathbf{M}_j}(\mathbf{r} )$. During the pumping process, the electro-optic material polarization of the NOS-PUF changes with the applied field, resulting in variations in its optical properties, which are represented by fluctuations in the refractive index $\mathrm{\delta }n(\mathbf{r} )$. The NOS-PUF refractive index fluctuation is related to the spatial location. Here, an estimate is made in terms of the average refractive index change $\mathrm{\delta }n = \overline {\delta n(\boldsymbol{r} )} $. The main difference between the simulation of OS-PUF and NOS-PUF in this article is that the former $\mathrm{\delta }n = 0$ while the latter $\mathrm{\delta }n \in ({0,0.5} ]$. Finally, we generated four OS/NOS-PUF models with identical volume fractions but varying thicknesses (∼1, 2, 4, 8 $\mu m$), respectively.

4.2 Simulation model of optical transmission characteristics

To acquire the optical transmission characteristics of the OS/NOS-PUF, we follow a similar approach to previous experimental measurements of the transmission matrix [22]. The continuous light field is discretized into individual modes, establishing the mapping relationship of the mode transmission matrix. As the simulated probe beam is incident into free space and then scattered by the PUF to the camera, all simulated normalized TE mode input ${\mathbf{E}_{mi}}$ and output ${\mathbf{E}_{mo}}$ with complex amplitude ${A_{mo}}$ are recorded as mapping matrices

(4)$${\mathbf{T}_m}:{\mathbf{E}_{mi}} \to \mathop \sum \nolimits_N {A_{mo}}{\mathbf{E}_{mo}}.$$

In the simulation, each TE mode has a Fourier transform mapping relationship with the angular plane wave. To simulate the experimentally measured angular spectral transmission matrix, we have designed a resampling operator. Specifically, in the two-dimensional case, the resampling operator is defined by

(5)$${\mathbf{U}_r} = \left\{ {{u_{m,n}}{u_{m,n}} = \frac{1}{N}\mathop \sum \limits_{p = 0}^{N - 1} \sin \frac{{\pi np}}{N}\textrm{exp}\left( { - j\frac{{2\pi mp}}{N}} \right)} \right\}$$

where ${\mathbf{U}_r}$ approximates the unitary matrix and angular spectral transmission matrix is expressed as ${\mathbf{T}_\theta } = {\mathbf{U}_r}{\mathbf{T}_m}\mathbf{U}_r^\dagger $. The number of TE modes approximates the number of Nyquist sampling points, so the calculation of resampling indirectly simulates the angular spectral transmission matrix without significantly affecting the numerical accuracy [29].

4.3 Algorithm for extracting authentication binary keys

The output optic field ${\mathbf{E}_o}$ is represented as the intensity on the camera

(6)$$I(\mathbf{r} )= {|{{\mathbf{E}_o}} |^2} = \mathop \sum \limits_{i = 1}^N \mathop \sum \limits_{j = 1}^N {A_i}{A_j}\textrm{exp}[{ - j({{\mathbf{k}_j} - {\mathbf{k}_i}} )\cdot \mathbf{r}} ]$$

where ${A_i}$ is the random complex amplitude of the angular plane wave mode of the output field. From the above equation, the spatial frequency of the scattered image carrying the OS/NOS-PUF random information is at most ${f_m} = {|{{\mathbf{k}_j} - {\mathbf{k}_i}} |_{max}}/({2\pi } )\sim 2/{\lambda _0}$. The image algorithm can extract the randomness from the intensity information, and the authentication key is represented as a quantized random $BK$. $BK$ serves as an intuitive manifestation of the inherent randomness within a PUF. The level of randomness exhibited by $BK$ directly relates to the PUF's high degree of unpredictability and unclonability [30,31].

For the image filtering, the Gabor filtering ($GF$) algorithm is used [32,33], as shown in Fig. 4 expressed as

(7)$$GF(\mathbf{r} )= \frac{1}{{2\pi \sigma _G^2}}\textrm{exp}\left( { - \frac{{{{|\mathbf{r} |}^2}}}{{2\sigma_G^2}}} \right)\sin \left( {\frac{{2\pi }}{{{\lambda_G}}}|\mathbf{r} |} \right).$$

The values of $GF$ parameters used in our case are ${\sigma _G} = 1.5{\lambda _G}$, with ${\lambda _0} \le {\lambda _G} \le 15{\lambda _0}$. By calculating the Fourier transform, we can obtain that the $GF$ has a center frequency with $f = 1/{\lambda _G}$ and a bandwidth with $\delta f = \sqrt {2\ln 2} /({\pi {\sigma_G}} )\sim 1/4{\lambda _G}$. Considering the effect of numerical aperture ($NA$) on ${f_m}$, the wavelength ${\lambda _G}$ of $GF$ should satisfy the condition $f + 0.5\; \delta f < {f_m}NA$, that is ${\lambda _G} > 9{\lambda _0}/({16NA} )$. In this simulation model, the speckle is captured in the near field ($NA\sim 1$). To achieve robust and random $BK$ from speckle by the challenge, the lower limit of the $GF$ wavelength ${\lambda _G}$ is constrained by the wavelength of the incident light, denoted by ${\lambda _G}\sim 9{\lambda _0}/16$. If ${\lambda _G} < 9{\lambda _0}/16$, only pure noise $BK$ can be obtained using the $GF$, which originates from regions beyond the optical resolution of the speckle. In this case, the challenge has no contribution to $BK$, since $BK$ relies solely on noise.

Fig. 4. Gabor filtering for the binary key extraction.

Download Full Size | PDF

5. Results and discussion

5.1 Randomness of mode propagation via the OS/NOS-PUF

In the context of secure authentication using OS/NOS-PUFs, it is undesirable to have correlation between output and input modes. This correlation serves as an indicator of the randomness level of the OS/NOS-PUF, and higher correlation implies lower randomness. The theoretical representation of the transmission matrix of the illuminating light propagating through air can be expressed in a simple form

(8)$${\mathbf{T}_\varphi }:\,{{\cal F}}\{{{\mathbf{E}_i}} \}\to \mathrm{{\cal F}}\{{{\mathrm{{\cal F}}^{ - 1}}\{{\mathrm{{\cal H}}({f,z} )\mathrm{{\cal F}}\{{{\mathbf{E}_i}} \}} \}({{\mathbf{r}_o} \in \mathbf{\Omega }} )} \}$$

where $\mathrm{{\cal F}}$ and $\mathbf{\Omega }$ are Fourier transform and field-of-view, ${\mathbf{r}_o}$ refers to the coordinates of the field-of-view plane, $\mathrm{{\cal H}}({f,z} )= \textrm{exp}\left[ { - j({2\pi z} )\sqrt {1/{\lambda^2} - {f^2}} } \right]$ is the angular spectrum transfer function of optical systems with spatial frequency f and transmission distance z. The transfer function of the air is simple with low randomness. As can be seen from the above equation, the energy of the input mode is essentially coupled to the same output mode, resulting in strong correlation. However, due to the numerical aperture limitation of the field-of-view, the energy of higher order modes diffuses outside the field of view, resulting in some loss of sidelobes. This has been confirmed by finite element simulations of the air transmission matrix, as shown in Fig. 5(a).

Fig. 5. Transmission matrix and its singular value spectrum. (a, b) Angular spectral transmission matrices of air and of a 4 $\mu m$ thick NO-PUF, respectively. (c-f) The histograms represent the normalized singular value spectrum of the transmission matrices for four OS/NOS-PUFs with different thicknesses. All these curves have the same average transmittance. MP, Marcenko-Pastur; DMPK, Dorokhov-Mello-Pereyra-Kumar; $\langle{T}\rangle$, average transmittance; $\tau $, The singular values of matrix ${\mathbf{T}_\theta }$.

Download Full Size | PDF

The loading of the OS/NOS-PUF turns the angular spectral transfer function into a tensor ${{\cal H}}$ with complex randomness $n(\mathbf{r} )$, is denoted as

(9)$${\mathbf{T}_\theta }:\,{{\cal F}}\{{{\mathbf{E}_i}} \}\to \mathrm{{\cal F}}\{{{\mathrm{{\cal F}}^{ - 1}}\{{{{\cal H}}({f,z,n(\mathbf{r} )} )\times \mathrm{{\cal F}}\{{{\mathbf{E}_i}} \}} \}({{\mathbf{r}_o} \in \mathbf{\Omega }} )} \}.$$

In Fig. 5(b), the random texture observed in the amplitude of the transmission matrix is influenced by the optical randomness associated with the distribution of the medium. The randomness leads to a complex mixing of the spatial spectrum, which enhances the entropy of ${\mathbf{T}_\theta }$. However, when the thickness of the OS/NOS-PUF is increased to 4 $\mu m$, the angular mode is not completely scattered, and a strong diagonal remains in ${\mathbf{T}_\theta }$. This suggests that the transport mean free path ${l_{tr}}$ has not been fully reached at this thickness, and the OS/NOS-PUF is in a transition state between being directly transported in air and being fully scattered. Therefore, separate simulations are conducted of the OS/NOS-PUF with four different thicknesses and the average transmittance $\langle{T}\rangle = \textrm{tr}({\mathbf{T}_\theta^\dagger {\mathbf{T}_\theta }} )/N$ is calculated for each thickness. The ${l_{tr}}$ is estimated by diffusion theory which is ${l_{tr}}\sim 9.20\; \mu m$.

The channel characteristics of the OS/NOS-PUF can be further examined by analyzing the statistics of the singular value spectrum of the transmission matrix. The histograms in Fig. 5(c-f) show the transition of the singular value spectrum from a full transmission single peak to a quarter circle for the OS/NOS-PUF with thicknesses below the ${l_{tr}}$. The quarter-circle behavior aligns with the asymptotic properties described by Marcenko-Pastur (MP) theory, which predicts the spectrum of singular values in a random matrix where all elements are independent [34,35]. In addition, the bimodal distribution corresponds to the probability density distribution of transmittance in a medium with strong scattering and weak absorption, as predicted by the Dorokhov-Mello-Pereyra-Kumar (DMPK) theory, which shows a strong correlation among the scattering channels [36]. However, the simulated data’s spectrum did not retain the bimodal correlation. This observation suggests possible limitations in achieving complete channel control, despite simulating all waveguide modes for the given input interface [26]. The non-ideal system is limited by the mode losses, while the effective refractive index ${n_e}$ of the OS/NOS-PUF supports a larger number of modes that are not fully elicited, thereby leading to a gradual transition from the DMPK distribution to the MP distribution. Based on these findings, it can be predicted that the OS/NOS-PUF exhibits good randomness. Specifically, beyond a thickness $t = {l_{tr}}$, there is no correlation between the output and input modes that cluster around unity, as observed in free space. Additionally, the double-peaked correlations predicted by the DMPK theory are not present.

5.2 Entropy of authentication binary keys

Figure 6(a-d) illustrates the $HD$ distribution of $BK$ responses obtained from 2000 different encoded challenge events applied to OS/NOS-PUF. Despite observing higher channel correlation and lower entropy content observed in the singular value spectrum discussed in the previous section, applying $GF$ to the images does not result in a significant difference in the $HD$ distribution. This indicates that the channel correlation is either embedded in the phase information of the optical field or effectively filtered out by the $GF$, which is advantageous for the authentication of the OS/NOS-PUF. The length of a $BK$ for each response has been set to 200 bits for simplification. By calculating the expected length of a purely random bit-string length using Gaussian expectation and variance, we obtain the information entropy ${\hat{H}_G} = {\mu _{HD}}({1 - {\mu_{HD}}} )/\sigma _{HD}^2\sim 59$ of the $BK$ sequence. This implies that the 200-bit-string contains roughly 59 bits of information entropy.

Fig. 6. Randomness of $BK$ response by using $GF$. (a-d) The $HD$ distribution of the generated $BKs$ are analyzed for four different thicknesses using 2000 encoded challenges. ${\mu _{HD}}$, The expectation; ${\sigma _{HD}}$, The standard deviation. Inter-Class (1) originate from the same specimen under different encoded challenges. (e-g) The distributions of expectation, variance, and entropy of the extracted $BKs$ are analyzed for different $GF$ wavelengths.

Download Full Size | PDF

Subsequently, by employing a different $GF$ wavelength for filtering, the randomness of other spatial frequencies is extracted. Given the constraints discussed in Section 4.3, as shown in Fig. 6(e-g), $HD$ distribution of expectation, variance, and extracted information entropy for the $GF$ wavelength range from ${\lambda _G} = {\lambda _0}$ to ${\lambda _G} = 15{\lambda _0}$ are calculated with a step size of $\delta {\lambda _G} = 0.5{\lambda _0}$. The $BK$ obtained from shorter $GF$ wavelength exhibits better uniformity, smaller correlation as well as higher information entropy. Therefore, it can be considered that the algorithm extracts robust and random $BK$ with an optimal $GF$ wavelength value ${\lambda _G}\sim {\lambda _0}$.

5.3 Fake authentication using SIMs

If an attacker attempts to replicate the responses of an OS/NOS-PUF authentication system without possessing it, there is a potential risk associated with using our proposed SIMs along with hardware attacks. The SIMs extracted from the transmission matrix are highly correlated with ballistic photons, which are photons that travel in a straight line without scattering. Therefore, the attacker may focus on modes that are associated with ballistic photons and anticipate that SIMs can generate a response with high fidelity. In the case of the air matrix ${\mathbf{T}_\varphi }$ is nearly a unitary matrix, it exhibits high condition numbers due to the presence of propagation loss. To address this issue, the ill-conditioned inverse matrix is replaced with the conjugate transpose matrix. Consequently, SIMs can be simplified to

(10)$$\mathbf{T}_\varphi ^\dagger {\mathbf{T}_\theta }{\mathbf{E}_{si}} = {\alpha _i}{\mathbf{E}_{si}}.$$

Figure 7(a, b) exhibits a representative eigenmode where the intensity of light is depicted with a strong correlation between a pair of responses. The variations in amplitudes and phases among these maps originate from the eigenvalue. However, these variations do not contribute significantly to the overall intensity distribution of the light, making it challenging for the post-processing algorithm to differentiate between the two responses. Figure 7(c) demonstrates the cosine similarity $\rho = |{\mathbf{E}_o^\mathrm{\ast }\cdot {\mathbf{E}_{so}}} |/({|{{\mathbf{E}_o}} |\cdot |{{\mathbf{E}_{so}}} |} )$ between the optical fields of SIMs transmitted through the air and through the OS/NOS-PUF. It reveals that a SIM with higher eigenvalues exhibit greater similarity. Notably, the eigenvalues of fields with high similarity are closer to one, indicating a significant contribution to the reconstruction of the optical field. Assuming that the authentication system employs the $GF$ with ${\lambda _G} = {\lambda _0}$ to quantify the $BK$ response, the $HD$ between the $BK$ response pairs of each SIM is recorded, as shown in Fig. 7(d). These findings suggest that in the OS/NOS-PUF authentication system, SIMs with higher eigenvalues contribute more significantly to the reconstruction of the optical field and exhibit greater similarity. This information can be utilized in the authentication process to create confusion regarding the authenticity of the response and hardly distinguish genuine responses from potential replicas or attacks.

Fig. 7. Hackers attack authentication system based on OS/NOS-PUF using SIMs (a, b) An example of a SIM via an OS/NOS-PUF with $t = 4\; \mu m$. (c, d) Cosine similarity and $HD$ distribution between the response via OS/NOS-PUF and the response of same challenge through the air for SIMs. Inter-Class (2) originate from the different specimen (PUF and air) under same encoded challenges. (e, f) $HD$ distribution and false accept rate of 5000 efficiently challenged normal responses and SIMs to reconstruct the responses. Intra-Class originate from the same specimen under same encoded challenges (with a noise-to-signal ratio $\gamma $ of 0.05).

Download Full Size | PDF

In the case of the OS-PUF authentication system, the high similarity among certain SIMs is evident in the very low $HD$ ($< 0.1$) from the original response, even when the OS-PUF is unloaded. This suggests that these SIMs are highly correlated and the OS-PUF can be easily replicated or imitated. However, when using the NOS-PUF authentication system, the high similarity partial SIMs are significantly reduced. As the polarization field strength of modulation of the pump source in the nonlinear optical media increases, the $HD$ peak gradually shifts towards a purely random flattening. This means that the responses generated by the NOS-PUF system become less predictable and have a higher level of randomness. The reduction in high similarity partial SIMs and the shift towards random flattening in the $HD$ indicate an improvement in the security and unpredictability of the NOS-PUF authentication system. It becomes more challenging for an attacker to replicate or predict the responses accurately, enhancing the overall security of the system.

Previous analyses of this paper have indicated that although the correlation of singular patterns of OS-PUF may not be directly reflected in the $HD$ distribution of the $BK$ response, the correlation of SIMs can be observed in the distribution. We use transmission matrix modeling to extract tamper operators ${\mathbf{O}_d}$ of SIMs, which are applied to manipulate the data and shape the wavefront of the OS/NOS-PUF authentication system. In Fig. 7(e), 5000 encoded challenges are decomposed into SIMs by the tamper operator individually, and then synthesize SIMs to the output optical field by weighting the eigenvalues, resulting in highly similar responses. In the OS/NOS-PUF authentication system with a noise-to-signal ratio $\gamma $ of 0.05, the $HD$ peak of the reproduction response is around 0.1. Assuming a threshold value of 0.2, any $HD$ value less than 0.2 is considered a pass in the authentication, while values greater than 0.2 indicate failure. The false accept rate (FAR) is defined as the probability of accepting the wrong responses obtained by integrating the probability distribution of $HD$ that are below the threshold, which represents the probability of an attacker successfully using SIMs to attack the authentication system. In the case of the OS-PUF authentication system, the FAR can reach 0.8 under the attack of SIMs, indicating a significant security vulnerability. However, the use of NOS-PUF can reduce this rate by five orders of magnitude, greatly enhancing security. Furthermore, Fig. 7(f) shows the FAR of attacking systems with OS/NOS-PUF of four different thicknesses using SIMs. the FAR of the OS-PUF model is high, indicating that SIMs pose a significant threat to the security of OS-PUF systems. However, this threat is effectively mitigated using NOS-PUF. The curves demonstrate that NOS-PUFs that are sufficiently thick or have strong modulation can increase the randomness of SIMs to the upper bound of the information entropy (${\hat{H}_G}\sim 59$) extracted by the $GF$ algorithm, rendering them no longer relevant for authentic binary key. In this sense, a NOS-PUF-based authentication system effectively prevents fake authentication using modeling attacks, ensuring a higher level of security in various application scenarios.

6. Conclusion

In the rapidly expanding realm of the Internet of Things, safeguarding personal and group information has become increasingly crucial. However, conventional high-security OS-PUF encounters challenge due to the linear scattering behavior of the medium. The measurement of the transmission matrix poses a significant threat to the security of the authentication system based on OS-PUF, which is called modeling attack. In this article, we proposed a SIM-based modeling attack that leverages numerical calculations on the transmission matrix, enabling fake authentication in the absence of the default OS-PUF, thus posing a threat to the security of conventional OS-PUF authentication systems. Subsequently, a scheme for a NOS-PUF was presented, which utilized an electro-optic material as the scattering medium. By using the pump source to efficiently modulate the polarization field strength formed by NOS-PUF, we introduced them into the authentication system to resist modeling attacks based on OS-PUF, thereby enhancing the security of authentication. Moving forward, the randomness of mode propagation via OS-PUFs is characterized by the singular value spectrum obtained through simulations of disordered models. This demonstrates that NOS-PUFs with a thickness on the order of the transport mean free path possess strong randomness. We also apply this SIM-based modeling attack methodology to NOS-PUF-based authentication systems. Simulation results demonstrate that the NOS-PUF achieves a significantly lower false accept rate for modeling attacks with SIMs compared to conventional OS-PUF, reducing it by more than five orders of magnitude compared to the entropy limit of the Gabor filtering algorithm. Overall, our proposed NOS-PUF offers enhanced security and higher information entropy, making it particularly suitable for high-security authentication purposes.

Funding

National Natural Science Foundation of China (61875178); Fundamental Research Funds for the Central Universities (ZYGX2021J028).

Disclosures

The authors declare that there are no conflicts of interest related to this article.

Data availability

Data underlying the results presented in this paper are not publicly available at this time but may be obtained from the authors upon reasonable request.

References

1. B. Jovanovic, “Internet of Things statistics for 2023 - Taking Things Apart,” dataprot, (2023) https://dataprot.net/statistics/iot-statistics/.

2. M. A. Khan and K. Salah, “IoT security: Review, blockchain solutions, and open challenges,” Future Gener. Comp. Sy. 82, 395–411 (2018). [CrossRef]

3. C. Wheelus and X. Zhu, “IoT network security: threats, risks, and a data-driven defense framework,” IoT 1(2), 259–285 (2020). [CrossRef]

4. I. Lee and K. Lee, “The Internet of Things (IoT): Applications, investments, and challenges for enterprises,” Bus. Horizons 58(4), 431–440 (2015). [CrossRef]

5. H. Akhundov, E. Sluis, S. Hamdioui, et al., “Public-Key Based Authentication Architecture for IoT Devices Using PUF,” arXiv, arXiv.2002.01277 (2020). [CrossRef]

6. R. Pappu, B. Recht, J. Taylor, et al., “Physical one-way functions,” Science 297(5589), 2026–2030 (2002). [CrossRef]

7. B. Gassend, D. Clarke, M. van Dijk, et al., “Silicon physical random functions,” Proceedings of the 9th ACM Conference on Computer and Communications Security (2002).

8. R. Arppe and T. J. Sørensen, “Physical unclonable functions generated through chemical methods for anti-counterfeiting,” Nat. Rev. Chem. 1(4), 0031 (2017). [CrossRef]

9. T. McGrath, I. E. Bagci, Z. M. Wang, et al., “A puf taxonomy,” Appl. Phys. Rev. 6(1), 011303 (2019). [CrossRef]

10. Y. Liu, F. Han, F. Li, et al., “Inkjet-printed unclonable quantum dot fluorescent anti-counterfeiting labels with artificial intelligence authentication,” Nat. Commun. 10(1), 2409 (2019). [CrossRef]

11. U. Rührmair, C. Hilgers, and S. Urban, Optical PUFs reloaded, (Eprint.Iacr.Org, 2013).

12. I. Atakhodjaev, Machine Learning Attacks on Optical Physical Unclonable Functions, (Johns Hopkins University, 2018).

13. J. W. Goodman, Statistical properties of laser speckle patterns (Springer, 1975).

14. Q. Li, F. Chen, M. Li, et al., “Simulation of physically unclonable function based on disordered photonic structure,” Opt. Quantum Electron. 49(3), 122 (2017). [CrossRef]

15. R. Maes, Physically Unclonable Functions: Constructions, Properties and Applications (2012).

16. F. Pavanello, I. O’Connor, U. Rührmair, et al., “Recent advances in photonic physical unclonable functions,” in2021 IEEE European Test Symposium (ETS). (IEEE, 2021), pp. 1–10.

17. S. A. Goorden, M. Horstmann, A. P. Mosk, et al., “Quantum-secure authentication of a physical unclonable key,” Optica 1(6), 421–424 (2014). [CrossRef]

18. R. Uppu, T. A. Wolterink, S. A. Goorden, et al., “Asymmetric cryptography with physical unclonable keys,” Quantum Sci. Technol. 4(4), 045011 (2019). [CrossRef]

19. K. Chen, F. Huang, P. Wang, et al., “Fast random number generator based on optical physical unclonable functions,” Opt. Lett. 46(19), 4875–4878 (2021). [CrossRef]

20. I. M. Vellekoop and A. P. Mosk, “Focusing coherent light through opaque strongly scattering media,” Opt. Lett. 32(16), 2309–2311 (2007). [CrossRef]

21. S. M. Popoff, G. Lerosey, R. Carminati, et al., “Measuring the transmission matrix in optics: an approach to the study and control of light propagation in disordered media,” Phys. Rev. Lett. 104(10), 100601 (2010). [CrossRef]

22. H. Yu, T. R. Hillman, W. Choi, et al., “Measuring large optical transmission matrices of disordered media,” Phys. Rev. Lett. 111(15), 153902 (2013). [CrossRef]

23. P. Pai, J. Bosch, and A. P. Mosk, “Optical transmission matrix measurement sampled on a dense hexagonal lattice,” OSA Continuum 3(3), 637–648 (2020). [CrossRef]

24. A. P. Mosk, A. Lagendijk, G. Lerosey, et al., “Controlling waves in space and time for imaging and focusing in complex media,” Nat. Photonics 6(5), 283–292 (2012). [CrossRef]

25. C. Mesaritakis, M. Akriotou, A. Kapsalis, et al., “Physical unclonable function based on a multi-mode optical waveguide,” Sci. Rep. 8(1), 9653 (2018). [CrossRef]

26. A. Goetschy and A. D. Stone, “Filtering random matrices: the effect of incomplete channel control in multiple scattering,” Phys. Rev. Lett. 111(6), 063901 (2013). [CrossRef]

27. P. Pai, J. Bosch, M. Kühmayer, et al., “Scattering invariant modes of light in complex media,” Nat. Photonics 15(6), 431–434 (2021). [CrossRef]

28. R. Pappu, Physical one-way functions, (Massachusetts Institute of Technology, 2001).

29. J. W. Goodman, Introduction to Fourier optics (Roberts and Company Publishers, 2005).

30. M. Akriotou, A. Fragkos, and D. Syvridis, “Photonic physical unclonable functions: from the concept to fully functional device operating in the field,” Physics and Simulation of Optoelectronic Devices (SPIE, 2020).

31. M. Tehranipoor, N. Pundir, N. Vashistha, et al., Optical PUF (Springer, 2022).

32. L. Wang, X. Jiang, S. Lian, et al., “Image authentication based on perceptual hash using Gabor filters,” Soft Comput. 15(3), 493–504 (2011). [CrossRef]

33. Y. Yuan, J. Zhang, and Q. Wang, “Deep Gabor convolution network for person re-identification,” Neurocomputing 378, 387–398 (2020). [CrossRef]

34. V. A. Marchenko and L. A. Pastur, “Distribution of eigenvalues for some sets of random matrices,” Matematicheskii Sbornik 1(4), 457–483 (1967). [CrossRef]

35. D. Akbulut, Measurements of strong correlations in the transport of light through strongly scattering materials, (University of Twente, 2013).

36. C. W. J. Beenakker, “Random-matrix theory of quantum transport,” Rev. Mod. Phys. 69(3), 731–808 (1997). [CrossRef]

Non-linear optical scattering PUF: enhancing security against modeling attacks for authentication systems

Abstract

1. Introduction

2. Authentication system based on OS-PUF/NOS-PUF

3. Attack strategies against OS-PUF authentication system

4. Simulation details for the authentication

4.1 Simulation model of OS/NOS-PUF

4.2 Simulation model of optical transmission characteristics

4.3 Algorithm for extracting authentication binary keys

5. Results and discussion

5.1 Randomness of mode propagation via the OS/NOS-PUF

5.2 Entropy of authentication binary keys

5.3 Fake authentication using SIMs

6. Conclusion

Funding

Disclosures

Data availability

References

Data availability

Cited By

Figures (7)

Equations (10)

Optics Express