{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T18:01:26Z","timestamp":1773511286378,"version":"3.50.1"},"reference-count":29,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2008,1]]},"abstract":"<jats:p>The cryptographic protocols that we use in everyday life rely on the secure storage of keys in consumer devices. Protecting these keys from invasive attackers, who open a device to steal its key, is a challenging problem. We propose controlled physical random functions (CPUFs) as an alternative to storing keys and describe the core protocols that are needed to use CPUFs. A physical random functions (PUF) is a physical system with an input and output. The functional relationship between input and output looks like that of a random function. The particular relationship is unique to a specific instance of a PUF, hence, one needs access to a particular PUF instance to evaluate the function it embodies. The cryptographic applications of a PUF are quite limited unless the PUF is combined with an algorithm that limits the ways in which the PUF can be evaluated; this is a CPUF. A major difficulty in using CPUFs is that you can only know a small set of outputs of the PUF\u2014the unknown outputs being unrelated to the known ones. We present protocols that get around this difficulty and allow a chain of trust to be established between the CPUF manufacturer and a party that wishes to interact securely with the PUF device. We also present some elementary applications, such as certified execution.<\/jats:p>","DOI":"10.1145\/1284680.1284683","type":"journal-article","created":{"date-parts":[[2008,2,8]],"date-time":"2008-02-08T15:32:16Z","timestamp":1202484736000},"page":"1-22","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":95,"title":["Controlled physical random functions and applications"],"prefix":"10.1145","volume":"10","author":[{"given":"Blaise","family":"Gassend","sequence":"first","affiliation":[{"name":"Massachusetts Institute of Technology, Cambridge, MA"}]},{"given":"Marten Van","family":"Dijk","sequence":"additional","affiliation":[{"name":"Massachusetts Institute of Technology, Cambridge, MA"}]},{"given":"Dwaine","family":"Clarke","sequence":"additional","affiliation":[{"name":"Massachusetts Institute of Technology, Cambridge, MA"}]},{"given":"Emina","family":"Torlak","sequence":"additional","affiliation":[{"name":"Massachusetts Institute of Technology, Cambridge, MA"}]},{"given":"Srinivas","family":"Devadas","sequence":"additional","affiliation":[{"name":"Massachusetts Institute of Technology, Cambridge, MA"}]},{"given":"Pim","family":"Tuyls","sequence":"additional","affiliation":[{"name":"Philips Research, Eindhoven"}]}],"member":"320","published-online":{"date-parts":[[2008,1,22]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Trustzone: Integrated hardware and software security. ARM. White paper.","author":"Alves T.","year":"2004","unstructured":"Alves , T. and Felton , D . 2004 . Trustzone: Integrated hardware and software security. ARM. White paper. Alves, T. and Felton, D. 2004. Trustzone: Integrated hardware and software security. ARM. White paper."},{"key":"e_1_2_1_2_1","volume-title":"Proceedings of the Second Usenix Workshop on Electronic Commerce. Usenix Association","author":"Anderson R.","unstructured":"Anderson , R. and Kuhn , M . 1996. Tamper resistance---A cautionary note . In Proceedings of the Second Usenix Workshop on Electronic Commerce. Usenix Association , Berkeley, CA. 1--11. Anderson, R. and Kuhn, M. 1996. Tamper resistance---A cautionary note. In Proceedings of the Second Usenix Workshop on Electronic Commerce. Usenix Association, Berkeley, CA. 1--11."},{"key":"e_1_2_1_3_1","volume-title":"IWSP: International Workshop on Security Protocols, LNCS. Springer-Verlag","author":"Anderson R.","unstructured":"Anderson , R. and Kuhn , M . 1997. Low cost attacks on tamper resistant devices . In IWSP: International Workshop on Security Protocols, LNCS. Springer-Verlag , New York. Anderson, R. and Kuhn, M. 1997. Low cost attacks on tamper resistant devices. In IWSP: International Workshop on Security Protocols, LNCS. Springer-Verlag, New York."},{"key":"e_1_2_1_4_1","volume-title":"Security Engineering: A Guide to Building Dependable Distributed Systems","author":"Anderson R. J.","year":"2001","unstructured":"Anderson , R. J. 2001 . Security Engineering: A Guide to Building Dependable Distributed Systems . Wiley , New York . Anderson, R. J. 2001. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, New York."},{"key":"e_1_2_1_5_1","unstructured":"Carroll A. Juarez M. Polk J. and Leininger T. 2002. Microsoft \u201cpalladium\u201d: A business overview. In Microsoft Content Security Business Unit.  Carroll A. Juarez M. Polk J. and Leininger T. 2002. Microsoft \u201cpalladium\u201d: A business overview. In Microsoft Content Security Business Unit."},{"key":"e_1_2_1_6_1","unstructured":"Chinnery D. and Keutzer K. 2002. Closing the Gap Between ASIC & Custom. Kluwer Academic Publi. Boston MA.  Chinnery D. and Keutzer K. 2002. Closing the Gap Between ASIC & Custom. Kluwer Academic Publi. Boston MA."},{"key":"e_1_2_1_7_1","unstructured":"Distributed.Net. http:\/\/distributed.net\/.  Distributed.Net. http:\/\/distributed.net\/."},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of 18th Annual Computer Security Applications Conference. Applied Computer Security Associates (ACSA)","author":"Gassend B.","unstructured":"Gassend , B. , Clarke , D. , van Dijk , M. , and Devadas , S . 2002a. Controlled physical random functions . In Proceedings of 18th Annual Computer Security Applications Conference. Applied Computer Security Associates (ACSA) , Silver Spring, MD. Gassend, B., Clarke, D., van Dijk, M., and Devadas, S. 2002a. Controlled physical random functions. In Proceedings of 18th Annual Computer Security Applications Conference. Applied Computer Security Associates (ACSA), Silver Spring, MD."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586132"},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of Ninth International Symposium on High Performance Computer Architecture. IEEE","author":"Gassend B.","unstructured":"Gassend , B. , Suh , G. E. , Clarke , D. , van Dijk , M. , and Devadas , S . 2003. Caches and Merkle trees for efficient memory integrity verification . In Proceedings of Ninth International Symposium on High Performance Computer Architecture. IEEE , New York. Gassend, B., Suh, G. E., Clarke, D., van Dijk, M., and Devadas, S. 2003. Caches and Merkle trees for efficient memory integrity verification. In Proceedings of Ninth International Symposium on High Performance Computer Architecture. IEEE, New York."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.v16:11"},{"key":"e_1_2_1_13_1","volume-title":"Sixth USENIX Security Symposium Proceedings. Usenix Association","author":"Gutman P.","year":"1996","unstructured":"Gutman , P. 1996 . Secure deletion of data from magnetic and solid-state memory . In Sixth USENIX Security Symposium Proceedings. Usenix Association , Berkeley, CA, 77--89. Gutman, P. 1996. Secure deletion of data from magnetic and solid-state memory. In Sixth USENIX Security Symposium Proceedings. Usenix Association, Berkeley, CA, 77--89."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/355045.355063"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/505145.505149"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/646764.703989"},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the IEEE VLSI Circuits Symposium. IEEE","author":"Lee J.-W.","unstructured":"Lee , J.-W. , Lim , D. , Gassend , B. , Suh , G. E. , van Dijk , M. , and Devadas , S . 2004. A technique to build a secret key in integrated circuits with identification and authentication applications . In Proceedings of the IEEE VLSI Circuits Symposium. IEEE , New York. Lee, J.-W., Lim, D., Gassend, B., Suh, G. E., van Dijk, M., and Devadas, S. 2004. A technique to build a secret key in integrated circuits with identification and authentication applications. In Proceedings of the IEEE VLSI Circuits Symposium. IEEE, New York."},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/378993.379237"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2005.859470"},{"key":"e_1_2_1_22_1","unstructured":"Microsoft. Next-Generation Secure Computing Base. http:\/\/www.microsoft.com\/resources\/ngscb\/defaul.mspx.  Microsoft. Next-Generation Secure Computing Base. http:\/\/www.microsoft.com\/resources\/ngscb\/defaul.mspx."},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/935173"},{"key":"e_1_2_1_25_1","unstructured":"SETI&commat;Home.  SETI&commat;Home."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/11496137_28"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.5555\/324119.324128"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/782814.782838"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.2005.22"},{"key":"e_1_2_1_30_1","unstructured":"Torlak E. van Dijk M. Gassend B. Jackson D. and Devadas S. 2006. Knowledge flow analysis for security protocols. http:\/\/arxiv.org\/abs\/cs\/0605109.  Torlak E. van Dijk M. Gassend B. Jackson D. and Devadas S. 2006. Knowledge flow analysis for security protocols. http:\/\/arxiv.org\/abs\/cs\/0605109."},{"key":"e_1_2_1_31_1","unstructured":"Trusted Computing Group. 2004. TCG Specification Architecture Overview Revision 1.2. http:\/\/www.trustedcomputinggroup.com\/home.  Trusted Computing Group. 2004. TCG Specification Architecture Overview Revision 1.2. http:\/\/www.trustedcomputinggroup.com\/home."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/11507840_15"},{"key":"e_1_2_1_33_1","unstructured":"Weste N. and Eshraghian K. 1985. Principles of CMOS VLSI Design: A Systems Perspective. Addison-Wesley Reading PA.   Weste N. and Eshraghian K. 1985. Principles of CMOS VLSI Design: A Systems Perspective. Addison-Wesley Reading PA."}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1284680.1284683","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1284680.1284683","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T14:58:16Z","timestamp":1750258696000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1284680.1284683"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,1]]},"references-count":29,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2008,1]]}},"alternative-id":["10.1145\/1284680.1284683"],"URL":"https:\/\/doi.org\/10.1145\/1284680.1284683","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"value":"1094-9224","type":"print"},{"value":"1557-7406","type":"electronic"}],"subject":[],"published":{"date-parts":[[2008,1]]},"assertion":[{"value":"2005-10-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2007-04-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2008-01-22","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}