A Physically Unclonable Function (PUF) is a hardware security primitive used for authentication and key generation. It takes an input bit-vector challenge and produces a single-bit response, resulting in a challenge-response pair (CRP). The truth table of all challenge-response pairs of each manufactured PUF should look different due to inherent manufacturing randomness, forming a digital fingerprint. A PUF's entropy (the entropy of all the responses, taken over the manufacturing randomness and uniformly selected challenges) has been studied before and is a challenging problem. Here we explore a related notion -- the response entropy, which is the entropy of an arbitrary response given knowledge of one (and two) other responses. This allows us to explore how knowledge of some CRP(s) impacts the ability to guess another response. The Arbiter PUF (APUF) is a well-known PUF architecture based on accumulated delay differences between two paths. In this paper, we obtain in closed form the probability mass function of any arbitrary response given knowledge of one or two other arbitrary CRPs for the APUF architecture. This allows us to obtain the conditional response entropy and then to define and obtain the size of the entropy bins (challenge sets with the same conditional response entropy) given knowledge of one or two CRPs. All of these results depend on the probability that two different challenge vectors yield the same response, termed the response similarity of those challenges. We obtain an explicit closed form expression for this. This probability depends on the statistical correlations induced by the PUF architecture together with the specific known and to-be-guessed challenges. As a by-product, we also obtain the optimal (minimizing probability of error) predictor of an unknown challenge given access to one (or two) challenges and the associated predictability.

翻译：物理不可克隆函数（PUF）是一种用于身份验证和密钥生成的硬件安全原语。它接收一个输入比特向量作为激励，并产生一个单比特响应，从而构成一个激励-响应对（CRP）。由于固有的制造随机性，每个已制造PUF的所有激励-响应对的真值表应呈现差异，形成数字指纹。PUF的熵（在制造随机性和均匀选取的激励下，所有响应的熵）先前已被研究过，且是一个具有挑战性的问题。本文探讨一个相关概念——响应熵，即在已知一个（及两个）其他响应的条件下，任意响应的熵。这使我们能够探究已知某些CRP如何影响猜测另一响应的能力。仲裁器PUF（APUF）是一种基于两条路径累积延迟差的著名PUF架构。本文针对APUF架构，以闭合形式推导出在已知一个或两个其他任意CRP的条件下，任意响应的概率质量函数。由此我们能够获得条件响应熵，进而定义并计算在已知一个或两个CRP条件下熵箱（具有相同条件响应熵的激励集合）的规模。所有这些结果均取决于两个不同激励向量产生相同响应的概率，称为这些激励的响应相似度。我们为此推导出显式的闭合形式表达式。该概率取决于PUF架构引入的统计相关性以及具体已知和待猜测的激励。作为副产品，我们还得到了在已知一个（或两个）激励条件下，预测未知激励的最优（最小化错误概率）预测器及其相应的可预测性。