Quantum-Secure Physical Unclonable Function enabled by Silicon Photonics Integrated Circuits

This paper experimentally demonstrates a silicon nitride photonic Physical Unclonable Function (PUF) and proposes a quantum readout protocol using single-photon states and maximally mixed states to achieve highly secure authentication with an exceptionally low equal error rate of 10⁻¹⁴.

The Gist

The Big Idea: A Digital "Fingerprint" Made of Light

Imagine you need to prove you are who you say you are. Usually, you use a password. But passwords can be stolen, guessed, or copied. This paper proposes a better way: a Physical Unclonable Function (PUF).

Think of a PUF not as a password you remember, but as a unique fingerprint that is physically built into a computer chip. Just like no two human fingerprints are exactly alike, no two computer chips are manufactured exactly the same. Tiny, uncontrollable bumps and rough edges on the microscopic wires inside the chip create a unique "signature."

The researchers built a special chip using Silicon Photonics (which uses light instead of electricity to process information). They showed that this chip acts like a secure lock: you give it a specific input (a "challenge"), and it gives back a unique output (a "response") based on its tiny, random physical flaws.

The Problem: Hackers Can Copy Old Locks

The paper explains that while these physical fingerprints are great, a clever hacker (let's call her "Eve") could still trick the system.

• The Old Way: If Eve could tap the wire and see what input you sent and what output came out, she could build a fake copy of the chip. It's like if a thief watched you unlock your door with a key, memorized the pattern, and then made a fake key to open it later.
• The Risk: This is called a "cloning attack." If the hacker can copy the chip's behavior, the security is broken.

The Solution: A Quantum Magic Trick

To stop the hacker, the researchers added Quantum Mechanics to the mix. They turned the system into a "Quantum-Secure" PUF. Here is how they did it, using two main tricks:

1. The "Blindfolded" Light (Maximally Mixed State)

In the new system, the person checking the ID (Alice) sends a single particle of light (a photon) into the chip.

• The Analogy: Imagine Alice is sending a secret message in a box. In the old system, the box was clear glass; Eve could see exactly what was inside before it reached the lock.
• The Quantum Fix: In this new system, Alice sends the photon, but she keeps the "address" of where it's going a secret. To the hacker (Eve), the light looks like static noise or a "fog." It's as if the light is in a superposition of being everywhere at once.
• The Result: Because the light looks like random noise to the hacker, she cannot figure out the chip's secret pattern. She can't copy what she can't see.

2. The "No-Copy" Rule (The No-Cloning Theorem)

Quantum physics has a fundamental rule: You cannot copy a quantum state without destroying it.

• The Analogy: Imagine trying to photocopy a hologram. If you try to scan it to make a copy, the hologram shatters or changes.
• The Result: If Eve tries to intercept the light to study the chip, she inevitably messes up the light. The system detects this disturbance, and the hacker is caught. She cannot make a perfect clone of the chip because the very act of trying to copy it ruins the information.

How They Tested It

The researchers didn't just guess; they built a real chip (a 6x6 grid of light paths) and tested it:

1. Real Hardware: They used a chip made of Silicon Nitride. They proved that the tiny, random roughness of the wires inside the chip creates a unique, uncopyable signature.
2. The Simulation: They simulated a hacker trying to break in using a chip made from the same factory batch (which would be very similar, but not identical).
3. The Score: They measured how often the system made mistakes:
   • False Rejection: Turning away a good guy (too strict).
   • False Acceptance: Letting a bad guy in (too loose).

The Result: They found that by adjusting how many "clicks" (light detections) they waited for, they could make the system incredibly secure. They achieved a security level where the chance of a hacker getting in was 1 in 100 trillion (10⁻¹⁴).

The Trade-Off (Speed vs. Security)

The paper notes a simple trade-off, like a bouncer at a club:

• If the bouncer checks only one ID quickly, they might let a fake ID slip through (less secure, faster).
• If the bouncer checks the ID 100 times, it takes longer, but it is almost impossible for a fake ID to get in (more secure, slower).

The researchers showed that by waiting for enough light signals (clicks), they could make the system so secure that even a hacker with a nearly identical chip from the same factory would be rejected.

Summary

This paper demonstrates a new type of digital security lock. Instead of relying on a secret code that can be stolen, it relies on the unique, uncopyable physical flaws of a light-based chip. By using single particles of light and the laws of quantum physics, they created a system where a hacker cannot see the secret pattern and cannot copy the lock without breaking it. The result is a security system that is theoretically unbreakable, with error rates as low as 1 in 100 trillion.

Technical Summary

Technical Summary: Quantum-Secure Physical Unclonable Function enabled by Silicon Photonics Integrated Circuits

Problem Statement
Physical Unclonable Functions (PUFs) serve as hardware security primitives that leverage intrinsic physical variations for authentication and key generation. While silicon photonic devices offer a promising substrate for integrated PUFs due to their compatibility with CMOS processes and suitability for quantum applications, classical photonic PUFs remain vulnerable to side-channel attacks. Specifically, adversaries can collect Challenge-Response Pairs (CRPs) to emulate the device's functionality, a vulnerability rooted in the ability to clone classical states. Although quantum cryptographic protocols offer security based on the no-cloning theorem and the non-distinguishability of non-orthogonal states, these mechanisms have not been systematically transferred to the context of silicon photonic PUFs. Existing quantum-secure optical PUFs have been limited to free-space setups, which lack scalability. Consequently, there is a need for a scalable, integrated solution that combines the physical unclonability of silicon photonics with fundamental quantum security principles.

Methodology
The authors propose and evaluate a Silicon Nitride (SiN) programmable photonic Mach–Zehnder interferometer (MZI) mesh that functions as a Quantum-Secure Physical Unclonable Function (QSP-PUF). The methodology is divided into experimental characterization and numerical simulation of a quantum protocol.

1. Experimental Characterization (Classical SP-PUF):

   • Device: A 6×6 rectangular integrated photonic mesh comprising 15 balanced MZIs and 13 external phase shifters, fabricated by LIGENTEC on a 200 mm SiN platform.
   • Fingerprint Extraction: The device's unique "fingerprint" arises from uncontrollable fabrication variations, specifically sidewall roughness, which induce passive phase offsets. These offsets were characterized by measuring nullification voltages ($V_{null}$) across the MZIs. The distribution of $V_{null}$ was found to be uniform (7V to 8.6V), confirming that thermal crosstalk and resistivity variations were negligible compared to waveguide geometry variations.
   • Performance Metrics: The system demonstrated strong randomness with a fractional inter-Hamming distance of ~46% and robustness with a fractional intra-Hamming distance of ~2.6% over a 30-minute period.

2. Quantum Protocol Design:

   • Setup: The protocol involves an authenticator (Alice) and a user (Bob) communicating via single-photon states (Fock states). Alice prepares a single photon in a specific spatial mode determined by a random variable, which is then mapped to the temporal domain for transmission via single-mode fiber.
   • Authentication Mechanism: Bob's device applies a unitary transformation ($U_{Bob}$) specific to its fabrication. Alice, possessing knowledge of the device's static offsets from an enrollment phase, applies the Hermitian conjugate transformation ($U_{Alice} = U_{Bob}^\dagger$) to reverse the process. Ideally, the photon returns to its original state, resulting in a detection click in the correct time bin.
   • Security Layers:
     • Maximally Mixed State (MMS): To prevent side-channel attacks, the input state is treated as a statistical mixture from the perspective of an eavesdropper (Eve). Since the input port is chosen uniformly at random, the density matrix of the input is maximally mixed ($\rho = I/D$), concealing the underlying unitary transformation.
     • No-Cloning Theorem: This prevents Eve from copying the quantum state to emulate the device without measurement, which would disturb the system.

3. Simulation and Analysis:

   • Using experimentally derived parameters (losses, phase offsets, dark count rates), the authors performed Monte Carlo simulations to evaluate False Acceptance Rates (FAR) and False Rejection Rates (FRR).
   • Attack Scenarios: The study assessed security against passive eavesdropping (mitigated by MMS) and cloning attacks where Eve possesses a PIC fabricated on the same wafer (mitigated by the statistical uniqueness of fabrication variations).

Key Contributions

• Experimental Demonstration: The work provides experimental evidence of a SiN photonic mesh operating as a strong PUF, validating that fabrication-induced sidewall roughness provides a sufficient entropy source for unique device signatures.
• Quantum Integration: The paper introduces a protocol that integrates single-photon sources and detectors with integrated photonic PUFs, moving beyond free-space limitations.
• Security Analysis: It demonstrates how the combination of MMS and the no-cloning theorem can protect the PUF's secret fingerprint from passive eavesdropping and cloning attempts, even when the adversary has access to devices from the same manufacturing batch.

Results

• Robustness and Randomness: The experimental SiN mesh exhibited a fractional inter-Hamming distance of 45% (indicating high randomness) and an intra-Hamming distance of 2% (indicating high robustness against environmental noise).
• Error Rates: Through Monte Carlo analysis, the authors determined that by tuning the number of detected clicks ($N_{clicks}$) and the error tolerance threshold ($N_B$), the system can achieve an Equal Error Rate (EER) as low as $10^{-14}$.
• Security vs. Robustness Trade-off: The analysis reveals a trade-off where increasing the number of clicks significantly reduces the FAR (making cloning attacks practically infeasible) while slightly increasing the FRR. For instance, with specific parameters, the FAR could be reduced to $10^{-10}$ while maintaining an FRR of approximately $10^{-7}$.
• Cloning Resistance: The simulations indicate that even devices fabricated on the same wafer exhibit sufficient physical variability to be distinguished from the legitimate device with high confidence, provided a sufficient number of detection events are accumulated.

Significance
The paper claims that quantum-secure silicon photonic PUFs represent a promising platform for high-security authentication applications. By leveraging the uncontrollable nature of fabrication errors combined with foundational quantum security features (MMS and no-cloning), the proposed system offers a pathway to hardware-rooted security that is resistant to both classical emulation and quantum cloning attacks. The authors highlight that achieving EERs as low as $10^{-14}$ demonstrates the potential for these devices to serve in scenarios requiring extremely high security, such as secure communications and cryptographic key generation, while maintaining compatibility with standard integrated circuit manufacturing processes.