cryptography

Noise-limited secret key agreement with twin optical physically unclonable functions

Curator's Take

This article shows that correlated optical physically unclonable functions can serve as a truly hardware‑based source of shared secret bits even in the presence of realistic noise, offering an information‑theoretic alternative to computational key‑exchange methods. By mapping out the noise regimes where secure sketches and near‑capacity error reconciliation succeed, it bridges recent advances in quantum‑resistant authentication with practical QKD deployments that need an initial pre‑shared key without a trusted third party. The work highlights both the promise of integrating twin optical PUFs into future quantum networks and the engineering challenges—such as environmental stability and fabrication tolerances—that must be mastered before large‑scale adoption.

— Mark Eatherly

Summary

We investigate the use of twin optical fingerprints derived from correlated physical unclonable functions (PUFs), as a hardware-based platform for cryptographic key generation and distribution. Each fingerprint is associated with a random, yet reproducible speckle pattern, generated when coherent light is scattered by a disordered optical structure. We consider a pair of correlated optical PUFs, and study the conditions under which two honest parties can establish a common secret key, despite fabrication-induced variability and environmental noise. An explicit information-theoretic key-agreement protocol is developed, incorporating secure sketches, error reconciliation, and privacy amplification. We quantify information leakage due to public helper data, and derive lower bounds on the length of the final secret key. The analysis identifies the noise regimes in which secure key agreement is feasible, and examines the performance of both practical and near-capacity reconciliation schemes. Finally, we discuss how twin optical PUFs could be integrated into quantum key distribution (QKD) networks, as a mechanism for establishing an initial pre-shared secret key between two honest users, without relying on computational assumptions or trusted third parties.