Key Distribution for Post Quantum Cryptography using Physical Unclonable Functions

Lattice and code cryptography can replace existing schemes such as Elliptic Curve Cryptography because of their resistance to quantum computers. In support of public key infrastructures, the distribution, validation and storage of the cryptographic keys is then more complex to handle longer keys. This paper describes practical ways to generate keys from physical unclonable functions, for both lattice and code based cryptography. Handshakes between client devices containing the PUFs and a server are used to select sets of addressable positions in the PUFs, from which streams of bits called seeds are generated on demand. The public and private cryptographic key pairs are computed from these seeds together with additional streams of random numbers. The method allows the server to independently validate the public key generated by the PUF, and act as a certificate authority in the network. Technologies such as High performance computing, and graphic processing units can further enhance security by preventing attackers to make this independent validation when only equipped with less powerful computers.