# Low-Complexity Nonlinear Self-Inverse Permutation for Creating Physically Clone-Resistant Identities

^{*}

## Abstract

**:**

## 1. Introduction

- In Section 3, the creation process of SUCs is presented in more details to make the paper self-contained.
- Then the basic algebra to be deployed for cipher construction is defined based on an expected future VLSI environment in Section 4.
- In Section 8, the hardware implementation complexities are evaluated.
- Finally, the resulting cipher structures and their attained security levels are discussed in Section 9.
- Section 10 concludes the results.

## 2. Background Motivation and State of the Art on Physical Unclonability

#### 2.1. PUFs Drawbacks and Disadvantages

- Inconsistent input-output behavior and consequently inconsistency in the PUF’s CR-pairs reproducibility.

- 2.
- Possible correlations in PUF CR-pairs allowing modeling attacks.
- 3.
- A limited or small number of possible distinct CR-pairs which simplifies cloning attacks.

#### 2.2. Counteracting the Drawbacks of PUFs

**Modeling Attack using Machine Learning (ML) Algorithms:**New PUF attacks based on modeling by machine learning (ML) were found as in [22] with alarming high prediction rates approaching 99%. The predictive models using ML techniques of various proposals of delay PUF are constructed with error ratios [22]: less than 1% for Arbiter PUFs, 1% for XOR Arbiter PUFs, 4.5% for Feed-Forward Arbiter PUFs, and less than 1% for Ring Oscillator PUFs.

#### 2.3. PUFs Use-Cases and Their Weaknesses

#### 2.4. Recent Alternatives to Analog PUFs

^{n}input-output pairs as plaintext-ciphertext pairs, where, n is the cipher input size.

**Example**

**1.**

^{n}input-output pairs as plaintext-ciphertext pairs, where,nis the cipher input size. Again, HDA or equivalent techniques are still required to stabilize the noisy responses of the used SRAM PUF. The overall hardware complexity results with quite high complexity [19]. In comparison, our SUC solution on the right-side substitutes all required components with unknown digital structures. No complex fuzzy extractor with limited consistency is required. Therefore, the proposed SUC-structures meet the lightweight design requirements for mass products.

**Example**

**2.**

## 3. The SUC Concept and Technology Background

_{1}, E

_{2}… E

_{σ}} are first created such that $\sigma \to \infty $ and offered for selection. Then, a single-event process triggers the FPGA-internal true random number generator (TRNG), leading to select randomly an unknown cipher choice E

_{j}from the infinite number σ of the created distinct ciphers. A TRNG hardware module is offered in virtually all modern FPGA devices fulfilling the NIST state of the art standard cryptographic requirements (see TRNG-module specifications in the used FPGA [34] in our proposed prototyping). After this process, all the dashed entities in Figure 3 are then irreversibly killed and fully removed from the chip. The self-reconfiguration in the chip is then irreversibly locked (by a flash bit or fuse) to prohibit any repetition of that single-event SUC creation process. That is the created SUC is not more removable or changeable forever like a DNA. This concept was described intensively in the last decade in our old publications [5,29,35].

#### 3.1. Creation Concept of Unknown Ciphers as Clone-Resistant Entities/Modules

**SUC creation phase:**

- A trusted authority (TA) injects one-time into a system-on-chip (SoC) device the software package “GENIE” as an SUC creator for a short time (as much time as required to create an unknown cipher, which is usually a few milliseconds).
- Then, the GENIE is internally triggered to generate/select a permanent and unpredictable secure cipher with the help of an internal, non-repeatable, unpredictable, and unknown bit stream from the in-chip TRNG.
- After creating an SUC, the GENIE is completely and irreversibly deleted. What remains is a non-removable, unchangeable and unknown operational cipher (as SUC) that nobody knows.

**SUC personalization phase:**

- 4.
- TA randomly selects a set $\left\{{x}_{1},\dots {x}_{T}\right\}$ of cleartext vectors out of the 2
^{n}possible combinations, where n is the size of the SUC input/output space in bits. - 5.
- TA stimulates the SoC device to encipher the cleartext vectors into the ciphertexts {y
_{1}, … y_{T}} using its SUC within the device. - 6.
- The resulting T-(x
_{i},y_{i}) pairs are stored as secret pairs in the individual (personal) device records by the TA. The records should be kept secret for later use.

_{t}is the bit size of the cipher’s secret key. Thus, the maximum number of distinct possible permutations is $\sigma <{2}^{n}!$ as ${2}^{n}!$ is the number of all possible {0,1}

^{n}to {0,1}

^{n}permutations. Therefore, in that case the number of possible selectable block ciphers of block size n is,

^{n}. This counteracts the lack of CR space in the case of traditional analog PUFs.

_{t}is a result of the TRNG

_{t}random sequence that is not known to anyone. Moreover, it is highly probable that for any two-time points t

_{1}and t

_{2},

**How to Use an SUC?**

_{A}device.

- A secret pair (x
_{i}, y_{i}) is randomly chosen from the TA’s secret records of SoC_{A}. Then, the TA challenges the SoC_{A}device by the cryptogram y_{i}over an insecure channel. - The SoC
_{A}device responds by sending the decrypted cleartext x’_{i}. - If x’
_{i}= x_{i}, then the SoC_{A}device is deemed to be authentic, and the pair (x_{i}, y_{i}) is then marked as a used pair and never used again avoiding replay attack for highest security.

#### 3.2. SUC Application Spectrum

## 4. Targeted SUCs Realization in Non-Volatile VLSI-FPGA Environment

- Designing a GENIE program as a “smart VLSI-designer” which can extend an existing FPGA design without violating the technology design rules.
- Designing a GENIE which can serve as an obedient “smart cipher creator” to fulfill all necessary security requirements to come-up with a really unknown and unpredictable cipher (SUC).

- Using unconsumed FPGA resources. In this case the p hardwired arithmetic addition and multiplication cores.
- To optimally deploy the technology resources in hiding the SUC structure’s keys and function parameters.

^{n}is adopted as the basic cipher algebra in ${\mathbb{Z}}_{{2}^{n}}$.

- 18 × 18 or double 9 × 9 signed multiplications (such as A [17:0] × B [17:0] or A [17:9] × B [17:9] + A [8:0] × B [8:0]).
- Supporting dot product; the multiplier computes: (A [8:0] × B [17:9] + A [17:9] × B [8:0]) × 29.
- Built-in addition, subtraction, and accumulation units to combine multiplication results efficiently.

- Designing huge classes of self-inverse permutation functions modulo 2
^{n}using multiplication as a major ciphering function. - Creating cascades of such permutations to create powerful (SUCs) to serve as “SUC-PUFs”.

## 5. Preliminaries on Crypto-Permutations

#### 5.1. Early Work on Permutation for Ciphering Stages

#### 5.2. Permutations

**Theorem**

**1.**

**Definition**

**1.**

**Theorem**

**2.**

- 1.
- $a=-1+{2}^{n-1}\cdot u$, where u is a unit in${\mathbb{Z}}_{{2}^{n}}$.
- 2.
- If n is even, then$b={2}^{r}\cdot v$, where:$r\ge n/2$and v a unit in${\mathbb{Z}}_{{2}^{n}}$.
- 3.
- If n is odd, then$b={2}^{r}v$, where:$r\ge (n-1)/2$and v a unit in${\mathbb{Z}}_{{2}^{n}}$.

**Lemma**

**1.**

**Proof.**

^{n-1}, suppose that x

_{0}≠ 0,2

^{n-1}is a fixed point. Then,

_{0}= 0 contradicts with the assumption x

_{0}≠ 0,2

^{n-1}. As a result, every self-inverse permutation polynomial of the previous class has no more than just the above given two fixed points x = 0,2

^{n-1}, Q.E.D. □

#### 5.3. T-Function Principles

**Definition**

**2.**

^{th}bit of its output depends only on the first, the second… and thei

^{th}bit of its inputs is called a T-function (short for triangular function).

- Negation$(-a\hspace{0.17em})\mathrm{mod}\hspace{0.17em}{2}^{n}$, Addition$(a+b)\hspace{0.17em}\mathrm{mod}\hspace{0.17em}{2}^{n}$.
- Subtraction$(a-b)\hspace{0.17em}\mathrm{mod}\hspace{0.17em}{2}^{n}$, Multiplication$(a\cdot b)\hspace{0.17em}\mathrm{mod}\hspace{0.17em}{2}^{n}$, and.
- The Boolean functions; Complement $\overline{a}$, OR $(a\vee b)\hspace{0.17em}$, and $(a\wedge b)\hspace{0.17em}$, and XOR $(a\oplus b)\hspace{0.17em}$,

**Lemma**

**2.**

**Theorem**

**3.**

**Definition**

**3.**

## 6. New Classes of Self-Inverse Permutations

**Definition**

**4.**

**Definition**

**5.**

**Lemma**

**3.**

**Lemma**

**4.**

- If$a=0\underset{n-1}{\underbrace{1\cdot \cdot \cdot 1}}$, then${a}^{2}\mathrm{mod}\hspace{0.17em}{2}^{n}=\underset{n-1}{\underbrace{0\cdot \cdot \cdot 0}}1=1$, and$(a+1)\mathrm{mod}\hspace{0.17em}{2}^{n}=1\underset{n-1}{\underbrace{0\cdot \cdot \cdot 0}}={2}^{n-1}$.
- If$a=\underset{n}{\underbrace{11\cdot \cdot \cdot 1}}$, then${a}^{2}\mathrm{mod}\hspace{0.17em}{2}^{n}=\underset{n-1}{\underbrace{0\cdot \cdot \cdot 0}}1=1$, $(a+1)\mathrm{mod}\hspace{0.17em}{2}^{n}=0$and$(a.u)\mathrm{mod}\hspace{0.17em}{2}^{n}={2}^{n}-u$
- If$u=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{i}{\underbrace{0\cdot \cdot \cdot 0}}$and$v=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{j}{\underbrace{0\cdot \cdot \cdot 0}}$are two even numbers, then$u\cdot v=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{i+j}{\underbrace{0\cdot \cdot \cdot 0}}$, where$i,j\le n$.
- If$b=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{r}{\underbrace{0\cdot \cdot \cdot 0}}$is an even number, then${b}^{k}\mathrm{mod}\hspace{0.17em}{2}^{n}=\underset{n}{\underbrace{0\cdot \cdot \cdot 0}}=0$for$k\cdot r\ge n$.

**Theorem**

**4.**

- 1.
- $a=0\underset{n-1}{\underbrace{1\cdot \cdot \cdot 1}}$or$a=\underset{n}{\underbrace{11\cdot \cdot \cdot 1}}$in${\mathbb{Z}}_{{2}^{n}}$
- 2.
- For n even,$b=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{r}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$r\ge {\scriptscriptstyle \frac{n}{2}}$
- 3.
- For n odd,$b=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{r}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$r\ge {\scriptscriptstyle \frac{n-1}{2}}$.

**Proof.**

^{n}on both sides results in,

**Theorem**

**5.**

- 1.
- $b=0\underset{n-1}{\underbrace{1\cdot \cdot \cdot 1}}$or$b=\underset{n}{\underbrace{11\cdot \cdot \cdot 1}}$in${\mathbb{Z}}_{{2}^{n}}$.
- 2.
- For n even,$a=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{i}{\underbrace{0\cdot \cdot \cdot 0}}$and$c=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{j}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$i,j\ge {\scriptscriptstyle \frac{n}{2}}$.
- 3.
- For n odd,$a=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{i}{\underbrace{0\cdot \cdot \cdot 0}}$and$c=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{j}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$i,j\ge {\scriptscriptstyle \frac{n-1}{2}}$.

**Proof.**

^{n}on both and from Lemma 4 sides results in:

**Theorem**

**6.**

- 1.
- $a=0\underset{n-1}{\underbrace{1\cdot \cdot \cdot 1}}$or$a=\underset{n}{\underbrace{11\cdot \cdot \cdot 1}}$in${\mathbb{Z}}_{{2}^{n}}$.
- 2.
- For n even,$b=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{r}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$r\ge {\scriptscriptstyle \frac{n}{2}}$.
- 3.
- For n odd,$b=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{r}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$r\ge {\scriptscriptstyle \frac{n-1}{2}}$.
- 4.
- D is an integer number.

**Proof.**

#### Practical significance of the SIQPFs of Theorem 6

**Theorem**

**7**

- 1.
- $b=0\underset{n-1}{\underbrace{1\cdot \cdot \cdot 1}}$or$b=\underset{n}{\underbrace{11\cdot \cdot \cdot 1}}$in${\mathbb{Z}}_{{2}^{n}}$.
- 2.
- For n even,$a=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{i}{\underbrace{0\cdot \cdot \cdot 0}}$and$c=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{j}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$i,j\ge {\scriptscriptstyle \frac{n}{2}}$.
- 3.
- For n odd,$a=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{i}{\underbrace{0\cdot \cdot \cdot 0}}$and$c=\begin{array}{c}1\\ 0\end{array}\cdot \cdot \cdot \begin{array}{c}1\\ 0\end{array}\underset{j}{\underbrace{0\cdot \cdot \cdot 0}}$in${\mathbb{Z}}_{{2}^{n}}$where$i,j\ge {\scriptscriptstyle \frac{n-1}{2}}$.
- 4.
- D is an integer number.

**Proof.**

## 7. Cardinality of Proposed SIQPF Classes

^{n}. Therefore, computing the number of distinct polynomial permutations over ${\mathbb{Z}}_{{2}^{n}}$, requires excluding equivalent cases.

_{n}be a set of all possible permutation polynomials resulting with distinct permutations over ${\mathbb{Z}}_{{2}^{n}}$. Keller et al. [57] presented a formula to determine the cardinality of P

_{n}. The cardinality of the set of all polynomial functions over different rings with some special conditions is presented in [58]. The formula which determines the cardinality of P

_{n}is given in [57,59] as follows:

^{k}divides s!.

**Lemma**

**5.**

_{0}where:

**Proof.**

**Definition**

**6.**

^{n}, if such polynomials satisfy the following condition [60]:

_{0}may include some equivalent permutation polynomials modulo 2

^{n}. The following definition appears to be useful for the targeted evaluation.

**Definition**

**7.**

^{n}with degree d ≤ 2

^{n}-1, is equal to the numbers of all possible permutation polynomials N

_{0}having the degree d ≤ 2

^{n}-1 excluding all distinct permutation polynomials | P

_{n}|. That is:

^{n}of degree at most 2

^{n}-1 for few selected small values ofn. It is noticed that for even smalln= 8 results with a huge number of equivalent permutation polynomials.

_{n}are known and $\lceil \cdot \rceil $ is the ceiling function. The formula in Equation (19) represents a necessary design rule for selecting such distinct permutation polynomials.

**Corollary**

**1.**

**Proof.**

_{1}| = 2

^{33}, |C

_{2}| = 2

^{65}, |C

_{3}| = 2

^{97}and |C

_{4}| = 2

^{129}.

## 8. Hardware and Complexity Evaluation of SUC Rounds

#### 8.1. Hardware Complexity

_{MACC}), LUTs (N

_{4LUT}) and DFFs (N

_{DFF}) for each class of SIQPFs and input data size in bits. Table 4 shows the required hardware resources (hardware complexity) as a function of the number of bits n for 1 ≤ n ≤ 32 bits for the permutation classes C

_{1}and C

_{2}. The complexities of the permutation classes C

_{3}and C

_{3}are slightly higher and are not included in this evaluation.

_{LUT/DFF}of class ($bx-c{x}^{2}$), for instance, is equal to 1.01, 1.009, and 1.1, when n =8, 17 and 32 respectively.

#### 8.2. Software Complexity

## 9. Proposed New SUC Constructions Based on Self-Inverse Permutations

#### 9.1. Possible Creation of an SUC as a Key-Alternating Cascade of SIQPFs

#### 9.1.1. Cardinality of the GENIE-Selectable SUCs

_{3}and/or C

_{4}. We select few possible random cipher selection strategies to evaluate the cardinality of all possible selectable SUCs.

- Fully selecting from the set containing all 4 classes

- The cardinality S of all classes of mappings is then:$$S=\left|{C}_{1}\right|+\left|{C}_{2}\right|+\left|{C}_{3}\right|+\left|{C}_{4}\right|=({2}^{{\scriptscriptstyle \raisebox{1ex}{$n+1$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)\left({2}^{\frac{n+1}{2}+1}+{2}^{\frac{{\left(n+1\right)}^{2}}{2}}\right)$$
- As each cipher utilizes $(r+1)$ keys of size n, the cardinality of keys is: ${2}^{n\times (r+1)}$
- The GENIE selects r-mappings randomly from S, hence there is r! possible placements of the mappings to build each cipher.

**Case**

**1.**

**Case**

**2.**

- B.
- Selecting fixed number of mappings from each class

- ${t}_{1}$ mappings (${P}_{i}$ s) from ${C}_{1}$
- ${t}_{2}$ mappings (${P}_{i}$ s) from ${C}_{2}$
- ${t}_{3}$ mappings (${P}_{i}$ s) from ${C}_{3}$
- ${t}_{4}$ mappings (${P}_{i}$ s) from ${C}_{4}$

**Case**

**3.**

**Case**

**4.**

#### 9.1.2. SUC Cloning Security Measure

^{34904}possible SUC-choices (without considering the key-choices) to be able to clone it. Notice that a part of the resulting ciphers in different cascade constellation may result with equal ciphers. That is, the cipher cardinality may be reduced to become 2

^{34904-d}, where d is hard to find. However d is expected to be cryptographically not significant.

#### 9.2. Security Evaluation of the Resulting SUCs

#### 9.3. Modeling Attack on the Proposed SUC

^{n}. However, storing 2

^{n}bits to build a model for an SUC is infeasible for ciphers with n > 80.

#### 9.4. Statistical Properties of the Resulting SUC

- SUC Diffusion Properties

Algorithm 1 Diffusion Test on the Proposed SUCs. |

Enter n = 32, cipher rounds r = 8, and select randomly one SIQPF P. |

Select randomly 10000 input values x(i), where i = 1, …, 10000. |

Determine the dependence matrix A; |

${A}_{ji}(P)={10}^{-4}{\displaystyle \sum _{i=1}^{10000}P({x}^{(i)})\oplus P({x}^{(i)}\oplus {e}_{j})}$, |

where, ${e}_{j}=({\delta}_{j1},{\delta}_{j2},\cdot \cdot \cdot ,{\delta}_{j32})$, ${\delta}_{ji}$ is a Kronecker’s delta. |

Return the average of A. |

- B.
- SUC Cipher Text Bit Frequency Distribution

_{i}=1. The ideal case corresponds to $P[{y}_{i}=1]=50\%$. To test this, 10000 random input/output pairs are used for selected SIPQF, where the predication of each output bit y

_{i}is given based on statistical distribution of $P[{y}_{i}=1]$. This procedure has been performed and repeated for 10 randomly selected SIPQF. Results in Figure 10 show a high unpredictability of the bit output y

_{i}, while $P[{y}_{i}=1]$ is close to 50%.

## 10. Conclusions

## Author Contributions

## Funding

## Conflicts of Interest

## References

- Kim, N.Y.; Rathore, S.; Ryu, J.H.; Park, J.H.; Park, J.H. A Survey on Cyber Physical System Security for IoT: Issues, Challenges, Threats, Solutions. J. Inf. Process. Syst.
**2018**, 14, 1361–1384. [Google Scholar] - Delvaux, J.; Peeters, R.; Gu, D.; Verbauwhede, I. A Survey on Lightweight Entity Authentication with Strong PUFs. ACM Comput. Surv.
**2015**, 48, 1–42. [Google Scholar] [CrossRef][Green Version] - Skorobogatov, S. Semi-Invasive Attacks: A New Approach to Hardware Security Analysis. Available online: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.228.2204&rep=rep1&type=pdf (accessed on 20 December 2019).
- Guajardo, J.; Kumar, S.S.; Schrijen, G.-J.; Tuyls, P. FPGA Intrinsic PUFs and Their Use for IP Protection. In Cryptographic Hardware and Embedded Systems—CHES 2007; Springer: Berlin, Germany, 2007; pp. 63–80. [Google Scholar]
- Adi, W.; Ouertani, N.; Hanoun, A.; Soudan, B. Deploying FPGA self-configurable cell structure for micro crypto-functions. In Proceedings of the 2009 IEEE Symposium on Computers and Communications, Sousse, Tunisia, 5–8 July 2009; pp. 348–354. [Google Scholar]
- Mulhem, S.; Adi, W. New Mathblocks-Based Feistel-Like Ciphers for Creating Clone-Resistant FPGA Devices. Cryptography
**2019**, 3, 28. [Google Scholar] [CrossRef][Green Version] - Babaei, A.; Schiele, G. Physical Unclonable Functions in the Internet of Things: State of the Art and Open Challenges. Sensors
**2019**, 19, 3208. [Google Scholar] [CrossRef] [PubMed][Green Version] - Maes, R.; Verbauwhede, I. Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions; Springer: Berlin, Germany, 2010; pp. 3–37. [Google Scholar]
- Pappu, R.; Recht, B.; Taylor, J.; Gershenfeld, N. Physical One-Way Functions. Science
**2002**, 297, 2026–2030. [Google Scholar] [CrossRef] [PubMed][Green Version] - Gassend, B.; Clarke, D.; van Dijk, M.; Devadas, S. Controlled physical random functions. In Proceedings of the 18th Annual Computer Security Applications Conference, Las Vegas, NV, USA, 9–13 December 2002. [Google Scholar]
- Adi, W. Autonomous Physical Secret Functions and Clone-Resistant Identification. In Proceedings of the 2009 Symposium on Bio-inspired Learning and Intelligent Systems for Security; Edinburgh, UK, 20–21 August 2009; pp. 83–88. [Google Scholar]
- Gassend, B.; Clarke, D.; van Dijk, M.; Devadas, S. Silicon physical random functions. In Proceedings of the 9th ACM conference on Computer and communications security—CCS ’02; Washington, DC, USA, 18–22 November 2002; p. 148. [Google Scholar]
- Marchand, C.; Bossuet, L.; Mureddu, U.; Bochard, N.; Cherkaoui, A.; Fischer, V. Implementation and Characterization of a Physical Unclonable Function for IoT: A Case Study With the TERO-PUF. IEEE Trans. Comput. Des. Integr. Circuits Syst.
**2018**, 37, 97–109. [Google Scholar] [CrossRef][Green Version] - Daihyun, L.; Lee, J.W.; Gassend, B.; Suh, G.E.; van Dijk, M.; Devadas, S. Extracting secret keys from integrated circuits. IEEE Trans. Very Large Scale Integr. Syst.
**2005**, 13, 1200–1205. [Google Scholar] [CrossRef] - Gołofit, K.; Wieczorek, P. Chaos-Based Physical Unclonable Functions. Appl. Sci.
**2019**, 9, 991. [Google Scholar] [CrossRef][Green Version] - Santiago, L.; Patil, V.C.; Prado, C.B.; Alves, T.A.O.; Marzulo, L.A.J.; Franca, F.M.G.; Kundu, S. Realizing strong PUF from weak PUF via neural computing. In Proceedings of the 2017 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT), Delft, The Netherlands, 2–10 October 2019; pp. 1–6. [Google Scholar]
- Santiago de Araújo, L.; Patil, V.C.; Prado, C.B.; Alves, T.A.O.; Marzulo, L.A.J.; França, F.M.G.; Kundu, S. Design of Robust, High-Entropy Strong PUFs via Weightless Neural Network. J. Hardw. Syst. Secur.
**2019**, 3, 235–249. [Google Scholar] [CrossRef] - Hou, S.; Guo, Y.; Li, S. A Lightweight LFSR-Based Strong Physical Unclonable Function Design on FPGA. IEEE Access
**2019**, 7, 64778–64787. [Google Scholar] [CrossRef] - Bhargava, M.; Mai, K. An efficient reliable PUF-based cryptographic key generator in 65nm CMOS. In Proceedings of the 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE), Dresden, Germany, 24–28 March 2014; pp. 1–6. [Google Scholar]
- Wang, Y.; Xi, X.; Orshansky, M. Lattice PUF: A Strong Physical Unclonable Function Provably Secure against Machine Learning Attacks. Available online: https://arxiv.org/pdf/1909.13441.pdf (accessed on 20 December 2019).
- Dodis, Y.; Ostrovsky, R.; Reyzin, L.; Smith, A. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM J. Comput.
**2008**, 38, 97–139. [Google Scholar] [CrossRef][Green Version] - Rührmair, U.; Sehnke, F.; Sölter, J.; Dror, G.; Devadas, S.; Jürgen, S. Modeling attacks on physical unclonable functions. In Proceedings of the 17th ACM conference on Computer and communications security—CCS ’10, Chicago, IL, USA, 4–8 October 2010; p. 237. [Google Scholar]
- Rührmair, U.; Busch, H.; Katzenbeisser, S. Strong PUFs: Models, Constructions, and Security Proofs. In Towards Hardware-Intrinsic Security. Information Security and Cryptography; Sadeghi, A.R., Naccache, D., Eds.; Springer: Berlin, Germany, 2010; pp. 79–96. [Google Scholar]
- Rührmair, U.; Sölter, J.; Sehnke, F. On the Foundations of Physical Unclonable Functions. 2009. Available online: http://www.crypto.rub.de/imperia/md/crypto/kiltz/ulrich_paper_40.pdf (accessed on 20 December 2019).
- Ruhrmair, U.; Solter, J.; Sehnke, F.; Xu, X.; Mahmoud, A.; Stoyanova, V.; Dror, G.; Schmidhuber, J.; Burleson, W.; Devadas, S. PUF Modeling Attacks on Simulated and Silicon Data. IEEE Trans. Inf. Forensics Secur.
**2013**, 8, 1876–1891. [Google Scholar] [CrossRef][Green Version] - Sadeghi, A.; Visconti, I.; Wachsmann, C. PUF-Enhanced RFID Security and Privacy. Available online: https://www.researchgate.net/profile/Ivan_Visconti/publication/265986050_PUF-enhanced_RFID_security_and_privacy/links/5723720208ae262228aa6ad3/PUF-enhanced-RFID-security-and-privacy.pdf (accessed on 20 December 2019).
- Calhoun, J.; Minwalla, C.; Helmich, C.; Saqib, F.; Che, W.; Plusquellic, J. Physical Unclonable Function (PUF)-Based e-Cash Transaction Protocol (PUF-Cash). Cryptography
**2019**, 3, 18. [Google Scholar] [CrossRef][Green Version] - Zhu, F.; Li, P.; Xu, H.; Wang, R. A Lightweight RFID Mutual Authentication Protocol with PUF. Sensors
**2019**, 19, 2957. [Google Scholar] [CrossRef] [PubMed][Green Version] - Fyrbiak, M.; Kison, C.; Jeske, M.; Adi, W. Combined HW-SW adaptive clone-resistant functions as physical security anchors. In Proceedings of the 2013 NASA/ESA Conference on Adaptive Hardware and Systems (AHS-2013), Torino, Italy, 24–27 June 2013; pp. 130–137. [Google Scholar]
- Mars, A.; Adi, W. Digitally Mutating NV-FPGAs into Physically Clone-Resistant Units. arXiv
**2019**, arXiv:1908.03898. Available online: https://arxiv.org/ftp/arxiv/papers/1908/1908.03898.pdf (accessed on 20 December 2019). [Google Scholar] - Mars, A.; Adi, W. New Family of Stream Ciphers as Physically Clone-Resistant VLSI-Structures. Cryptography
**2019**, 3, 11. [Google Scholar] [CrossRef][Green Version] - Mars, A.; Adi, W.; Mulhem, S.; Hamadaqa, E. Random stream cipher as a PUF-like identity in FPGA environment. In Proceedings of the 2017 Seventh International Conference on Emerging Security Technologies (EST), Canterbury, UK, 6–8 September 2017; pp. 209–214. [Google Scholar]
- Wu, J.; O’Neill, M. On Foundation and Construction of Physical Unclonable Functions. Available online: https://eprint.iacr.org/2010/171.pdf (accessed on 20 December 2019).
- SmartFusion2 SoC FPGAs. Available online: https://www.microsemi.com/product-directory/soc-fpgas/1692-smartfusion2 (accessed on 8 September 2019).
- Adi, W.; Zeitouni, S.; Huang, X.; Fyrbiak, M.; Kison, C.; Jeske, M.; Alnahhas, Z. IP-core protection for a non-volatile Self-reconfiguring SoC environment. In Proceedings of the 2013 IFIP/IEEE 21st International Conference on Very Large Scale Integration (VLSI-SoC); Istanbul, Turkey, 7–9 October 2013; pp. 252–255. [Google Scholar]
- Adi, W.; Soudan, B. Bio-Inspired Electronic-Mutation with genetic properties for Secured Identification. In Proceedings of the ECSIS Symposium on Bio-inspired, Learning, and Intelligent Systems for Security, Edinburgh, UK, 9–10 August 2007; pp. 133–136. [Google Scholar]
- Mulhem, S.; Mohammad, M.; Adi, W. A New Low-Complexity Cipher Class for Clone-Resistant Identities. In Proceedings of the 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia, 20–24 May 2019; pp. 971–976. [Google Scholar]
- Mulhem, S.; Zarrouk, R.; Adi, W. Security and Complexity Bounds of SUC-Based Physical Identity. In Proceedings of the 2018 NASA/ESA Conference on Adaptive Hardware and Systems (AHS), Edinburgh, UK, 6–9 August 2018; pp. 317–322. [Google Scholar]
- Adi, W.; Benkrid, K. Adaptive and evolvable hardware security architectures. In Proceedings of the 2010 NASA/ESA Conference on Adaptive Hardware and Systems, Anaheim, CA, USA, 15–18 June 2010; pp. 194–198. [Google Scholar]
- Adi, W.; Benkrid, K. Ultimate design security in self-reconfiguring non-volatile environments. In Proceedings of the 2010 NASA/ESA Conference on Adaptive Hardware and Systems, Anaheim, CA, USA, 15–18 June 2010; pp. 230–234. [Google Scholar]
- Adi, W.; Mulhem, S.; Mars, A. Secured remote sensing by deploying clone-resistant Secret Unknown Ciphers. In Proceedings of the 2017 IEEE International Conference on Consumer Electronics—Taiwan (ICCE-TW), Taipei, Taiwan, 12–14 June 2017; pp. 133–134. [Google Scholar]
- Hamadaqa, E.; Mulhem, S.; Mars, A.; Adi, W. Clone-Resistant Joint-Identity Technique for Securing Fleet Management Systems. In Proceedings of the 2018 NASA/ESA Conference on Adaptive Hardware and Systems (AHS), Edinburgh, UK, 6–9 August 2018; pp. 327–332. [Google Scholar]
- Mars, A.; Adi, W. New Concept for Physically-Secured E-Coins Circulations. In Proceedings of the 2018 NASA/ESA Conference on Adaptive Hardware and Systems (AHS), Edinburgh, UK, 6–9 August 2018; pp. 333–338. [Google Scholar]
- Bogdanov, A.; Knudsen, L.R.; Leander, G.; Paar, C.; Poschmann, A.; Robshaw, M.J.B.; Seurin, Y.; Vikkelsoe, C. PRESENT: An Ultra-Lightweight Block Cipher. In Cryptographic Hardware and Embedded Systems—CHES 2007; Springer: Berlin, Germany, 2007; pp. 450–466. [Google Scholar]
- Wu, W.; Zhang, L. LBlock: A Lightweight Block Cipher. In Proceedings of the Applied Cryptography and Network Security. In Proceedings of 9th International Conference, ACNS 2011, Nerja, Spain, 7–10 June 2011; pp. 327–344. [Google Scholar]
- Daemen, J.; Rijmen, V. The Design of Rijndael: AES—The Advanced Encryption Standard; Springer: Berlin, Germany, 2002. ISBN 978366204 7224.
- Liu, Y.; Rijmen, V.; Leander, G. Nonlinear diffusion layers. Des. Codes Cryptogr.
**2018**, 86, 2469–2484. [Google Scholar] [CrossRef] - Rivest, R.L. Permutation Polynomials Modulo 2w. Finite Fields Their Appl.
**2001**, 7, 287–292. [Google Scholar] [CrossRef][Green Version] - Singh, R.P.; Maity, S. Permutation Polynomials modulo pn. 2009. Available online: https://eprint.iacr.org/2009/393.pdf (accessed on 20 December 2019).
- Tapia-Recillas, H. Remarks on Self-Inverse Quadratic Permutation Polynomials 2010. Available online: http://www.m-hikari.com/ija/ija-2010/ija-17-20-2010/tapiaIJA17-20-2010.pdf (accessed on 20 December 2019).
- Sun, J.; Takeshita, O.Y. Interleavers for turbo codes using permutation polynomials over integer rings. IEEE Trans. Inf. Theory
**2005**, 51, 101–119. [Google Scholar] - Ryu, J.; Takeshita, O.Y. On Inverses for Quadratic Permutation Polynomials over Integer Rings. Available online: https://arxiv.xilesou.top/pdf/1102.2223.pdf (accessed on 20 December 2019).
- Ryu, J.; Takeshita, O.Y. On quadratic inverses for quadratic permutation polynomials over integer rings. IEEE Trans. Inf. Theory
**2006**, 52, 1254–1260. [Google Scholar] - Klimov, A.; Shamir, A. A New Class of Invertible Mappings. In Proceedings of the 4th International Workshop Redwood Shores, San Francisco Bay, CA, USA, 13–15 August 2002; pp. 470–483. [Google Scholar]
- Klimov, A.; Shamir, A. Cryptographic Applications of T-Functions. In Proceedings of the 10th Annual International Workshop, SAC 2003, Ottawa, ON, Canada, 14–15 August 2003; pp. 248–261. [Google Scholar]
- Klimov, A. Applications of T-functions in Cryptography. Ph.D. Thesis, Weizmann Institute of Science, Rehovot, Israel, 2005. [Google Scholar]
- Keller, G.; Olson, F.R. Counting polynomial functions $(\mod p^n)$. Duke Math. J.
**1968**, 35, 835–838. [Google Scholar] [CrossRef] - Zhang, Q. Polynomial functions and permutation polynomials over some finite commutative rings. J. Number Theory
**2004**, 105, 192–202. [Google Scholar] [CrossRef][Green Version] - Jiang, J.J.; Jun, J. On the number counting of polynomial functions. J. Math. Res. Expo.
**2010**, 30, 241–248. [Google Scholar] - Li, S. Null Polynomials modulo m. Available online: https://arxiv.xilesou.top/pdf/math/0510217.pdf (accessed on 20 December 2019).
- Biryukov, A.; Shamir, A. Structural Cryptanalysis of SASAS. In Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, Austria, 6–10 May 2001; pp. 395–405. [Google Scholar]
- Jakobsen, T.; Knudsen, L.R. The interpolation attack on block ciphers. In Proceedings of the 4th International Workshop, FSE’97, Haifa, Israel, 20–22 January 1997; pp. 28–40. [Google Scholar]
- Jakobsen, T. Cryptanalysis of block ciphers with probabilistic non-linear relations of low degree. In Proceedings of the 18th Annual International Cryptology Conference, Santa Barbara, CA, USA, 23–27 August 1998; pp. 212–222. [Google Scholar]
- Bogdanov, A.; Rosen, A. Pseudorandom Functions: Three Decades Later. In Tutorials on the Foundations of Cryptography. Information Security and Cryptography.; Lindell, Y., Ed.; Springer: Cham, Germany, 2017; pp. 79–158. ISBN 978-3-319-57048-8. [Google Scholar]
- Bogdanov, A.; Knudsen, L.R.; Leander, G.; Standaert, F.-X.; Steinberger, J.; Tischhauser, E. Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations. In Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, 15–19 April 2012; pp. 45–62. [Google Scholar]
- Steinberger, J. Improved Security Bounds for Key-Alternating Ciphers via Hellinger Distance, 2012. Available online: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.449.4664&rep=rep1&type=pdf (accessed on 20 December 2019).
- Lampe, R.; Patarin, J.; Seurin, Y. An Asymptotically Tight Security Analysis of the Iterated Even-Mansour Cipher. In Proceedings of the 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, 2–6 December 2012; pp. 278–295. [Google Scholar]
- Chen, S.; Steinberger, J. Tight Security Bounds for Key-Alternating Ciphers. In Proceedings of the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, 11–15 May 2014; pp. 327–350. [Google Scholar]
- Xu, T.; Potkonjak, M. Robust and flexible FPGA-based digital PUF. In Proceedings of the 2014 24th International Conference on Field Programmable Logic and Applications (FPL), Munich, Germany, 2–4 September 2014; pp. 1–6. [Google Scholar]

**Figure 3.**Key idea for generating a Secret Unknown Cipher (SUC) [6]. FPGA = Field Programmable Gate Arrays; TRNG = true random number generator.

**Figure 4.**Mutating a Secret Unknown Cipher (SUC) into a system-on-chip (SoC) device [6].

**Figure 5.**Two-way identification protocol over an insecure channel [6].

**Figure 6.**Sample functional layout after creating an SUC in an FPGA device [6].

${\mathbf{\mathbb{Z}}}_{{2}^{\mathit{n}}}$ | # of Distinct PPs (15) | # of Equivalent PPs N _{0} - |P_{n}| |
---|---|---|

n = 4 | 2^{13} | 2^{48.8} |

n = 6 | 2^{29} | 2^{321} |

n = 8 | 2^{47} | 2^{17923} |

${\mathbf{\mathbb{Z}}}_{{2}^{\mathit{n}}}$ | $\mathbf{Maximum}\text{}\mathbf{Degree}\tilde{\mathit{d}}$ |
---|---|

n = 4 | 3 |

n = 5 | 4 |

n = 6 | 5 |

n = 7 | 5 |

n = 8 | 6 |

$\mathbf{Class}\text{}\mathbf{of}\text{}\mathbf{SIPFs}\text{}\mathbf{in}\text{}{\mathbf{\mathbb{Z}}}_{{2}^{\mathit{n}}}\text{}$ | Cardinality | |
---|---|---|

n: Even | n: Odd | |

C_{1}:$P(x)=ax{\scriptscriptstyle \frac{\oplus}{+}}b{x}^{2}$ | $\ge 2({2}^{{\scriptscriptstyle \raisebox{1ex}{$n$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)$ | $\ge 2({2}^{{\scriptscriptstyle \raisebox{1ex}{$n+1$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)$ |

C_{2}:$P(x)=a{\scriptscriptstyle \frac{\oplus}{+}}bx{\scriptscriptstyle \frac{\oplus}{+}}c{x}^{2}$ | $\ge 2{({2}^{{\scriptscriptstyle \raisebox{1ex}{$n$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)}^{2}$ | $\ge 2{({2}^{{\scriptscriptstyle \raisebox{1ex}{$n+1$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)}^{2}$ |

C_{3}:$P(x)=ax{\scriptscriptstyle \frac{\oplus}{+}}b({x}^{2}\vee D)$ | $\ge {2}^{n+1}({2}^{{\scriptscriptstyle \raisebox{1ex}{$n$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)$ | $\ge {2}^{n+1}({2}^{{\scriptscriptstyle \raisebox{1ex}{$n+1$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)$ |

C_{4}:$P(x)=a{\scriptscriptstyle \frac{\oplus}{+}}bx{\scriptscriptstyle \frac{\oplus}{+}}c({x}^{2}\vee D)$ | $\ge {2}^{n+1}{({2}^{{\scriptscriptstyle \raisebox{1ex}{$n$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)}^{2}$ | $\ge {2}^{n+1}{({2}^{{\scriptscriptstyle \raisebox{1ex}{$n+1$}\!\left/ \!\raisebox{-1ex}{$2$}\right.}}-1)}^{2}$ |

**Table 4.**Hardware complexity. LUT = Look-Up Tables; DFF = D-Flip Flops; N

_{MACC}= number of MACCs; N

_{4LUT}= number of Look-Up Tables; N

_{DFF}= number of D-Flip Flops.

$a+bx+c{x}^{2}$ | ${N}_{MACC}=2U(n-3)+U(n-9)+6U(n-18)$ |

$\begin{array}{ll}{N}_{4LUT}& =U(n-1)+3U(n-2)+69U(n-3)\\ & +36U(n-9)\hspace{0.17em}\hspace{0.17em}+(2n+217)U(n-18)\end{array}$ | |

${N}_{DFF}=72U(n-3)+36U(n-9)+216U(n-18)$ | |

$a+bx-c{x}^{2}$ | ${N}_{MACC}=3U(n-3)+6U(n-18)$ |

$\begin{array}{ll}{N}_{4LUT}& =U(n-1)+3U(n-2)+109U(n-3)\\ & +4U(n-4)\hspace{0.17em}+(2n+217)U(n-18)\end{array}$ | |

${N}_{DFF}=108U(n-3)+216U(n-18)$ | |

$bx+c{x}^{2}$ | ${N}_{MACC}=2U(n-3)+U(n-9)+6U(n-18)$ |

$\begin{array}{ll}{N}_{4LUT}& =U(n-1)+2U(n-2)+70U(n-3)\\ & +36U(n-9)\hspace{0.17em}+(n+217)U(n-18)\end{array}$ | |

${N}_{DFF}=72U(n-3)+36U(n-9)+216U(n-18)$ | |

$bx-c{x}^{2}$ | ${N}_{MACC}=3U(n-3)+U(n-9)+9U(n-18)$ |

$\begin{array}{ll}{N}_{4LUT}& =U(n-1)+2U(n-2)+109U(n-3)\\ & -3U(n-4)+(n+217)U(n-18)\end{array}$ | |

${N}_{DFF}=108U(n-3)+216U(n-18)$ | |

$a+bx\oplus c{x}^{2}$ | ${N}_{MACC}=3U(n-3)+9U(n-18)$ |

$\begin{array}{ll}{N}_{4LUT}& =U(n-1)+2U(n-2)+(n+109)U(n-3)\\ & +(n+199)U(n-18)\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\hspace{0.17em}\end{array}$ | |

${N}_{DFF}=108U(n-3)+216U(n-18)$ | |

$bx\oplus c{x}^{2}$ | ${N}_{MACC}=3U(n-3)+9U(n-18)$ |

$\begin{array}{ll}{N}_{4LUT}& =U(n-1)+3U(n-2)+(n+105)U(n-3)\\ & +(n+216)U(n-18)\end{array}$ | |

${N}_{DFF}=108U(n-3)+216U(n-18)$ |

SIPFs | Total Cost | ||||
---|---|---|---|---|---|

n = 8 | n = 17 | n = 32 | R_{LUT/DFF}, n = 32 | ||

$a+bx+c{x}^{2}$ | N_{MACC} | 2 | 3 | 9 | 1.2 |

N_{4LUT} | 73 | 109 | 390 | ||

N_{DFF} | 72 | 108 | 324 | ||

$a+bx-c{x}^{2}$ | N_{MACC} | 3 | 3 | 9 | 1.2 |

N_{4LUT} | 109 | 109 | 390 | ||

N_{DFF} | 108 | 108 | 324 | ||

$bx+c{x}^{2}$ | N_{MACC} | 2 | 3 | 9 | 1.1 |

N_{4LUT} | 73 | 109 | 357 | ||

N_{DFF} | 72 | 108 | 324 | ||

$bx-c{x}^{2}$ | N_{MACC} | 3 | 3 | 9 | 1.1 |

N_{4LUT} | 73 | 109 | 358 | ||

N_{DFF} | 72 | 108 | 324 | ||

$a+bx\oplus c{x}^{2}$ | N_{MACC} | 3 | 3 | 9 | 1.1 |

N_{4LUT} | 117 | 126 | 357 | ||

N_{DFF} | 108 | 108 | 324 | ||

$bx\oplus c{x}^{2}$ | N_{MACC} | 3 | 3 | 9 | 1.2 |

N_{4LUT} | 117 | 126 | 389 | ||

N_{DFF} | 108 | 108 | 324 |

SIPFs | Total Cost | |
---|---|---|

n = 16 | n = 32 | |

$bx+c{x}^{2}$ | 36 bytes 15 cycles | 28 bytes 13 cycles |

$bx-c{x}^{2}$ | 36 bytes 15 cycles | 28 bytes 13 cycles |

$bx\oplus c{x}^{2}$ | 84 bytes 29 cycles | 36 bytes 16 cycles |

$a+bx+c{x}^{2}$ | 60 bytes 22 cycles | 36 bytes 18 cycles |

$a+bx-c{x}^{2}$ | 76 bytes 27 cycles | 36 bytes 18 cycles |

$a+bx\oplus c{x}^{2}$ | 100 bytes 34 cycles | 44 bytes 19 cycles |

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Mulhem, S.; Mars, A.; Adi, W. Low-Complexity Nonlinear Self-Inverse Permutation for Creating Physically Clone-Resistant Identities. *Cryptography* **2020**, *4*, 6.
https://doi.org/10.3390/cryptography4010006

**AMA Style**

Mulhem S, Mars A, Adi W. Low-Complexity Nonlinear Self-Inverse Permutation for Creating Physically Clone-Resistant Identities. *Cryptography*. 2020; 4(1):6.
https://doi.org/10.3390/cryptography4010006

**Chicago/Turabian Style**

Mulhem, Saleh, Ayoub Mars, and Wael Adi. 2020. "Low-Complexity Nonlinear Self-Inverse Permutation for Creating Physically Clone-Resistant Identities" *Cryptography* 4, no. 1: 6.
https://doi.org/10.3390/cryptography4010006