The rapid advance of manufacturing processes has provoked an accidental pathway to the creation of complex counterfeit components1. In tandem with this, there is an increasing menace from the processing power of modern computers, which can be utilised to mimic digital identities. Authenticating a device with a scheme such as certification2 requires the use of a secret key acting as an identity, which is typically stored on an integrated circuit (IC). However, it has been shown that invasive and non-invasive attacks have the capability of learning this key, as it must exist in a digital form on the chip and once compromised, an attacker can authenticate themselves as a legitimate device3. The IC can be protected by making it tamper-resistant, but this is expensive and difficult. Devices comprising randomness intrinsic to their fabrication can form the basis of solutions to the threat of hardware and software cloning, namely unique objects (UNOs) and physically unclonable functions (PUFs)4,5,6. These devices form an inseparable link between their physical structure and an identity, providing a robust building block from which a secure system can be built. UNO’s contain a unique fingerprint, with their security resting upon the impossibility of re-fabrication, with no restrictions on what an attacker may know about the internal structure or the fingerprint itself. Typical applications of UNOs include placing them on highly confidential documents such as bank notes, passports and access cards, where an attacker must be able to clone the subject to break their security. However, UNOs require a trusted external measurement apparatus every time fingerprint extraction is needed, which is undesirable.

PUFs are somewhat different, using disordered systems to derive a range of unique responses when challenged, which do not require digital storage. In addition to being used for low cost device authentication and identification, PUFs have several other uses, including secure key generation and binding software to hardware platforms. A method for using PUFs is demonstrated in Fig. 1a. A series of unique responses are generated by applying a variety of challenges to the PUF; these challenge-response pairs (CRPs) are used to authenticate the device7. Each CRP must be unique, unpredictable and repeatable whilst another device containing identical CRPs should be impossible to fabricate, even by the manufacturer. This approach requires a database where CRPs are recorded and used prior to each communication. Once used, a CRP is erased from the database; each pair being used just once. Moreover, a multiple CRP based authentication system requires a database that is large enough to meet security considerations. An alternative scheme, proposed by Koeberl et al., uses a single CRP to authenticate a device8. In this system the manufacturer stores a certificate which contains the sole response from the PUF within a signature signed with the manufacturer’s private key. When authentication is required, the PUFs response is re-measured, whilst the signature is verified with the manufacturer’s public key to extract the stored response. A check is then performed to determine whether the two values agree.

Figure 1 Schematic, working principle and quantum analogue of a physically unclonable function (PUF). (a) An example operating protocol for a PUF. A database of challenge (C n )-response (R n ) pairs is created by the manufacturer and stored online, the user can take a single entry from the database when required to check a device’s authenticity. (b) An optical PUF. The laser is dispersed by a three-dimensional object containing light scattering particles, this causes a two-dimensional speckled image to form and this pattern can be transformed into a one-dimensional key using hash functions. (c) Graphic of a conceptual UNO/PUF that relies on quantum-mechanical tunnelling through a quantum well containing imperfections (blue region). Full size image

PUFs can be separated into two main types, weak PUFs (also known as physically obfuscated keys—POKs) and strong PUFs. Weak PUFs generate keys from a small set of CRPs, with the total set available scaling polynomially with size and complexity. In this architecture, the derived key normally remains secret through an internal measurement in the embedding hardware. In an ideal scenario the device is made tamper-proof to prevent knowledge of the stored key being determined by external and invasive attacks. Strong PUFs have a highly complex input-output behaviour, with the available set of CRPs scaling exponentially; their security relies upon an attacker not being able to determine this behaviour. On the contrary to weak PUFs, an entity is free to access a strong PUF and query its input-output behaviour whilst remaining unable to predict the response of a random challenge even if they have measured a large subset of CRPs. In both PUF systems, the CRPs should be stable under repeated measurements and changing environmental conditions. A number of methods have been proposed to construct both UNOs and PUFs, including; scattering from an optical medium (illustrated in Fig. 1b)4, modes in silicon ring oscillators5, statistical delay variations between nominally identical paths9,10 and the state of static random access memories (SRAM) cells11,12. However, some constructions are vulnerable to simulation and cloning amongst other attacks. For example, an SRAM PUF was successfully cloned within a period of 20 hours by Helfmeier et al.13, arbiter PUFs and their evolutions have been shown to be susceptible to machine learning14 and a number of other PUFs have demonstrated vulnerabilities to side-channel attacks15.

As the size of a system reduces, a limit is reached at which quantum confinement starts to govern the properties of the system and here the nanostructure of the atomic layers can become crucial to its properties16. As the confined energy levels are extremely sensitive to these layers that contain millions of atoms, the probability of creating a unique device is extremely high due to the inherently random nature of the atomic positions and imperfections, as illustrated in the quantum well in Fig. 1c. Simulating these structures requires vast computing power and is not achievable on a reasonable timescale, even with a modest quantum computer17,18. When coupled with the fact that the underlying structure is unknown, unless dismantled atom-by-atom, this makes simulation extremely difficult. Given the impracticality of copying the device at the atomic level, such technology would provide near guaranteed unclonability. A quantum well represents the ‘least-unique’ quantum structure, with one dimension of confinement, but it enables us to demonstrate the proof-of-principle. The application of quantum phenomena in UNO/PUF-like architectures provides a means of harbouring a secret identity on the nanoscale in devices that can be incorporated in current microelectronic processes. This enables simple system integration whilst having lower size, weight and power footprints than current systems.

To realise a quantum mechanical UNO/PUF we use a simple device that can measure phenomenological properties arising from quantum confinement. The implementation of quantum tunnelling can be readily achieved by using a resonant tunnelling diode (RTD) containing a quantum well. These are double-barrier structures that allow electrons to tunnel through directly at voltages where the energy level within the quantum well lines up with the conduction band minimum. The confined energy level is exponentially sensitive to the width and height of the well and the barriers and as such on the atomic uniformity predominantly at the interfaces between layers19,20,21,23. A measurement to find currents corresponding to these energies can be made by sweeping the voltage through a range. As shown in Fig. 2c, the Stark shift that results from the application of a voltage across the diode causes the energy levels within the well to lower, moving into resonance with the conduction band minimum and resulting in a peak in current. This subsequently diminishes as the bias is increased. The resultant room-temperature spectrum from a typical device is shown in Fig. 2b.

Figure 2 Structure, I-V characteristic and band diagram of a resonant tunnelling diode (RTD). (a) Scanning electron microscopy image of a typical device (top) and a rendered counterpart of the cross-section through the red dashed line (bottom) with an inset showing the active region to highlight the important features of the sample; an InGaAs quantum well and barriers made of AlAs. (b) A representative I-V (red) and dI/dV (blue) spectrum from an RTD; the peak in current arises due to the resonance of the confined energy level with the conduction band minimum of the system (c) Schematic of the E-k structure of the quantum well as the voltage is increased, demonstrating the nature of resonant tunnelling. Full size image

Typical tunnelling devices exhibit variations of 5% or more in their I-V characteristics22. However, considerable effort has been made to produce highly uniform I-V spectra from tunnel barriers. State-of-the-art manufactured devices have only a 0.02 monolayer variation over an 8” wafer and result in a variation of less than 1% in their I-V characteristics (about a pre-specified mean)23. However, the devices presented in that work used the most commonly studied single barrier binary-binary structure and thus only rely on the order of two interfaces. The RTDs we present here use 2 barriers so depends on four interfaces whilst also incorporating a ternary material into the quantum well. The result is a much larger interfacial roughness at the two binary-ternary interfaces resulting in fluctuations in the position and width of the confined energy level from device–to-device19,21,24.

In this work we explore the distinct I-V characteristics that arise due to the sensitivity of the confined energy levels within quantum wells contained in resonant tunnelling diodes (RTDs)17,25,26 and show they can provide robust measurements for unique device applications without typical size restraints. Furthermore, the nanostructure within an RTD is impossible to clone with current techniques27,28.