Now Let's Make It Physical: Enabling Physically Trusted Certificate Issuance for Keyless Security in CAs

TL;DR

This paper introduces Armored Core, a PUF-based extension for PKI that enables physically trusted, keyless certificate issuance, enhancing security by preventing key exposure and integrating seamlessly with existing systems.

Contribution

It proposes a novel PUF-based method for keyless certificate signing and a transparency mechanism, advancing PKI security without digital keys.

Findings

Achieves keyless certificate issuance with improved security.

Enhances performance by up to 73.7%.

Maintains low communication and storage overhead (<4%).

Abstract

The signing key protection of Certificate Authorities (CAs) remains a critical challenge in PKI. Traditional approaches struggle to eliminate the risk of key exposure due to those (un)intentional human errors. This long-standing dilemma motivates us to propose Armored Core, a novel PKI security extension using the trusted binding of Physically Unclonable Function (PUF) for CAs. PUFs leverage manufacturing variations to generate unique and random responses. Combining with XOR and hash, they can make key exposure impossible for CAs through keyless certificate issuance. In Armored Core, we design a set of PUF-based X.509v3 certificate functions for CAs to generate physically trusted "signatures" without using a digital key. Moreover, we introduce a novel PUF transparency mechanism to effectively monitor the PUF operations in CAs. We integrate Armored Core into real-world PKI systems including Let's Encrypt Pebble and Certbot. We also provide a PUF-embedded hardware prototype. The evaluation results show that Armored Core can achieve keyless certificate issuance while improving the computation performance by 4.9%~73.7%. It only incurs small communication and storage overhead (<4%).