When it comes to Physical Unclonable Function (PUF), its fingerprints are all over a patent recently awarded to Dr. Donald Telesca, the chief of the Quantum Information Sciences and Technology Branch (RITQ) of the Air Force Research Lab (AFRL).
A PUF is a physical object whose operation can’t be "cloned" in a physical way, so, for a given input, it provides a physically defined "digital fingerprint" output that can act as a unique identifier.
For example, natural, random variations during the manufacturing of microchips can make it virtually impossible to duplicate an identifier that can be used to generate a secure key for protecting data. Although small, it’s a large part of Dr. Telesca’s patent, Individual Digital Access with Ternary States and One-Way Unclonable Functions to protect digital files.
“Your fingerprint is technically a PUF,” said Dr. Telesca, who has additional awarded patents connected to this technology. “There are patterns in nature that are PUFs. These are great sources of randomness. Entropy and randomness are important seeds for cryptography and encryption.”
The patent uses PUFs inside microchips to create secure keys for data protection. Because each piece of hardware is slightly different, it's like using a unique fingerprint to lock your information, making it much harder for hackers to steal it.
“The idea is that any encryption or cryptography gets seeded with something random; sometimes a random number generator, sometimes other sources of randomness,” Dr. Telesca said. “If you think about cryptography, the easiest example is, if I take my alphabet and shift each letter by two, when you see ‘A,’ you should actually read ‘Y.’ That's a really simple version of decoding.
“Today, we use advanced algorithms to create secure keys for encryption. These algorithms, such as RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography), are well-known and publicly documented. The keys generated by these algorithms vary depending on the specific algorithm used. To create a secure key, you need to start with a very random input. This randomness ensures that it's nearly impossible for someone to predict the output key. Since the initial input is unknown and unpredictable, the resulting key also remains secure, preserving the confidentiality of your encrypted data.”
Dr. Telesca and his team took things a step farther.
“What we came up with in this patent was a way to use this three-state method, because everything is typically two-state: binary, bits, zero and one,” he said. “Here, we have zero, one and two.
“That represents a different way to do processing and to think about it, but we were able to create this source of randomness utilizing the three different states. It was a way to seed the algorithms that nobody had ever done before, and this particular patent was a way to create an individual access ID to protect your information.”
To elaborate on Dr. Telesca’s patent, protecting digital content stored in terminal devices is done by encrypting the files with secret keys generated from one-way-unclonable functions, and PUFs are examples of such functions. They generate on-demand cryptographic keys with sets of instructions called challenges. The instructions are separated into two parts, a random number to find the addresses of the portion of the PUF needed for key generation and an Individual Digital Access (ID Access) information to generate the secret key from the selected addresses. The ID Access also contains individual instructions needed for key generation such as the desired electric conditions to bias the PUF.
“The random number is the seed,” Dr. Telesca said. “If someone has the seed and knows what encryption we're using and they have the ID, then they basically have your username and password. By having them sent separately or having one being derived separately, you maintain that security. It's a very simple way to describe it.”
This recently awarded patent was a result of Dr. Telesca’s collaboration with Dr. Bertrand Cambou, an applied physics and materials science professor at Northern Arizona (NAU). Dr. Cambou is a bit of a specialist when it comes to patents, as his NAU profile page references him having 80 granted and pending patents in nanotechnology and cybersecurity.
In Silicon Valley, Dr. Cambou was known for his influential role in the technology and semiconductor industries. He held significant leadership positions, including serving as the Chief Operating Officer of Gemplus International, a major smart card manufacturer, and executive vice president of the Memory Products Group at AMD (Advanced Micro Devices).
“Between 2015 and 2025, he was a professor at NAU, very interested in how to transition technologies from the laboratory to commercial industry,” Dr. Telesca said. “He functioned as a great mentor for me, helping me understand and think about technology.
“I'm a physicist. I did a lot of work in the laboratory early in my career. But the idea of taking that and thinking about scaling it up, thinking about these things as commercially viable or transitional for the military, was something he played a big role in showing me how to do.”
As of July 2025, Dr. Cambou was the chief executive officer and co-founder of High Entropy Security, a startup dedicated to the commercialization of the innovation developed in partnership between NAU and AFRL, including this new one.
If moved forward, the technology should add some security for those looking to protect their data. Some examples of potential uses cases would be:
- Prepaid content delivery: The service provider can deliver several encrypted files containing information such as movies, music, apps, maps and operating systems. The user receives the corresponding ID Access after paying the dues.
- Protected user manuals: The prepared set of instructions for a particular mission can vary as a function of a strategy that evolves due to changes in conditions. The users receive, as needed, the ID Access to open a particular portion of the user manual. An example of such a scheme would be pilots flying their plane, as it may not be desirable to lose the manual to hostile participants.
- Session key recovery: The message Mi can be a session key that is needed to get information from a service provider. The user uncovers the session key before reception of information from a service provider or from a server.
- Cooperative users: The server can concurrently send to User 2 the ID Access needed by User 1 to retrieve sub-key 2, and to User 1 the ID Access needed by User 2 to retrieve sub-key 1. The full key is generated by knowing both sub-keys. To cooperate, the two users exchange their respective ID Access, which enables both to retrieve the full key, which is used for secure communication.
- Securing interconnected IoTs: Nodes of IoTs such as controlling and metering elements in the grid, home hubs, smart sensors, are storing information that need to be constantly protected. The server can send to these nodes the pairs of random numbers and ID Access to encrypt and store the information from the one-way function. When needed, on-demand, the server can send ID Access again to retrieve the information.
- Authentication of the server: When operating in a zero-trust environment, the server can concurrently send to the user the ID Access that was previously used to encrypt and store file F, and a session key encrypted with the key that was used to encrypt F. If the server and the client device can communicate through messages encrypted with this key, the client device will know that the server possesses an image of its one-way unclonable function.
United States Patent Office Patent: #12,395,357
Patent License Agreements are offered through the Air Force Research Laboratory’s Technology Transfer and Transition (T3) program office. A comprehensive suite of T3 mechanisms for partnering with industry and academia is offered through the office. To find out how you can partner with the T3 Program, please visit https://www.aft3.af.mil. TechLink assists the Department of Defense and Veterans Affairs by actively marketing its available patented technologies to prospective companies and facilitating license agreements.