In the hands-on scenario, physical unclonable functions (PUFs) of various types can serve as great authentication tokens.
Their physical unclonability, combined with the verifier's ability to detect spoofing, makes it exceedingly hard for an attacker to create an object that will pass as a PUF clone.
However, hands-on authentication requires that the holder of the PUF relinquishes control of it, which may not be acceptable, especially if there is the risk that the verifier is an impostor.
The problem of spoofing in the hands-off case can be solved using two fundamental information-theoretic properties of quantum physics: Based on these principles, the following scheme was proposed.
[2] Steps 2-4 are repeated multiple times in order to exponentially lower the false accept probability.
The crucial point is that the attacker cannot determine what the actual challenge is, because that information is packaged in a "fragile" quantum state.
A continuous-variable quantum authentication of PUFs has been also proposed in the literature, which relies on standard wave-front shaping and homodyne detection techniques.
[3] Using the same techniques, an optical scheme for cryptographic commitments with physical unclonable functions has also been proposed in the literature.