This work formalizes, for the first time, the “communication-capable malicious PUF” model—where a PUF interacts remotely with an adversary but is stateless (i.e., accepts inputs only and produces no autonomous outputs)—in the context of communication-oriented malicious PUFs. Method: We rectify critical security flaws in prior ideal extractable commitment schemes under this new model, and propose the first universally composable (UC)-secure PUF-based commitment scheme. Our approach features a state-restricted yet practical construction, introduces novel security properties, and employs a parallelized protocol built upon an enhanced compilation framework, accompanied by a rigorous UC security proof. Contribution/Results: The scheme achieves significant efficiency improvements and, for the first time, precisely characterizes how a PUF’s communication capability and statelessness jointly constrain cryptographic security. It provides the first theoretically sound, UC-secure foundation for deploying PUFs as trusted primitives in cryptographic protocols.

In this work, we explore the possibility of universally composable (UC)-secure commitments using Physically Uncloneable Functions (PUFs) within a new adversarial model. We introduce the communicating malicious PUFs, i.e. malicious PUFs that can interact with their creator even when not in their possession, obtaining a stronger adversarial model. Prior work [ASIACRYPT 2013, LNCS, vol. 8270, pp. 100-119] proposed a compiler for constructing UC-secure commitments from ideal extractable commitments, and our task would be to adapt the ideal extractable commitment scheme proposed therein to our new model. However, we found an attack and identified a few other issues in that construction, and to address them, we modified the aforementioned ideal extractable commitment scheme and introduced new properties and tools that allow us to rigorously develop and present security proofs in this context. We propose a new UC-secure commitment scheme against adversaries that can only create stateless malicious PUFs which can receive, but not send, information from their creators. Our protocol is more efficient compared to previous proposals, as we have parallelized the ideal extractable commitments within it. The restriction to stateless malicious PUFs is significant, mainly since the protocol from [ASIACRYPT 2013, LNCS, vol. 8270, pp. 100-119] assumes malicious PUFs with unbounded state, thus limiting its applicability. However it is the only way we found to address the issues of the original construction. We hope that in future work this restriction can be lifted, and along the lines of our work, UC-secure commitments with fewer restrictions on both the state and communication can be constructed.