Armored Core of PKI: Remove Signing Keys for CA via Physically Unclonable Function

The protection of CA's signing keys is one of the most crucial security concerns in PKI. However, these keys can still be exposed today by human errors or various carefully designed attacks. Traditional protections like TEE and HSM fail to eliminate this risk since they can be bypassed by skilled attackers. This dilemma motivates us to consider removing CA' signing keys and propose Armored Core, a PKI security extension applying the physically trusted binding provided by Physically Unclonable Function (PUF) for CA. CAs in Armored Core issue PUF-based X509v3 TLS certificates, where they use PUF instead of signing algorithms to generate endorsements for domain public keys. The new transparency logging mechanism, built upon CT, will record the PUF calling behaviors of CA, ensuring the monitoring of PUF usage. We provide a formal cryptographic proof of Armored Core's main functions. We also implement it on the real-world PKI codebase. The results show that the incorporation of Armored Core into original systems do not cause any extra overhead, but instead improves computing efficiency by >4.9% and saves >20% of certificate storage.