The main problem they are trying to solve is how to prevent reading out the chip level unique ids that are saved in IC. They solve this by using consistency in quantum level imperfections to generate chip level unique ids.
I am more interested about the claim presented in the BBC article: "And the interesting thing is that you can't clone them. To clone them, you'd effectively have to measure [the fingerprints] atom-by-atom. You just can't do it."
Would this work because of the measurement uncertainty principle? I.e. you will change the state of something when you measure it? Or do they think that it is just too complicated to read out the key?
What follows is my definitely-not-expert analysis. I'll try to answer your questions as best I can.
=====
Before
=====
Traditional PUFs are considered "unclonable" because they rely on uncontrollable manufacturing variation. It's not that it's impossible to create a function which gives the same output (so, they're not really unclonable), it's that the function implemented by each chip's PUF is different, and reverse engineering it requires very expensive and invasive physical inspection of minute characteristics of each part of each chip's PUF. So, cloning is very difficult and expensive, and all this work would only get you one chip's clone.
This is usually good enough, because PUFs are (AFAIK) generally used[1] primarily to make each known good chip uniquely identifiable. If the manufacturer has a set of known challenge-response pairs for all chips they've ever made, counterfeiting[2] becomes virtually impossible. The best you can do is clone some authentic chip. If you just make your own chip, the manufacturer's DB doesn't contain your challenge-response pairs and you'll be found out. If you clone a chip, then first you have to buy each chip you wish to clone (so why bother counterfeiting?), then do expensive, invasive reverse engineering, then program your clone, and the end result is a clone of a chip you already have, and which appears to be older than the chip really is, not newer.
=====
Now
=====
This work seems to be the first steps for a smaller, "more unclonable" PUF. Supposedly, their PUF is so dependent on nanoscale properties that the sort of invasive physical investigation you would typically do now almost certainly modifies the function implemented. I think it's not about relying on the uncertainty principle: if it were, then the output of the PUF would not be deterministic, which is not what you want! Oh, and their PUF should be more compact than other PUFs (in terms of bits/μm2).
=====
So what
=====
I'm not really sure why this is in BBC News. PUFs are nothing new. The article touts the potential applications of PUFs, but doesn't explain how this construction is novel. I guess it's just a fluff piece to show their British readers that, "Hey, we're on the cutting edge of technology!"
[1] I suspect PUFs are also used to in Apple's newer iPhones as the "UID": input to a KDF for wrapping crypto keys, but this is pure speculation.
[2] The main kinds of counterfeits I hear people wanting to use PUFs to combat are a) unauthorized spins (the fab just makes more chips and sells them on the side), b) rebranded old chips (pop off a chip from some discarded electronics, sand the surface, print a new serial number, and present it as new), and c) actual counterfeit chips (entirely new designs purporting to implement the same functionality as some other chip).
If you clone a chip, then first you have to buy each chip you wish to clone (so why bother counterfeiting?)
Your maybe do not want to sell a lot of chips but only one chip to one specific buyer and also add some additional payload.
I think it's not about relying on the uncertainty principle: if it were, then the output of the PUF would not be deterministic, which is not what you want!
What I meant was that do they claim that their method works because you could not measure the quantum object without changing its state or they just say that it is just too complicated.
The main problem they are trying to solve is how to prevent reading out the chip level unique ids that are saved in IC. They solve this by using consistency in quantum level imperfections to generate chip level unique ids.
I am more interested about the claim presented in the BBC article: "And the interesting thing is that you can't clone them. To clone them, you'd effectively have to measure [the fingerprints] atom-by-atom. You just can't do it."
Would this work because of the measurement uncertainty principle? I.e. you will change the state of something when you measure it? Or do they think that it is just too complicated to read out the key?