Authentication is an essential cryptographic primitive that confirms the identity of parties during communications. For security, it is important that these identities are complex, in order to make them difficult to clone or guess. In recent years, physically unclonable functions (PUFs) have emerged, in which identities are embodied in structures, rather than stored in memory elements. PUFs provide ‘digital fingerprints’, where information is usually read from the static entropy of a system, rather than having an identity artificially programmed in, preventing a malicious party from making a copy for nefarious use later on. Many concepts for the physical source of uniqueness of these PUFs have been developed for multiple different applications. While certain types of PUF have received a great deal of attention, other promising suggestions may be overlooked. To remedy this, we present a review that seeks to exhaustively catalogue and provide a complete organisational scheme towards the suggested concepts for PUFs. Furthermore, by carefully considering the physical mechanisms underpinning the operation of different PUFs, we are able to form relationships between PUF technologies that previously had not been linked, and look toward novel forms of PUF using physical principles that have yet to be exploited.