A wide range of emerging devices and applications are delay-and/or resources-constrained but still require fast, lightweight, and robust authentication mechanisms. In this paper, we propose an unconditionally secure authentication framework via strong physically unclonable functions (PUFs). Strong PUFs generate a large number of challenge-response pairs on demand, which can reduce vulnerability to attacks designed to steal secrets stored in non-volatile memory. In our framework, the authentication problem is posed as a hypothesis test of the state of a switch. The switch could be at Bob, who is a legitimate user with a valid PUF, or at Willie, who is trying to gain unauthorized access to the system by predicting the PUF responses. We explore the basic limits of the formulated problem for both static and dynamic decisions and provide the optimal solutions when the error distributions of responses for both legitimate users and attackers are known. The optimal solutions are in the form of conditional challenge-based decision rules. In the case when partial information on the error distributions is available, we propose practical solutions and assess their performance measured by the error exponents for false authentication and false rejection. Finally, we demonstrate the performance of the proposed solutions using experimental data from a recently developed PUF design.