Showing total 1 results

1. True-Randomness and Pseudo-Randomness in Ring Oscillator-Based True Random Number Generators

Author

Nathalie Bochard, Florent Bernard, Viktor Fischer, Boyan Valtchanov, Laboratoire Hubert Curien [Saint Etienne] (LHC), Institut d'Optique Graduate School (IOGS)-Université Jean Monnet [Saint-Étienne] (UJM)-Centre National de la Recherche Scientifique (CNRS), This paper was partially supported by the Rhone-Alpes Region and Saint-Etienne Metropole, France, and Systèmes sur puces reconfigurables pour la sécurisation de données, SecReSoC, ANR-09-SEGI-013 Programme ARPEGE 2009,Systèmes sur puces reconfigurables pour la sécurisation de données, SecReSoC, ANR-09-SEGI-013 Programme ARPEGE 2009

Subjects

Clock Jitter, lcsh:Computer engineering. Computer hardware, Article Subject, Random number generation, Computer science, True Random Number Generators, Randomness Tests, Pseudo randomness, 020208 electrical & electronic engineering, lcsh:TK7885-7895, 02 engineering and technology, Ring oscillator, Topology, Ring Oscillators, [SPI.TRON]Engineering Sciences [physics]/Electronics, 020202 computer hardware & architecture, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Entropy (information theory), [INFO.INFO-ES]Computer Science [cs]/Embedded Systems, Entropy reduction, FPGA, Randomness, Statistical hypothesis testing

Abstract

12 pages; International audience; The paper deals with true random number generators employing oscillator rings, namely, with the one proposed by Sunar et al. in 2007 and enhanced by Wold and Tan in 2009. Our mathematical analysis shows that both architectures behave identically when composed of the same number of rings and ideal logic components. However, the reduction of the number of rings, as proposed by Wold and Tan, would inevitably cause the loss of entropy. Unfortunately, this entropy insufficiency is masked by the pseudo-randomness caused by XOR-ing clock signals having different frequencies. Our simulation model shows that the generator, using more than 18 ideal jitter-free rings having slightly different frequencies and producing only pseudo-randomness, will let the statistical tests pass. We conclude that a smaller number of rings reduce the security if the entropy reduction is not taken into account in post-processing.Moreover, the designer cannot avoid that some of rings will have the same frequency, which will cause another loss of entropy. In order to confirmthis, we show how the attacker can reach a state where over 25% of the rings are locked and thus completely dependent. This effect can have disastrous consequences on the system security.

Published

2010