Out-of-Band Electromagnetic Injection Attack on a Quantum Random Number Generator

Random number generators underpin the security of current and future cryptographic systems and are therefore a likely target for attackers. Quantum random number generators have been hailed as the ultimate sources of randomness. However, as shown in this work, the susceptibility of the sensitive electronics required to implement such devices poses a serious threat to their security. We present an out-of-band electromagnetic injection attack on a photonic quantum random number generator through which an adversary can gain full control of the output. In our first experiment, the adversary forces the binary output of the generator to become an alternating string of 1s and 0s, with near 100% success. This attack may be spotted by a vigilant user performing statistical tests on their output strings. We therefore envisage a second more subtle attack in which the adversary forces the output to be a random pattern known to them, thus rendering any protection based on statistical tests ineffective.

[1]  L. Tian,et al.  Practical quantum random number generator based on measuring the shot noise of vacuum states , 2010 .

[2]  Honorio Martín,et al.  On the Entropy of Oscillator-Based True Random Number Generators under Ionizing Radiation , 2018, Entropy.

[3]  Rupesh Kumar,et al.  Homodyne-detector-blinding attack in continuous-variable quantum key distribution , 2018, Physical Review A.

[4]  Lilian Bossuet,et al.  Fault model of electromagnetic attacks targeting ring oscillator-based true random number generators , 2016, Journal of Cryptographic Engineering.

[5]  T. Symul,et al.  Maximization of Extractable Randomness in a Quantum Random-Number Generator , 2014, 1411.4512.

[6]  T. Symul,et al.  Real time demonstration of high bitrate quantum random number generation with coherent laser light , 2011, 1107.4438.

[7]  R. Dong,et al.  A generator for unique quantum random numbers based on vacuum states , 2010 .

[8]  Zhu Cao,et al.  Quantum random number generation , 2015, npj Quantum Information.

[9]  Tobias Steinle,et al.  Unbiased All-Optical Random-Number Generator , 2017, 1712.02254.

[10]  Q. Cai,et al.  Small imperfect randomness restricts security of quantum key distribution , 2018, Physical Review A.

[11]  Davide G. Marangon,et al.  Simple source device-independent continuous-variable quantum random number generator , 2019, Physical Review A.

[12]  Brenda Chng,et al.  Random numbers from vacuum fluctuations , 2016, 1602.08249.

[13]  Ingrid Verbauwhede,et al.  Hardware Designer's Guide to Fault Attacks , 2013, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[14]  Miguel Herrero-Collantes,et al.  Quantum random number generators , 2016, 1604.03304.

[15]  Honorio Martín,et al.  Fault Attacks on STRNGs: Impact of Glitches, Temperature, and Underpowering on Randomness , 2015, IEEE Transactions on Information Forensics and Security.

[16]  V. Scarani,et al.  The security of practical quantum key distribution , 2008, 0802.4155.

[17]  Hong Guo,et al.  6 Gbps real-time optical quantum random number generator based on vacuum fluctuation. , 2018, The Review of scientific instruments.

[18]  Pu Li,et al.  Parallel real-time quantum random number generator. , 2019, Optics letters.

[19]  T.H. Hubing,et al.  The Electromagnetic Compatibility of Integrated Circuits—Past, Present, and Future , 2009, IEEE Transactions on Electromagnetic Compatibility.

[20]  Qiang Zhou,et al.  Practical quantum random-number generation based on sampling vacuum fluctuations , 2017, Quantum Eng..

[21]  J. Torres,et al.  Random number generation by coherent detection of quantum phase noise. , 2020, Optics express.

[22]  I. Kanter,et al.  An optical ultrafast random bit generator , 2010 .

[23]  Bing Qi,et al.  Practical challenges in quantum key distribution , 2016, npj Quantum Information.

[24]  A. Uchida,et al.  Fast physical random bit generation with chaotic semiconductor lasers , 2008 .

[25]  Nathalie Bochard,et al.  True-Randomness and Pseudo-Randomness in Ring Oscillator-Based True Random Number Generators , 2010, Int. J. Reconfigurable Comput..

[26]  He Xu,et al.  Postprocessing for quantum random number generators: entropy evaluation and randomness extraction , 2012, ArXiv.

[27]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[28]  Kasper Bonne Rasmussen,et al.  Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses , 2019, IEEE Communications Surveys & Tutorials.

[29]  Paolo Villoresi,et al.  Source-Device-Independent Ultrafast Quantum Random Number Generation. , 2015, Physical review letters.

[30]  Jan Bouda,et al.  Weak randomness seriously limits the security of quantum key distribution , 2012 .

[31]  H. Bechmann-Pasquinucci,et al.  Quantum cryptography , 2001, quant-ph/0101098.

[32]  W.A. Radasky,et al.  Introduction to the special issue on high-power electromagnetics (HPEM) and intentional electromagnetic interference (IEMI) , 2004, IEEE Transactions on Electromagnetic Compatibility.

[33]  Paolo Villoresi,et al.  Source-device-independent heterodyne-based quantum random number generator at 17 Gbps , 2018, Nature Communications.