Self-timed Ring based True Random Number Generator: Threat model and countermeasures

Self-timed Ring based True Random Generators (STRNGs) extract randomness from the jitter of events evenly propagating in a Self-Timed Ring (STR) oscillator. Security of such generators is primarily based on an entropy assessment: an accurate model of the minimum entropy per output bit with physical measurement of the noise source. This assessment is reinforced with both entropy source monitoring and online testing of the output bits. This paper addresses the security of the STRNG. First we identify potential vulnerabilities on the generator and define a threat model. Based on this threat model, we analyze the effect of active attacks in analog simulations (in a 55 nm technology), and by emulating them in a high-level simulation model. Then, we propose simple and efficient countermeasures to thwart attacks focusing on the generator. Finally, we evaluate the output sequences before and after attacks to validate the proposed countermeasures.

[1]  Viktor Fischer,et al.  A Closer Look at Security in Random Number Generators Design , 2012, COSADE.

[2]  Scott M. Fairbanks High precision timing using self-timed circuits , 2009 .

[3]  Laurent Fesquet,et al.  Comparison of Self-Timed Ring and Inverter Ring Oscillators as entropy sources in FPGAs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[4]  Honorio Martín,et al.  Fault Attacks on STRNGs: Impact of Glitches, Temperature, and Underpowering on Randomness , 2015, IEEE Transactions on Information Forensics and Security.

[5]  Laurent Fesquet,et al.  High-Level Time-Accurate Model for the Design of Self-Timed Ring Oscillators , 2008, 2008 14th IEEE International Symposium on Asynchronous Circuits and Systems.

[6]  Laurent Fesquet,et al.  A Very High Speed True Random Number Generator with Entropy Assessment , 2013, CHES.

[7]  Simon W. Moore,et al.  The Frequency Injection Attack on Ring-Oscillator-Based True Random Number Generators , 2009, CHES.

[8]  Ivan E. Sutherland,et al.  Micropipelines , 1989, Commun. ACM.

[9]  Mark R. Greenstreet,et al.  Temporal Properties of Self-Timed Rings , 2001, CHARME.

[10]  Werner Schindler,et al.  A Design for a Physical RNG with Robust Entropy Estimators , 2008, CHES.

[11]  Bruno Robisson,et al.  Contactless Electromagnetic Active Attack on Ring Oscillator Based True Random Number Generator , 2012, COSADE.

[12]  Laurent Fesquet,et al.  A Self-Timed Ring Based True Random Number Generator , 2013, 2013 IEEE 19th International Symposium on Asynchronous Circuits and Systems.

[13]  Werner Schindler,et al.  Evaluation Criteria for True (Physical) Random Number Generators Used in Cryptographic Applications , 2002, CHES.