CryptoDB
Viktor Fischer
Publications
Year
Venue
Title
2024
TCHES
Impact of the Flicker Noise on the Ring Oscillator-based TRNGs
Abstract
Ring Oscillators (RO) are often used in true random number generators (TRNG). Their jittered clock signal, used as randomness source, originates from thermal and flicker noises. While thermal noise jitter is generally used as the main source of randomness, flicker noise jitter is not due to its autocorrelation. This work aims at qualitatively settling the issue of the influence of flicker noise in TRNGs, as its impact increases in newer technology nodes. For this, we built a RO behavioural model, which generates time series equivalent to a jittered RO signal. It is then used to generate the output of an elementary RO-TRNG. Despite general expectations, the autocorrelation inside the output bit stream is reduced when the amplitude of flicker noise increases. The model shows that this effect is caused by the sampling of the jittered signal by the second oscillator, which hides the behaviour of the absolute jitter, causes resetting of the perceived phase, and suppresses any memory effect. The inclusion of flicker noise as a legitimate noise source can increase the TRNG output bit rate by a factor of four for the same output entropy rate. This observation opens new perspectives towards more efficient stochastic models of the RO-TRNGs.
2023
TCHES
Enhancing Quality and Security of the PLL-TRNG
Abstract
Field Programmable Gate Arrays (FPGAs) are used more and more frequently to implement cryptographic systems, which need random number generators (RNGs) to be embedded in the same device. The main challenge related to the implementation of a generator running inside FPGAs is that the physical source of randomness, such as jittered clock generator, is implemented in the configurable logic area, i.e. in the close vicinity of noisy running algorithms, which can have significant impact on generated numbers or even serve to attack the generator. A possible approach to prevent such influence is the use of Phase-Lock Loops (PLLs), which are separated from the re-configurable logic area inside the FPGA chip. In this paper, we propose a new architecture of the PLL-based TRNG including a method to avoid correlation in the output through control of timing in the sampling process, as well as new embedded tests based on the enhanced stochastic model. We also propose a workflow to help find the best parameters, such as output bitrate and entropy rate. We show that bitrates of around 400 kb/s or more can be achieved, while guaranteeing min-entropy rates per bit higher than 0.98 as required by the latest security standards.
2023
TCHES
Low Cost and Precise Jitter Measurement Method for TRNG Entropy Assessment
Abstract
Random number generators and specifically true random number generators (TRNGs) are essential in cryptography. TRNGs implemented in logic devices usually exploit the time instability of clock signals generated in freely running oscillators as source of randomness. To assess the performance and quality of oscillator-based TRNGs, accurate measurement of clock jitter originating from thermal noise is of paramount importance. We propose a novel jitter measurement method, in which the required jitter accumulation time can be reduced to around 100 reference clock periods. Reduction of the jitter accumulation time reduces the impact of the flicker noise on the measured jitter and increases the precision of the estimated contribution of thermal noise. In addition, the method can be easily embedded in logic devices. The fact that the jitter measurement can be placed in the same device as the TRNG is important since it can be used as a basis for efficient embedded statistical tests. In contrast to other methods, we propose a thorough theoretical analysis of the measurement error. This makes it possible to tune the parameters of the method to guarantee a relative error smaller than 12% even in the worst cases.
2019
JOFC
From Physical to Stochastic Modeling of a TERO-Based TRNG
Abstract
Security in random number generation for cryptography is closely related to the entropy rate at the generator output. This rate has to be evaluated using an appropriate stochastic model. The stochastic model proposed in this paper is dedicated to the transition effect ring oscillator (TERO)-based true random number generator (TRNG) proposed by Varchola and Drutarovsky (in: Cryptographic hardware and embedded systems (CHES), 2010, Springer, 2010 ). The advantage and originality of this model are that it is derived from a physical model based on a detailed study and on the precise electrical description of the noisy physical phenomena that contribute to the generation of random numbers. We compare the proposed electrical description with data generated in two different technologies: TERO TRNG implementations in 40 and 28 nm CMOS ASICs. Our experimental results are in very good agreement with those obtained with both the physical model of TERO’s noisy behavior and the stochastic model of the TERO TRNG, which we also confirmed using the AIS 31 test suites.
2018
TCHES
Evaluation and Monitoring of Free Running Oscillators Serving as Source of Randomness
Abstract
In this paper, we evaluate clock signals generated in ring oscillators and self-timed rings and the way their jitter can be transformed into random numbers. We show that counting the periods of the jittery clock signal produces random numbers of significantly better quality than the methods in which the jittery signal is simply sampled (the case in almost all current methods). Moreover, we use the counter values to characterize and continuously monitor the source of randomness. However, instead of using the widely used statistical variance, we propose to use Allan variance to do so. There are two main advantages: Allan variance is insensitive to low frequency noises such as flicker noise that are known to be autocorrelated and significantly less circuitry is required for its computation than that used to compute commonly used variance. We also show that it is essential to use a differential principle of randomness extraction from the jitter based on the use of two identical oscillators to avoid autocorrelations originating from external and internal global jitter sources and that this fact is valid for both kinds of rings. Last but not least, we propose a method of statistical testing based on high order Markov model to show the reduced dependencies when the proposed randomness extraction is applied.
Program Committees
- CHES 2020
- CHES 2018
- CHES 2017
- CHES 2016
- CHES 2010
- CHES 2009
Coauthors
- Elie Noumon Allini (1)
- Alain Aubert (1)
- Licinius Benea (1)
- Florent Bernard (5)
- Nathalie Bochard (2)
- Mikael Carmona (1)
- Abdelkarim Cherkaoui (1)
- Quentin Dallison (1)
- Milos Drutarovský (2)
- Laurent Fesquet (1)
- Viktor Fischer (10)
- Arturo Garay (1)
- Patrick Haddad (3)
- Marek Laban (1)
- David Lubicz (1)
- Jean Nicolai (2)
- Florian Pebay-Peyroula (1)
- Oto Petura (1)
- Maciej Skórski (2)
- Romain Wacquez (1)