Pierre Bayon scite author profile

Pierre Bayon

3Publications

108Citation Statements Received

54Citation Statements Given

How they've been cited

139

108

How they cite others

Affiliations

Laboratoire Hubert Curien, French National Centre for Scientific Research, Claude Bernard University Lyon 1

Publications

Order By: Most citations

Contactless Electromagnetic Active Attack on Ring Oscillator Based True Random Number Generator

Bayon

Bossuet

Aubert

et al. 2012

View full text Add to dashboard Cite

International audienceTrue random number generators (TRNGs) are ubiquitous in data security as one of basic cryptographic primitives. They are primarily used as generators of con fidential keys, to initialize vectors, to pad values, but also as random masks generators in some side channel attacks countermeasures. As such, they must have good statistical properties, be unpredictable and robust against attacks. This paper presents a contactless and local active attack on ring oscillators (ROs) based TRNGs using electromagnetic fields. Experiments show that in a TRNG featuring fifty ROs, the impact of a local electromagnetic emanation on the ROs is so strong, that it is possible to lock them on the injected signal and thus to control the monobit bias of the TRNG output even when low power electromagnetic fields are exploited. These results confi rm practically that the electromagnetic waves used for harmonic signal injection may represent a serious security threat for secure circuits that embed RO-based TRNG

show abstract

Fault model of electromagnetic attacks targeting ring oscillator-based true random number generators

Bayon¹,

Bossuet

Aubert

et al. 2015

J Cryptogr Eng

View full text Add to dashboard Cite

International audienceMany side channels including power consumption, electromagnetic emanation, optical radiation, and even sound have been studied since the first publication of a side channel attack at the end of the 1990s. Most of these channels can be relatively easily used for an overall analysis of the cryptographic system (implementation of efficient passive attacks) or for injection of faults. Until recently, only the optical channel allowed both analysis of locally leaked information and precise injection of faults (single-bit errors). Recent works showed that the near-field electromagnetic channel enables similar results to be obtained. Like the optical channel, the near-field electromagnetic channel allows both active and passive attacks, which, in addition, can be theoretically non-invasive and contactless. However, the cost of the attack bench that is needed to exploit the near-field electromagnetic channel is less than that of an optical channel. Recently, we showed that it is possible to use the near-field electromagnetic channel to perform an efficient active attack targeting the true random number generator (TRNG) based on ring oscillators. In cryptography, TRNGs are chiefly used to generate encryption keys and other critical security parameters, so the proposed active attack could have serious consequences for the security of the whole cryptographic system. Here, we present the coupling of a passive attack and an active attack. The proposed coupled attack first uses a spectral differential analysis of the TRNG electromagnetic radiation to obtain valuable information on the position of ring oscillators and their frequency range. This information is then used to tune the electromagnetic harmonic signal to temporarily synchronize the ring oscillators. In this paper, we propose a fault model of the entropy extractor which shows that the behavior of the ring oscillators changes, and that it occurs additional and unwanted “fake rising edges” of the clock signal which disturb the flip-flops involved in such TRNGs. The effectiveness of our proposed coupled attack questions the use of ring oscillators in the design of TRNGs

show abstract

Electromagnetic analysis on ring oscillator-based true random number generators

Bayon

Bossuet

Aubert

et al. 2013

View full text Add to dashboard Cite

Security of implementation of ciphers in hardware has already been well studied, nevertheless ciphers are not the only hardware block used for cryptography. True random number generators (TRNGs) are also significant cryptography blocks since they are used to provide secret keys, random protection masks, initial values to other security blocks such as ciphers. The security of TRNG implementations is thus of paramount importance. Recently, electromagnetic channel has been used to efficiently attack ring oscillator based TRNG by fault injection. The work presented in this paper shows that by analyzing electromagnetic emanation of the TRNG under attack in varying conditions, it is possible to obtain significant information on the TRNG such as its position and oscillator frequency, in order to improve the previously published electromagnetic attack.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Pierre Bayon

Contactless Electromagnetic Active Attack on Ring Oscillator Based True Random Number Generator

Fault model of electromagnetic attacks targeting ring oscillator-based true random number generators

Electromagnetic analysis on ring oscillator-based true random number generators

Contact Info

Product

Resources

About