2012
DOI: 10.1007/978-3-642-29912-4_12
|View full text |Cite
|
Sign up to set email alerts
|

Contactless Electromagnetic Active Attack on Ring Oscillator Based True Random Number Generator

Abstract: International audienceTrue random number generators (TRNGs) are ubiquitous in data security as one of basic cryptographic primitives. They are primarily used as generators of con fidential keys, to initialize vectors, to pad values, but also as random masks generators in some side channel attacks countermeasures. As such, they must have good statistical properties, be unpredictable and robust against attacks. This paper presents a contactless and local active attack on ring oscillators (ROs) based TRNGs using … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
85
0

Year Published

2015
2015
2023
2023

Publication Types

Select...
4
3
2

Relationship

3
6

Authors

Journals

citations
Cited by 99 publications
(85 citation statements)
references
References 7 publications
0
85
0
Order By: Relevance
“…It was shown in [12] that ring oscillators are sensitive to signal injection attack which lead to synchronization of the ring oscillators and a dramatic reduction in the entropy rate of the TRNG. Further analyses (see [2], [6]) showed that even in the absence of signal injection, ring oscillators can lock on small common harmonics of their frequency. It so happens that it is possible to internally compute small common harmonics of a couple of ring oscillators and, as a consequence, predict and detect the most probable frequency-lock occurrences.…”
Section: Experiments and Resultsmentioning
confidence: 99%
“…It was shown in [12] that ring oscillators are sensitive to signal injection attack which lead to synchronization of the ring oscillators and a dramatic reduction in the entropy rate of the TRNG. Further analyses (see [2], [6]) showed that even in the absence of signal injection, ring oscillators can lock on small common harmonics of their frequency. It so happens that it is possible to internally compute small common harmonics of a couple of ring oscillators and, as a consequence, predict and detect the most probable frequency-lock occurrences.…”
Section: Experiments and Resultsmentioning
confidence: 99%
“…Previous works on the electromagnetic attacks targeting true random number generators (TRNGs) showed that electromagnetic radiation can be used very efficiently for both active (fault injection [29]) and passive (side channel analysis [30]) attacks. Compared to power analysis, the attacker measuring the near-field electromagnetic emissions can obtain additional partial information about the device, since, unlike measurement of power consumption, electromagnetic radiation can be measured locally.…”
Section: Principlementioning
confidence: 99%
“…Moreover the electromagnetic test bench is not expensive (less than US$ 10K without an oscilloscope, which is the most expensive component). Last but not least, a spectral analysis of the electromagnetic radiation provides information on the oscillating structure such as a ring-oscillator [30]. For all these reasons, we use the electromagnetic channel for our IC/IP identification scheme.…”
Section: Principlementioning
confidence: 99%
“…For example, in [4] Markettos and Moore could manipulate "random" numbers generated in a secure commercial processor by injecting a periodic signal to its power supply. In [5], Bayon et al could manipulate numbers generated by a set of 50 ring oscillators even to a bigger extent by using strong electromagnetic fields. And in [6], Martin et al investigated the impact of power and clock glitches, temperature and underpowering on a TRNG design implemented on an FPGA.…”
Section: Introductionmentioning
confidence: 99%