Abstract
True random number generators (TRNGs) are ubiquitous in data security as one of basic cryptographic primitives. They are primarily used as generators of confidential keys, to initialize vectors, to pad values, but also as random masks generators in some side channel attacks countermeasures. As such, they must have good statistical properties, be unpredictable and robust against attacks. This paper presents a contactless and local active attack on ring oscillators (ROs) based TRNGs using electromagnetic fields. Experiments show that in a TRNG featuring fifty ROs, the impact of a local electromagnetic emanation on the ROs is so strong, that it is possible to lock them on the injected signal and thus to control the monobit bias of the TRNG output even when low power electromagnetic fields are exploited. These results confirm practically that the electromagnetic waves used for harmonic signal injection may represent a serious security threat for secure circuits that embed RO-based TRNG.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Markettos, A.T., Moore, S.W.: The Frequency Injection Attack on Ring-Oscillator-Based True Random Number Generators. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 317–331. Springer, Heidelberg (2009)
Wold, K., Tan, C.H.: Analysis and Enhancement of Random Number Generator in FPGA Based on Oscillator Rings. In: International Conference on Reconfigurable Computing and FPGAs (ReConFig 2008), pp. 385–390 (2008)
Sunar, B., Martin, W.J., Stinson, D.R.: A Provably Secure True Random Number Generator with Built-In Tolerance to Active Attacks. IEEE Transactions on Computers 56(1), 109–119 (2007)
AIST, Side-channel Attack Standard Evaluation Board (SASEBO), http://staff.aist.go.jp/akashi.satoh/SASEBO/en/index.html
Dubois, T., Jarrix, S., Penarier, A., Nouvel, P., Gasquet, D., Chusseau, L., Azais, B.: Near-field electromagnetic characterization and perturbation of logic circuits. In: Proc. 3rd Intern. Conf. on Near-Field Characterization and Imaging (ICONIC 2007), pp. 308–313 (2007)
Poucheret, F., Tobich, K., Lisart, M., Robisson, B., Chusseau, L., Maurine, P.: Local and Direct EM Injection of Power into CMOS Integrated Circuits. In: Fault Diagnosis and Tolerance in Cryptography, FDTC 2011 (2011)
Poucheret, F., Robisson, B., Chusseau, L., Maurine, P.: Local ElectroMagnetic Coupling with CMOS Integrated Circuits. In: International Workshop on Electromagnetic Compatibility of Integrated Circuits, EMC COMPO 2011 (2011)
Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.X., Veyrat-Charvillon, N.: Mutual Information Analysis: A Comprehensive Study. Journal of Cryptology, 1–23 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bayon, P. et al. (2012). Contactless Electromagnetic Active Attack on Ring Oscillator Based True Random Number Generator. In: Schindler, W., Huss, S.A. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2012. Lecture Notes in Computer Science, vol 7275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29912-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-29912-4_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29911-7
Online ISBN: 978-3-642-29912-4
eBook Packages: Computer ScienceComputer Science (R0)