A Random Number Generator Using Ring Oscillators and SHA-256 as Post-Processing
Abstract
Today, cryptographic security depends primarily on having strong keys and keeping them secret. The keys should be produced by a reliable and robust to external manipulations generators of random numbers. To hamper different attacks, the generators should be implemented in the same chip as a cryptographic system using random numbers. It forces a designer to create a random number generator purely digitally. Unfortunately, the obtained sequences are biased and do not pass many statistical tests. Therefore an output of the random number generator has to be subjected to a transformation called post-processing. In this paper the hash function SHA-256 as post-processing of bits produced by a combined random bit generator using jitter observed in ring oscillators (ROs) is proposed. All components – the random number generator and the SHA-256, are implemented in a single Field Programmable Gate Array (FPGA). We expect that the proposed solution, implemented in the same FPGA together with a cryptographic system, is more attack-resistant owing to many sources of randomness with significantly different nominal frequencies.
References
A. Vassilev and T. A. Hall, “The importance of entropy to information security,”, IEEE Computer, pp. 78-81, February 2014.
W. T. Holman, J. A. Connelly, and A. B. Downlatabadi, “An integrated analog/digital random noise source,” IEEE Trans. Circuits and Syst. I, Fundam. Theory Appl., vol. 44, pp. 521-528, June 1997.
V. Bagini and M. Bucci, “A Design of reliable true random number generator for cryptographic applications,” in Proc. Workshop Cryptograph. Hardware Embed. Syst. CHES’1999, Heidelberg, 1999, LNCS 1717, pp. 204-218.
C. S. Petrie, J. A. Connelly, “The sampling of noise for random generation,” in Proceedings of the 50th International Symposium on Circuits and Systems ISCAS’1999, vol. 6, pp. VI-26-VI-29, 1999.
M. Bucci, L. Germani, R. Luzzi, P. Tommasimo, A. Trifiletti, and M. Varanonuovo, “A high-speed IC random-number source for smartcard microcontrollers,” IEEE Trans. Circuits and Syst. I, Fundam. Theory Appl., vol. 50, pp. 1373-1380, Nov. 2003.
J. Holleman, S. Bridges, B. P. Otis, and Ch. Diorio “A 3 μW CMOS true random number generator with adaptive floating-gate offset cancellation, IEEE J. of Solid-State Circuits,” vol. 43, pp. 1324-1336, May 2008.
M. J. Bellido et al., “A simple binary random number generator: New appoaches for CMOS VLSI,” in Proc. 35th Midwest Symp. Circuits Syst., vol. 1, pp. 127-129, 1992.
M. Epstein, L. Hars, R. Krasinski, M. Rosner, and H. Zheng, “Design and implementation of a true random number generator based on digital circuit artifacts,” in Proc. Workshop Cryptograph. Hardware Embed. Syst. CHES’2003, LNCS 2779, pp. 152-165, 2003.
I. Vasyltsov, E. Hambardzumyan, Y.-S. Kim, and B. Karpinskyy “Fast digital RBG based on metastable ring oscillator,” in Proc. Workshop Cryptograph. Hardware Embed. Syst. CHES’2008, LNCS 5154, pp. 164-180, 2008.
S. Srinivasan, S. Mathew, V. Erraguntla, and Krishnamurthy, “A 4Gbps 0.57pJ/bit Process-Voltage-Temperature Variation Tolerant All-Digital True Random Number Generator in 45nm CMOS,” in Proc. 22nd International Conference on VLSI Design, pp. 301-306, 2009.
M. Varchola and M. Drutarovsky, “New high entropy element for FPGA based true random number generators,” in Proc. Workshop Cryptograph. Hardware Embed. Syst. CHES’2010, LNCS 6225, pp. 351-365, 2010.
G. Bernstein and M. A. Lieberman, “Secure random number generation using chaotic circuits,” IEEE Trans. Circuits and Syst. vol. 37, pp. 1157-1164, Sept. 1990.
R. Bernardini and G. Cortelazzo, “Tools for designing chaotic systems for secure random number generation,” IEEE Trans. Circuits and Syst. I, Fundam. Theory Appl., vol. 48, pp. 552-564, May 2001.
T. Stojanovski and L. Kocarev, “Chaos-based random number generators – Part I: Analysis,” IEEE Trans. Circuits and Syst. I, Fundam. Theory Appl., vol. 48, pp. 281-288, March 2001.
T. Stojanovski, J. Pihl, and L. Kocarev, “Chaos-based random number generators – Part II: Practical realization,” IEEE Trans. Circuits and Syst. I, Fundam. Theory Appl., vol. 48, pp. 382-385, March 2001.
M. E. Yalçin, J. A. K. Suykens, and J. Vandewalle, “True bit generation from a double-scroll attractor,” IEEE Trans. Circuits and Syst. I, Regular Papers., vol. 51, pp. 1395-1404, July 2004.
S. Callegari, R. Rovatti, and G. Setti, “Embeddable ADC-based true random number generator for cryptographic applications exploiting nonlinear signal processing and chaos,” IEEE Trans. Signal Processing, vol. 53, pp. 793-805, Feb. 2005.
S. Callegari, R. Rovatti, and G. Setti, “First direct implementation of true random source on programmable hardware,” Int. J. Circ. Theor. Appl. vol. 33, pp. 1-16, 2005.
M. Drutarovsky and P. Galajda, “Chaos-based true random number generator embedded in a mixed-signal reconfigurable hardware,” J. Electrical Engineering, vol. 57, pp. 218-225, April 2006.
S. Ergün and S. Özog, “Truly random number generator based on a non-autonomous chaotic oscillator,” Int. J. Electronics and Commun., vol. 61, pp. 235-242, April 2007.
C. S. Petrie, J. A. Connelly, “Modelling and simulation of oscillator-based random number generators,” in Proceedings of the 47th International Symposium on Circuits and Systems ISCAS’1996, vol. 4, pp. 324-327, 1996.
C. S. Petrie and J. L. Connelly, “A noise-based IC rndom number generator for applications in Cryptography,” IEEE Trans. Circuits and Syst. I, Fundam. Theory Appl., vol. 47, pp. 615-621, May 2000.
M. Bucci, L. Germani, R. Luzzi, A. Trifiletti M. Varnonuovo, “A high-speed oscillator-based truly random number source for cryptographic applications on a smartcard IC,” IEEE Trans. on Computers, vol. 52, pp. 403-409, April 2003.
B. Jun, B. Kocher, “The Intel random number generator,” Cryptography Research Inc., San Francisco, CA, white paper for Intel Corp., April 1999. Available at: http://www.cryptography.com/resources,whitepapers/IntelRNG.pdf.
P. Kohlbrenner and K. Gay, “An embedded true random number generator for FPGAs,” in Proc. of the 2004 ACM/SIGDA 12th International Symposium on FPGAs, FPGA’04, pp. 71-77, 2004.
J. D. Golić, “New methods for digital generation and postprocessing of random data,” IEEE Trans., Comput., vol. 55, pp. 1217-1229, Oct. 2006.
M. Dichtl and J. D. Golić, „High speed true random number generation with logic gates only, in Proc. Workshop Cryptograph. Hardware Embed. Syst. CHES’2007, LNCS 4727, pp. 45-62, 2007.
B. Valtchanov, A. Aubert, F. Bernard, and V. Fischer, “Modeling and observing the jitter in ring oscillators implemented in FPGAs,” in Proc. of IEEE Workshop on Design and Diagnostics of Electronic Circuits and Systems, DDECS’08, pp. 1-6, 2008.
B. Valtchanov, V. Fischer, A. Aubert, and F. Bernard, “Characterization of randomness sources in ring oscillator-based true random number generators in FPGAs,” in Proc. of IEEE Workshop on Design and Diagnostics of Electronic Circuits and Systems, DDECS’10, pp. 48-53, 2010.
M. Baudet, D. Lubicz, J. Micolod, and A. Tassiaux, “On the security of oscillator-based random number generators,” J. Cryptology, vol. 24, pp. 398-425, 2011.
B. Sunar, W. J. Martin, and D. R. Stinson, “A provably secure true random number generator with built-in tolerance to active attacks,” IEEE Trans., Comput., vol. 56, pp. 109-119, Jan. 2007.
P. Wieczorek and K. Golofit, “Dual-Metastability Time-Competitive True Random Number Generator”, IEEE Trans. On Circuits and Systems, vol. 61, I. No. 1, pp. 134-145, 2014.
P. Kubczak, M. Jessa, and L. Matuszewski, “Random number generator exploiting metastability implemented in Xilinx FPGA,” Mesurement Automation and Monitoring (PAK), vol. 60, No. 7, pp. 450-452, 2014.
K. Wold and C. H. Tan, “Analysis and enhancement of random number generator in FPGA based on oscillator rings,” Int. J. of Reconfiugurable Computing, vol. 2009, pp. 1-8, 2009.
K. Wold and S. Petrović, “Optimizing speed of a true random number generator in FPGA by spectral analysis,” in Proc. of Fourth International Conference on Computer Sciences and Convergence Information Technology, ICCIT’09, pp. 1105-1110, 2009.
K. Wold and S. Petrović, “Security properties of oscillator rings in true random number generators,” in Proc. of 15th International Symposium on Components, Circuits, Devices and Systems, pp. 145-150, 2012.
M. Jessa and M. Jaworski, “Randomness of a combined RBG based on the ring oscillator sampling method,” Proc. of International Conference on Signals and Electronic Systems, ICSES’10, pp. 323-326, 2010.
M. Jessa and L. Matuszewski, “Enhancing the Randomness of a Combined True Random Number Generator Based on the Ring Oscillator Sampling Method,” Proc. of International Conference on ReConFigurable Computing and FPGAs, ReConFig’2011, , 2011, pp. 274-279, 2011.
M. Jessa and L. Matuszewski, “Producing random bits with delay-line-based ring oscillators,” Int. Journal of Electronics and Telecommunications, vol. 59, No. 1, pp. 41-50, 2013.
A. T. Markettos and S. M. Moore, “The frequency injection attack on ring-oscillator-based true random number generators,” in Proc. Workshop Cryptograph. Hardware Embed. Syst. CHES’2009, Sept., 2009, LNCS 5747, pp. 317-331.
Ü. Güler, S. Ergün, and G. Dündar, “A digital IC random number generator with logic gates only,” Proc. of 17th IEEE International Conference on Electronics, Circuits, and Systems (ICECS), Dec. 2010, pp. 239-242.
N. Bochard, F. Bernard, and V. Fischer, “Observing the randomness in RO-based RBG,“ in Proc. of International Conference on Reconfigurable Computing and FPGAs, ReConFig 2009, pp. 237-242, 2009.
S Markovski, ,D. Gligoroski, and L. Kocarev, “Unbiased Random Sequences from Quasigroup String Transformations”, 12th International Workshop, FSE 2005, Paris, France, February 21-23, 2005.
M. Bucci and R. Luzzi, “Fully digital random bit generators for cryptographic applications,” IEEE Trans. Circuits and Syst. I: Regular Papers, vol. 55, pp. 861-875, April 2008.
A. J. Menezes, P. C. van Oorschot, and S. C. Vanstone, Handbook of Applied Cryptography. Boca Raton: CRC, 1997.
Descriptions of SHA-256, SHA-384, and SHA-512 http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf.
A. Rukhin, J. Soto, J. Nechvatal, M. Smid, E. Barker, S. Leigh, M. Levenson, M. Vangel, D. Banks, A. Heckert, J. Dray, S. Vo, “A statistical test suite for random and pseudorandom number generators for cryptographic applications,” NIST special publication 800-22, Revised: April 2010, Available at: http://csrc.nist.gov/rng/.
Downloads
Published
Issue
Section
License
1. License
The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.
2. Author’s Warranties
The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.
3. User Rights
Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.
4. Rights of Authors
Authors retain the following rights:
- copyright, and other proprietary rights relating to the article, such as patent rights,
- the right to use the substance of the article in own future works, including lectures and books,
- the right to reproduce the article for own purposes, provided the copies are not offered for sale,
- the right to self-archive the article
- the right to supervision over the integrity of the content of the work and its fair use.
5. Co-Authorship
If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.
6. Termination
This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
7. Royalties
This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.
8. Miscellaneous
The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.
By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
