### On the security of oscillator-based random number generators

Mathieu Baudet, David Lubicz, Julien Micolod, and André Tassiaux

##### Abstract

Physical random number generators (a.k.a. TRNGs) appear to be critical components of many cryptographic systems. Yet, such building blocks are still too seldom provided with a formal assessment of security, in comparison to what is achieved for conventional cryptography. In this work, we present a comprehensive statistical study of TRNGs based on the sampling of an oscillator subject to phase noise (a.k.a. phase jitters). This classical layout, typically instantiated with a ring oscillator, provides a simple and attractive way to implement a TRNG on a chip. Our mathematical study allows one to evaluate and control the main security parameters of such a random source, including its entropy rate and the biases of certain bit patterns, provided that a small number of physical parameters of the oscillator are known. In order to evaluate these parameters in a secure way, we also provide an experimental method for filtering out the global perturbations affecting a chip and possibly visible to an attacker. Finally, from our mathematical model, we deduce specific statistical tests applicable to the bit stream of a TRNG. In particular, in the case of an insecure configuration, we show how to recover the parameters of the underlying oscillator.

Available format(s)
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
hardware random number generatorsring
Contact author(s)
david lubicz @ univ-rennes1 fr
History
2009-10-15: last of 2 revisions
See all versions
Short URL
https://ia.cr/2009/299

CC BY

BibTeX

@misc{cryptoeprint:2009/299,
author = {Mathieu Baudet and David Lubicz and Julien Micolod and André Tassiaux},
title = {On the security of oscillator-based random number generators},
howpublished = {Cryptology ePrint Archive, Paper 2009/299},
year = {2009},
note = {\url{https://eprint.iacr.org/2009/299}},
url = {https://eprint.iacr.org/2009/299}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.