on the security of oscillator-based random number generatorsasync/ccis/talk_12/lubicz_talk.pdf ·...
TRANSCRIPT
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
On the security of oscillator-based random
number generators
Mathieu Baudet David Lubicz Julien Micolod André
Tassiaux
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Outline
1 RNG and cryptography
2 Experiments on ring oscillators
3 Differential measure
4 Statistical analysis
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Introduction
Random Number Generators (RNGs) are crucial components
for the security of cryptographic systems. Typical usages
include
key generation,
initialization vectors or
counter measures against side-channel attacks.
But it is not easy to design hardware-based RNGs with a
proved entropy rate.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Ring oscillators I
A source of randomness commonly used in FPGA and ASIC
implementations of TRNGs :
instability of signal propagation time across logic gates;
accumulated in so-called ring oscillators, consisting in a
series of inverters or delay elements connected in a ring.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Ring oscillators II
The phase jitter of a ring oscillator is then extracted by means
of a sampling unit.
Oscillateur A
Oscillateur B Q’
QD
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Classical approach
The classical approach goes through the following steps:
design a source of randomness;
test it using a general purpose test suite (NIST for
instance);
tune the parameters of the GDA so that it passes the
statistical tests.
Not a satisfying approach since it does not guaranty the
entropy rate of the generator.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Goals
The goal of our work is to obtain:
a comprehensive statistical model of such a basic random
unit;
an experimental protocol to obtain a precise assessment of
the parameters of the statistical model;
the probabilities to output certain bit patterns and the
entropy rate of the generator;
design statistical tests to check the good operation of the
generator.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Ring oscillators
We would like to verify that:
the frequency of the clock signal is subject to small random
variations;
these variations add up like in a random walk.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Experimental device I
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Experimental device II
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Oscilloscope output
-80
-60
-40
-20
0
20
40
60
80
0 1000 2000 3000 4000 5000 6000 7000 8000 9000 10000
"./plot/C2gda100Mo00000.trc.raw"
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Oscilloscope output (more detailed)
-80
-60
-40
-20
0
20
40
60
80
0 100 200 300 400 500 600 700 800 900 1000
"./plot/C2gda100Mo00000.trc.raw"
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Experiments
We obtain:
~t = (t0, . . . , tn), increasing sequence of flipping times;
xk = tk+1 − tk , mX = E(Xk ) and variance s2X = V(Xk).
In order to measure very small jitters we let
Vs(ℓ) = V̂(tℓ − t0, t2ℓ − tℓ, . . . , t⌊ nℓ⌋ ℓ − t(⌊ n
ℓ⌋−1) ℓ) (1)
and carry on a linear regression on Vs(ℓ).
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Mean period
Mean period
Number of measures : 5.107
Nbr inverters NI Period P (100 ps) Ratio NI/P
9 115 12.77
19 242 12.73
29 443 15.27
39 606 15.53
49 780 15.91
59 947 16.05
69 1164 16.86
79 1364 17.26
89 1550 17.41
99 1686 17.03
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Jitter distributions I
Jitter distribution (ℓ = 40).
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
24571 24572 24573 24574 24575 24576 24577 24578
periods mean:24574 var:1.4
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Jitter distribution II
Jitter distribution (ℓ = 900).
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
552905 552910 552915 552920 552925 552930 552935 552940
periods mean:552922 var:57
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Variance accumulation (Stratix)
-100
0
100
200
300
400
500
0 1000 2000 3000 4000 5000 6000 7000 8000 9000 10000
"./plot/C2RO0900000.trc.dat"f(x)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Variance per period s2X
TA=normal temperature TF=cold
Conditions Period Variance per period m2X/s2
X
best area/TA 837 0.00009 8992320
best perf/TA 613 0.00010 5773739
best perf/TF 597 0.00011 5026783
39 inverters 606 0.00031 1933556
49 inverters 780 0.00027 2797763
59 inverters 947 0.00030 3132579
69 inverters 1164 0.00031 3650809
79 inverters 1364 0.00023 5847969
89 inverters 1550 0.00023 6528099
99 inverters 1686 0.00020 8048541
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Quartz oscillator
2.6
2.8
3
3.2
3.4
3.6
3.8
4
0 100 200 300 400 500 600 700 800 900 1000
"./plot/C2clockEM00000.trc.dat"f(x)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Measure perturbation
In real life implementation, the phase jitter decomposes in
local Gaussian jitters ⇒ actual random noise ;
global deterministic jitter ⇒ not random variations.
The global deterministic jitter comes for instance from voltage
variation of the power supply and may be controlled by an
attacker.
⇒ The global deterministic jitters must be filtered out of the
measures.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Differential measure
Differential measure :
idea : compare the clock signal of two ring oscillators ;
the Gaussian jitter will add ;
the global jitter will cancel out.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Example : simple vs differential measure
1000
1500
2000
2500
3000
3500
4000
4500
5000
5500
2000 2500 3000 3500 4000
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Example : simple vs differential measure
50
100
150
200
250
300
2000 2500 3000 3500 4000
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Model for a sampled oscillator
the duration Xk = Tk+1 − Tk between the flipping times Tk
are i.i.d random variables;
The output signal is s(t) = max{k + 1 |Tk ≤ t} mod 2.
This model is often referred to as an alternated renewal process
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
A model based on Wiener processes
Hypothesis
The phase ϕ of an oscillator is analogue to a (stationary)
one-dimensional Brownian motion. The phase ϕ(t) conditioned
on the values (ϕ(t ′))t ′≤t0 prior to t0 follows a Gaussian
distribution of mean ϕ(t0) + µ(t − t0) and variance σ2(t − t0).
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Hypothesis
Equivalently, in term of conditional density of probability, we
have for all t , t0, x , x0,
d
dxP[
ϕ(t) ≤ x | ϕ(t0) = x0, (ϕ(t′))t ′<t0 = . . .
]
=1
σ√
2π(t − t0)exp
(
−(x − x0 − µ(t − t0))2
2σ2(t − t0)
)
(2)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Sampling function
Given a value x of the phase at a given time t , the output
bit s(t) is then modeled by a random variable such that the
probability of s(t) = 1 is equal to g1(x), for some fixed
1-periodic function g1. Again, in term of conditional probability,
we have for all t , b, x
P[
s(t) = b | ϕ(t) = x , (ϕ(t ′), s(t ′))t ′ 6=t = . . .]
= gb(x). (3)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Sampling function
g1(x) =
1 if x mod 1 ∈ ]12,1[,
0 if x mod 1 ∈ ]0, 12 [,
12
if x mod 1 ∈ {0, 12}.
(4)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Quality factor
The quality factor Q =s2
X∆t
4 m3X
of an oscillator-based TRNG is
the phase variance accumulated between two samples.
The RNG has a good level of security of Q ≫ 1.
ν = ∆t2 mX
be frequency ratio between the sampling and the
sampled signal.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
A result
Proposition
Consider a Wiener process (ϕ(t)) with parameters µ and σ2
and define (s(t)) as previously. Let ν and Q be defined as
above.
The probability to sample 1 at time t ≥ 0 conditioned on
the phase at time 0 verifies
P [s(t) = 1 | ϕ(0) = x ] =1
2−
2
πsin(2π(µt + x))e−2π2σ2t
+O(e−4π2σ2t).
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Proposition
The probability to output a vector ~b = (b1, . . . ,bn) ∈ {0,1}n
at sampling times 0,∆t , . . . (n − 1)∆t satisfies
p(~b) = P [s(0) = b1, . . . , s((n − 1)∆t) = bn]
=1
2n+
8
2nπ2
n−1∑
j=1
(−1)bj+bj+1
cos(2πν)e−2π2Q
+O(e−4π2Q).
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Proposition
The entropy of such an output is
Hn =∑
~b∈{0,1}n
− p(~b) log p(~b) (5)
= n −32(n − 1)
π4 ln(2)cos2(2πν)e−4π2Q + O(e−6π2Q).(6)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Auto-correlation test
The proposition leads us to consider the estimator defined by
c(~b) =1
n − 1
n−1∑
j=1
(−1)bj+bj+1
where ~b = (b1, . . . ,bn) ∈ {0,1}n is an output vector.
The expectation of c(~b) is
0 for a perfect random source ;
∑
~b
c(~b)p(~b) =8
π2cos(2πν)e−2π2Q + O(e−4π2Q)
on a random generator.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Another experiment
��������
������������
��������
Ringoscillator
Dflip flop
:k
b[t]
We have
Q ≈s2
X
4 m3X
D
f≈
D
157286.
Div. fact. Qual. fact. c(~b) 1√n
2559 0.016 0.0994 0.0011
22598 0.143 0.0181 0.0034
99245 0.630 0.0080 0.007
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Maximum likelihood estimations
0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 0.45 0.5 0
0.2
0.4
0.6
0.8
1
0 0.2 0.4 0.6 0.8
1 1.2 1.4 1.6
"output.22598.1MS.5000.dat"
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Idea of the proof
From the point of view of an outside observer, the state of
the generator at a given time t corresponds to a certain
probability measure on the phase ϕ(t).
Let pt(x | α) be the density of probability (possibly a
distribution) of ϕ(t) after a certain experiment described by
precondition α.
We introduce the Fourier coefficients pt(x | α):
ct(k | α) =
∫ +∞
−∞pt(x | α)e−2πikxdx
for every k ∈ Z.
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
The reason why we restrict k to integer values is that we are
only interested in the probability measure of ϕ(t) = ϕ(t)mod 1, which is described by the 1-periodic density function:
pt(x | α) =∑
k∈Zpt(x + k | α) (7)
ct(k | α) =∑
u∈Z
∫ 1
0
pt(x + u | α)e−2πikxdx (8)
=
∫ 1
0
pt(x | α)e−2πikxdx (9)
Assuming that the inverse formula for Fourier series holds for
ct(k | α), we obtain:
pt(x | α) =∑
k∈Zct(k | α)e2πikx (10)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Effect of time evolution
The following lemma expresses the effect of time evolution on
the Fourier coefficient of a density of probability pt(x | α).
Lemma
Assume an average drift speed µ and diffusion factor σ for the
Brownian process ϕ(t). For any t0 ≤ t and for every
precondition α concerning only events prior to t0, we have
ct(k | α) = ct0(k | α) e−2πiµ(t−t0) k e−2π2σ2(t−t0) k2
(11)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
Effect of sampling
The next lemma expresses the effect of sampling a bit b on the
Fourier coefficient of a density pt(x | α).
Lemma
For any t and for every precondition α concerning only events
prior to t, we have
ct(j | α, s(t) = b) =1
P
∑
k∈Zγb(j − k) ct(k | α) (12)
where γb(k) =∫ 1
0gb(x)e
−2πikxdx is the k-th Fourier coefficient
of the (periodic) sampling probability gb, and
P = P [s(t) = b | α] =∑
k∈Zγb(−k) ct(k | α) (13)
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs
RNG and cryptography
Experiments on ring oscillators
Differential measure
Statistical analysis
A new design
Mathieu Baudet, David Lubicz, Julien Micolod, André Tassiaux On the security of RNGs