Special Session: Security Verification & Testing for SR-Latch TRNGs - Equipe Secure and Safe Hardware
Communication Dans Un Congrès Année : 2023

Special Session: Security Verification & Testing for SR-Latch TRNGs

Résumé

Secure chips implement cryptographic algorithms and protocols to ensure self-protection (e.g., firmware authenticity) as well as user data protection (e.g., encrypted data storage). In turn, cryptography needs to defer to incorruptible sources of entropy to implement their functions according to their mandatory usage guidance. Typically, keys, nonces, initialization vectors, tweaks, etc. shall not be guessed by attackers. In practice, True Random Number Generators (TRNGs) are in charge of producing such sensitive elements. Fully aware of the central role of TRNGs in the proper implementation of security in chips, stakeholders have been formalizing the requirements recently. The methods to strengthen such requirements are manifold. In this paper, we discuss and apply three of them by targeting the Set-Reset Latch TRNG which is an alternative to Ring-Oscillator (RO) TRNGs as it provides faster throughputs. The first method concerns the confidence in the TRNG being random enough. It explores how the TRNG properties can be reliably predicted by simulation, compared to real silicon experiments. The second aspect dealt with in this paper is the assessment of the TRNG properties over time, i.e., considering the impact of aging in the TRNG properties. Such knowledge is important as secure chips are expected to be in service for a long period, and it would be detrimental to the service they render if the quality of the entropy they deliver would be declining over time. Eventually, the third aspect of this paper is the timely detection of unforeseen failures or malevolent attacks. The mitigation lies in leveraging "health tests" launched prior to using random numbers. This paper focuses on a particular type of TRNG that is not prone to biasing by attackers: it is the so-called Set-Reset Latch (SR-latch) TRNG and exploits a race condition in an arbitration gate. Such kind of TRNG is of great practical interest as an alternative design compared to the mainstream "Ring Oscillator" TRNG, and it is also very amenable to analyses by various sorts of simulations aiming at properly characterizing its security in various operational environments.
Fichier principal
Vignette du fichier
23_vts_sr-latch_trng.pdf (1.11 Mo) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-04260342 , version 1 (26-10-2023)

Identifiants

Citer

Javad Bahrami, Mohammad Ebrahimabadi, Jean-Luc Danger, Sylvain Guilley, Naghmeh Karimi. Special Session: Security Verification & Testing for SR-Latch TRNGs. 2023 IEEE 41st VLSI Test Symposium (VTS), Apr 2023, San Diego, United States. pp.1-10, ⟨10.1109/VTS56346.2023.10140057⟩. ⟨hal-04260342⟩
154 Consultations
46 Téléchargements

Altmetric

Partager

More