Designing a Side Channel Resistant Random Number Generator

Abstract : This paper describes the design of the random number generator (RNG) in the Caernarvon high assurance smart card operating system. Since it is used in the generation of cryptographic keys and other sensitive materials, the RNG has a number of stringent security requirements that the random bits must be of good quality i.e. the bits must not be predictable or biased. To this end, a number of standards such as the German AIS 31 mandate that true random bits be continuously tested before use in sensitive applications such as key generation. A key issue in implementing this standard is that such testing before use in key generation greatly increases the attack surface for side-channel attacks. For example, template attacks which can extract information about the random bits from even a single run provided we use the same bits at many different points in the computation. Because of these potential risks, the Caernarvon operating system uses pseudo random number generators which are initially seeded by externally generated high quality random bits, and then perturbed by bits from the true random number generator. We describe a PRNG design which yields high quality random bits while also ensuring that it is not susceptible to side-channel attacks and provide an informal argument about its effectiveness.
Type de document :
Communication dans un congrès
Dieter Gollmann; Jean-Louis Lanet; Julien Iguchi-Cartigny. 9th IFIP WG 8.8/11.2 International Conference on Smart Card Research and Advanced Applications (CARDIS), Apr 2010, Passau, Germany. Springer, Lecture Notes in Computer Science, LNCS-6035, pp.49-64, 2010, Smart Card Research and Advanced Application. 〈10.1007/978-3-642-12510-2_5〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01023028
Contributeur : Hal Ifip <>
Soumis le : vendredi 11 juillet 2014 - 13:49:52
Dernière modification le : vendredi 11 août 2017 - 15:20:29
Document(s) archivé(s) le : mardi 11 avril 2017 - 12:12:29

Fichier

2156-6983-1-PB
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Suresh Chari, Vincenzo Diluoffo, Paul Karger, Elaine Palmer, Tal Rabin, et al.. Designing a Side Channel Resistant Random Number Generator. Dieter Gollmann; Jean-Louis Lanet; Julien Iguchi-Cartigny. 9th IFIP WG 8.8/11.2 International Conference on Smart Card Research and Advanced Applications (CARDIS), Apr 2010, Passau, Germany. Springer, Lecture Notes in Computer Science, LNCS-6035, pp.49-64, 2010, Smart Card Research and Advanced Application. 〈10.1007/978-3-642-12510-2_5〉. 〈hal-01023028〉

Partager

Métriques

Consultations de la notice

766

Téléchargements de fichiers

81