Skip to main content
SpringerLink
Log in

In-situ Extraction of Randomness from Computer Architecture Through Hardware Performance Counters

  • Conference paper
  • First Online:
Smart Card Research and Advanced Applications (CARDIS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11833))

  • 582 Accesses

Abstract

True Random Number Generators (TRNGs) are one of the most crucial components in the design and use of cryptographic protocols and communication. Predictability of such random numbers are catastrophic and can lead to the complete collapse of security, as all the mathematical proofs are based on the entropy of the source which generates these bit patterns. The randomness in the TRNGs is hugely attributed to the inherent noise of the system, which is often derived from hardware subsystems operating in an ambiguous manner. However, most of these solutions need an add-on device to provide these randomness sources, which can lead to not only latency issues but also can be a potential target of adversaries by probing such an interface. In this paper, we address to alleviate these issues by proposing an in-situ TRNG construction, which depends on the functioning of the underlying hardware architecture. These functions are observed via the Hardware Performance Counters (HPCs) and are shown to exhibit high-quality randomness in the least significant bit positions. We provide extensive experiments to research on the choice of the HPCs, and their ability to pass the standard NIST and AIS 20/31 Tests. We also analyze a possible scenario where an adversary tries to interfere with the HPC values and show its effect on the TRNG output with respect to the NIST and AIS 20/31 Tests. Additionally, to alleviate the delay caused for accessing the HPC events and increase the throughput of the random-source, we also propose a methodology to cascade the random numbers from the HPC values with a secured hash function.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We selected 10 ms as it is the lowest interval of time that the perf tool supports, and thus corresponds to the highest supported frequency.

  2. 2.

    We empirically selected last 9 least significant bits for our experimental setup as for most of the events the last 9 bits provide highest entropy values.

References

  1. Alam, M., Bhattacharya, S., Dutta, S., Sinha, S., Mukhopadhyay, D., Chattopadhyay, A.: RATAFIA: ransomware analysis using time and frequency informed autoencoders. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 218–227 (2019)

    Google Scholar 

  2. Alam, M., Bhattacharya, S., Mukhopadhyay, D., Bhattacharya, S.: Performance counters to rescue: a machine learning based safeguard against micro-architectural side-channel-attacks. IACR Cryptology ePrint Archive 2017, 564 (2017)

    Google Scholar 

  3. Alam, M., Bhattacharya, S., Sinha, S., Rebeiro, C., Mukhopadhyay, D.: IPA: an instruction profiling-based micro-architectural side-channel attack on block ciphers. J. Hardw. Syst. Secur. 3(1), 26–44 (2019)

    Article  Google Scholar 

  4. Alam, M., Mukhopadhyay, D.: How secure are deep learning algorithms from side-channel based reverse engineering? In: Proceedings of the 56th Annual Design Automation Conference 2019, p. 226. ACM (2019)

    Google Scholar 

  5. Alam, M., Mukhopadhyay, D., Kadiyala, S.P., Lam, S.K., Srikanthan, T.: Side-channel assisted malware classifier with gradient descent correction for embedded platforms. In: PROOFS@ CHES, pp. 1–15 (2018)

    Google Scholar 

  6. Alameldeen, A.R., Wood, D.A.: Variability in architectural simulations of multi-threaded workloads. In: 2003 Proceedings of the Ninth International Symposium on High-Performance Computer Architecture, HPCA-9 2003, pp. 7–18. IEEE (2003)

    Google Scholar 

  7. Bayon, P., et al.: Contactless electromagnetic active attack on ring oscillator based true random number generator. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 151–166. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29912-4_12

    Chapter  Google Scholar 

  8. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_19

    Chapter  Google Scholar 

  9. Bhattacharya, S., Mukhopadhyay, D.: Who watches the watchmen?: utilizing performance monitors for compromising keys of RSA on Intel platforms. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 248–266. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_13

    Chapter  Google Scholar 

  10. Chen, W., et al.: A 1.04 \(\mu \)W truly random number generator for Gen2 RFID tag. In: 2009 IEEE Asian Solid-State Circuits Conference, pp. 117–120. IEEE (2009)

    Google Scholar 

  11. Cherkaoui, A., Fischer, V., Fesquet, L., Aubert, A.: A very high speed true random number generator with entropy assessment. In: Bertoni, G., Coron, J.S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 179–196. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_11

    Chapter  Google Scholar 

  12. Güneysu, T.: True random number generation in block memories of reconfigurable devices. In: 2010 International Conference on Field-Programmable Technology, pp. 200–207. IEEE (2010)

    Google Scholar 

  13. Gutterman, Z., Pinkas, B., Reinman, T.: Analysis of the Linux random number generator. In: 2006 IEEE Symposium on Security and Privacy (S&P 2006), pp. 15–pp. IEEE (2006)

    Google Scholar 

  14. Jun, B., Kocher, P.: The Intel random number generator. White Paper, vol. 27, pp. 1–8. Cryptography Research Inc. (1999)

    Google Scholar 

  15. Killmann, W., Schindler, W.: A proposal for: functionality classes for random number generators. Ser. BDI, Bonn (2011)

    Google Scholar 

  16. Markettos, A.T., Moore, S.W.: The frequency injection attack on ring-oscillator-based true random number generators. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 317–331. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_23

    Chapter  Google Scholar 

  17. Mc Guire, N., Okech, P., Schiesser, G.: Analysis of inherent randomness of the Linux kernel. In: Proceedings of the 11th Real-Time Linux Workshop. Citeseer (2009)

    Google Scholar 

  18. Mytkowicz, T., Diwan, A., Hauswirth, M., Sweeney, P.F.: Producing wrong data without doing anything obviously wrong!. ACM SIGARCH Comput. Archit. News 37(1), 265–276 (2009)

    Article  Google Scholar 

  19. Petrie, C.S., Connelly, J.A.: A noise-based IC random number generator for applications in cryptography. IEEE Trans. Circuits Syst. I: Fundam. Theory Appl. 47(5), 615–621 (2000)

    Article  Google Scholar 

  20. Robson, S., Leung, B., Gong, G.: Truly random number generator based on a ring oscillator utilizing last passage time. IEEE Trans. Circuits Syst. II Express Briefs 61(12), 937–941 (2014)

    Article  Google Scholar 

  21. Rožić, V., Yang, B., Mentens, N., Verbauwhede, I.: Canary numbers: design for light-weight online testability of true random number generators. In: NIST RBG Workshop, Gaithersburg, MD, USA, vol. 386, p. 2016 (2016). Cryptology ePrint Archive, Technical report

    Google Scholar 

  22. Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E.: A statistical test suite for random and pseudorandom number generators for cryptographic applications. Technical report, Booz-Allen and Hamilton Inc., Mclean, VA (2001)

    Google Scholar 

  23. Weaver, V.M.: Using dynamic binary instrumentation to create faster, validated, multi-core simulations. Ph.D. thesis, Cornell University (2010)

    Google Scholar 

  24. Weaver, V.M., McKee, S.A.: Can hardware performance counters be trusted? In: 2008 IEEE International Symposium on Workload Characterization, pp. 141–150. IEEE (2008)

    Google Scholar 

  25. Weaver, V.M., Terpstra, D., Moore, S.: Non-determinism and overcount on modern hardware performance counter implementations. In: 2013 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), pp. 215–224. IEEE (2013)

    Google Scholar 

  26. Yang, B., Rožic, V., Grujic, M., Mentens, N., Verbauwhede, I.: ES-TRNG: a high-throughput, low-area true random number generator based on edge sampling. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018, 267–292 (2018)

    Google Scholar 

  27. Yang, B., Rožić, V., Mentens, N., Dehaene, W., Verbauwhede, I.: TOTAL: TRNG on-the-fly testing for attack detection using lightweight hardware. In: Proceedings of the 2016 Conference on Design, Automation & Test in Europe, pp. 127–132. EDA Consortium (2016)

    Google Scholar 

  28. Yao, A.C.: Theory and application of trapdoor functions. In: 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982), pp. 80–91. IEEE (1982)

    Google Scholar 

  29. Zaparanuks, D., Jovic, M., Hauswirth, M.: Accuracy of performance counter measurements. In: 2009 IEEE International Symposium on Performance Analysis of Systems and Software, pp. 23–32. IEEE (2009)

    Google Scholar 

Download references

Acknowledgement

The authors thankfully acknowledge the Defence Research & Development Organisation (DRDO) for funding the project through JCBCAT, Kolkata, India.

Author information

Authors and Affiliations

  1. Indian Institute of Technology Kharagpur, Kharagpur, India

    Manaar Alam, Astikey Singh, Sarani Bhattacharya, Kuheli Pratihar & Debdeep Mukhopadhyay

Authors
  1. Manaar Alam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Astikey Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarani Bhattacharya
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kuheli Pratihar
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Debdeep Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manaar Alam .

Editor information

Editors and Affiliations

  1. CryptoExperts, Paris, France

    Sonia Belaïd

  2. Ruhr-Universität Bochum, Bochum, Germany

    Tim Güneysu

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alam, M., Singh, A., Bhattacharya, S., Pratihar, K., Mukhopadhyay, D. (2020). In-situ Extraction of Randomness from Computer Architecture Through Hardware Performance Counters. In: Belaïd, S., Güneysu, T. (eds) Smart Card Research and Advanced Applications. CARDIS 2019. Lecture Notes in Computer Science(), vol 11833. Springer, Cham. https://doi.org/10.1007/978-3-030-42068-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42068-0_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42067-3

  • Online ISBN: 978-3-030-42068-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation