Advertisement

A Design for a Physical RNG with Robust Entropy Estimators

  • Wolfgang Killmann
  • Werner Schindler
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5154)

Abstract

We briefly address general aspects that reliable security evaluations of physical RNGs should consider. Then we discuss an efficient RNG design that is based on a pair of noisy diodes. The main contribution of this paper is the formulation and the analysis of the corresponding stochastic model which interestingly also fits to other RNG designs. We prove a theorem that provides tight lower bounds for the entropy per random bit, and we apply our results to a prototype of a particular physical RNG.

Keywords

Physical RNG stochastic model entropy 

References

  1. 1.
    AIS 20: Functionality Classes and Evaluation Methodology for Deterministic Random Number Generators. Version 1 (02.12.1999) (mandatory if a German IT security certificate is applied for; English translation) (1999), www.bsi.bund.de/zertifiz/zert/interpr/ais20e.pdf
  2. 2.
    AIS 31: Functionality Classes and Evaluation Methodology for Physical Random Number Generators. Version 1 (25.09.2001) (mandatory if a German IT security certificate is applied for; English translation) (2001), www.bsi.bund.de/zertifiz/zert/interpr/ais31e.pdf
  3. 3.
    ANSI X9.82, Random Number Generation (Draft Version)Google Scholar
  4. 4.
    Bagini, V., Bucci, M.: A Design of Reliable True Number Generators for Cryptographic Applications. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 204–218. Springer, Berlin (1999)CrossRefGoogle Scholar
  5. 5.
    Bucci, M., Germani, L., Luzzi, R., Trifiletti, A., Varanonuovo, M.: A High-Speed Oscillator-Based Truly Random Number Source for Cryptographic Applications. IEEE Trans. Computers 52, 403–409 (2003)CrossRefGoogle Scholar
  6. 6.
    Bucci, M., Lucci, R.: Design of Testable Random Bit Generators. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 147–156. Springer, Berlin (2005)CrossRefGoogle Scholar
  7. 7.
    Bock, H., Bucci, M., Luzzi, R.: An Offset-Compensated Oscillator-Based Random Bit Source for Security Applications. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 268–281. Springer, Berlin (2004)Google Scholar
  8. 8.
    Dichtl, M.: How to Predict the Output of a Hardware Random Number Generator. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 181–188. Springer, Berlin (2003)Google Scholar
  9. 9.
    Dichtl, M., Golic, J.: High-Speed True Random Number Generation with Logic Gates Only. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 45–62. Springer, Berlin (2007)CrossRefGoogle Scholar
  10. 10.
    Feller, W.: An Introduction to Probability Theory and Its Application, vol. 2. Wiley, New York (1965)Google Scholar
  11. 11.
    ISO / IEC 18031 Random Bit Generation (November 2005)Google Scholar
  12. 12.
    Hoeffding, W., Robbins, H.: The Central Limit Theorem for Dependent Random Variables. Duke Math. J. 15, 773–780 (1948)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Killmann, W., Schindler, W.: A Proposal for: Functionality Classes and Evaluation Methodology for True (Physical) Random Number Generators. Version 3.1, 25.09.2001, mathematical-technical reference of [2] (English translation) (2001), www.bsi.bund.de/zertifiz/zert/interpr/trngk31e.pdf
  14. 14.
    Marsaglia, G.: Diehard (Test Suite for Random Number Generators), www.stat.fsu.edu/~geo/diehard.html
  15. 15.
    Pliam, J.O.: The Disparity Between the Work and the Entropy in Cryptology (01.02.1999), eprint.iacr.org/complete/
  16. 16.
    Rukhin, A., et al.: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST Special Publication 800–22 with revisions dated (15.05.2001), csrc.nist.gov/rng/SP800-22b.pdf
  17. 17.
    Schindler, W.: Functionality Classes and Evaluation Methodology for Deterministic Random Number Generators. Version 2.0, 02.12.1999, mathematical-technical reference of [1] (English translation) (1999), www.bsi.bund.de/zertifiz/zert/interpr/ais20e.pdf
  18. 18.
    Schindler, W.: Efficient Online Tests for True Random Number Generators. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 103–117. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  19. 19.
    Schindler, W., Killmann, W.: Evaluation Criteria for True (Physical) Random Number Generators Used in Cryptographic Applications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 431–449. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Schindler, W.: A Stochastical Model and Its Analysis for a Physical Random Number Generator Presented at CHES 2002. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 276–289. Springer, Heidelberg (2003)Google Scholar
  21. 21.
    Schindler, W.: Random Number Generators for Cryptographic Applications. In: Koç, Ç.K. (ed.) Cryptographic Engineering. Signals and Communication Theory. Springer, Berlin (to appear)Google Scholar
  22. 22.
    Schindler, W.: Evaluation Criteria for Physical Random Number Generators. In: Koç, Ç.K. (ed.) Cryptographic Engineering. Signals and Communication Theory. Springer, Berlin (to appear)Google Scholar
  23. 23.
    Tkacik, T.: A Hardware Random Number Generator. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 450–453. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  24. 24.
    Yaglom, A.M.: Correlation Theory of Stationary and Related Random Functions. Springer Series in Statistics, vol. 1. Springer, New York (1987)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Wolfgang Killmann
    • 1
  • Werner Schindler
    • 2
  1. 1.T-Systems ISS GmbHBonnGermany
  2. 2.Bundesamt für Sicherheit in der Informationstechnik (BSI)BonnGermany

Personalised recommendations