The Frequency Injection Attack on Ring-Oscillator-Based True Random Number Generators

  • A. Theodore Markettos
  • Simon W. Moore
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5747)


We have devised a frequency injection attack which is able to destroy the source of entropy in ring-oscillator-based true random number generators (TRNGs). A TRNG will lock to frequencies injected into the power supply, eliminating the source of random jitter on which it relies. We are able to reduce the keyspace of a secure microcontroller based on a TRNG from 264 to 3300, and successfully attack a 2004 EMV (‘Chip and PIN’) payment card. We outline a realistic covert attack on the EMV payment system that requires only 13 attempts at guessing a random number that should require 232. The theory, three implementations of the attack, and methods of optimisation are described.


  1. 1.
    EMVCo, LLC: EMV 4.2 specification (June 2008)
  2. 2.
    Bellare, M., Goldwasser, S., Micciancio, D.: “Pseudo-random” number generation within cryptographic algorithms: The DSS case. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 277–291. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  3. 3.
    Bello, L.: DSA-1571-1 openssl – predictable random number generator. Debian Security Advisory (2008),
  4. 4.
    Hajimiri, A., Limotyrakis, S., Lee, T.H.: Jitter and phase noise in ring oscillators. IEEE J. Solid-State Circuits 34(6), 790–804 (1999)CrossRefGoogle Scholar
  5. 5.
    Eastlake, D., Schiller, J., Crocker, S.: Best Common Practice 106: Randomness requirements for security. Technical report, IETF (2005)Google Scholar
  6. 6.
    Sunar, B., Martin, W.J., Stinson, D.R.: A provably secure true random number generator with built-in tolerance to active attacks. IEEE Trans. Computers 56(1), 109–119 (2007)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Bak, P.: The Devil’s staircase. Physics Today 39(12), 38–45 (1986)CrossRefGoogle Scholar
  8. 8.
    Adler, R.: A study of locking phenomena in oscillators. In: Proc. IRE and Waves and Electrons, vol. 34, pp. 351–357 (1946)Google Scholar
  9. 9.
    Mesgarzadeh, B., Alvandpour, A.: A study of injection locking in ring oscillators. In: Proc. IEEE International Symposium on Circuits and Systems, vol. 6, pp. 5465–5468 (2005)Google Scholar
  10. 10.
    Yoo, S.K., Karakoyunlu, D., Birand, B., Sunar, B.: Improving the robustness of ring oscillator TRNGs,
  11. 11.
    Lai, X., Roychowdhury, J.: Analytical equations for predicting injection locking in LC and ring oscillators. In: IEEE 2005 Custom Integrated Circuits Conference, pp. 461–464 (2005)Google Scholar
  12. 12.
    Rukhin, A., et al.: A statistical test suite for random and pseudorandom number generators for cryptographic applications. Technical Report SP800-22, National Institute of Standards and Technology, USA (2008)Google Scholar
  13. 13.
    Brown, R.G., Eddelbuettel, D.: Dieharder: A random number test suite, (accessed 2009-03-03)
  14. 14.
    Mills, E.: Hacked ATMs let criminals steal cash, PINs. ZDNet UK (June 2009),,1000000189,39660339,00.htm
  15. 15.
    Bogdanich, W.: Stealing the code: Con men and cash machines; criminals focus on A.T.M.’s, weak link in banking system. The New York Times (August 2003),
  16. 16.
    Rousseau, L.: pcsc_tools package: ATR table, (accessed 2009-03-03)
  17. 17.
    Sunar, B.: True random number generators for cryptography. In: Koç, Ç.K. (ed.) Cryptographic Engineering, pp. 55–74. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Herzel, F., Razavi, B.: A study of oscillator jitter due to supply and substrate noise. IEEE Trans. Circuits and Systems II 46(1), 36–42 (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • A. Theodore Markettos
    • 1
  • Simon W. Moore
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeUK

Personalised recommendations