| 摘要: |
| 真随机数发生器(True random number generator,TRNG)的安全性对于密码系统至关重要。目前主要的国际和国家标准化组织推荐使用熵的概念来评估TRNG的安全性。TRNG所含的熵只能通过其数学模型从理论上得到,而无法通过输出序列从统计上计算出。然而,即便理论上安全的TRNG在实际使用中也会面临安全风险,因为TRNG中熵源的质量很容易受到物理条件的影响,包括芯片的制造差异、供电电压和工作温度。在本文中,针对最通用的振荡采样型TRNG,基于理论上的熵估计模型,我们研究了这种TRNG的健壮性,测试了不同电压下(0.9 V-1.8 V)、不同温度下(-10℃-40℃)的输出,并比较了同一批次的多个芯片,从而也对熵估计理论的适用性进行了验证。我们发现:物理条件的变化对TRNG输出的随机性有很大影响。而且,在应用熵估计理论时,芯片制造的个体差异和不同环境条件都会导致安全设计参数的不同。本文的实验结果为振荡采样型TRNG的安全性评估提供了大量参考,研究结论可以指导TRNG的设计、使用和检测。 |
| 关键词: 真随机数发生器 振荡采样 熵估计 健壮性 |
| DOI:10.19363/j.cnki.cn10-1380/tn.2017.07.002 |
| Received:February 20, 2017Revised:May 23, 2017 |
| 基金项目:本课题得到973计划(No.2013CB338001),国家自然科学基金(No.61602476)和中科院战略先导课题(No.XDA06010702)资助。 |
|
| On the Robustness of Oscillator-based True Random Number Generators |
| CHEN Tianyu,MA Yuan,JING Jiwu,ZHU Shuangyi |
| State Key Laboratory Of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing 100093, China;University of Chinese Academy of Sciences, Beijing 100049, China |
| Abstract: |
| The security of true random number generator (TRNG) is essential for cryptographic applications. At present, the main international and national organizations for standardization recommend to adopt the entropy to estimate the security of TRNGs. The entropy contained in a TRNG cannot be statistically calculated by its generated sequences except utilizing the stochastic model of the TRNG in theory. However, even though the TRNG is secure theoretically, it will be confronted with some security risks. Because the quality of the entropy resource is impressionable for the variation of physical conditions, such as the manufacture difference of chips, the change of voltage or temperature. In this paper, for the most common oscillator-based TRNG, we study the robustness of this type of TRNGs, which is based on the model for the entropy estimation. The experiments analyze the output of the TRNG in different conditions, including the variation of voltage (0.9 V-1.8 V) and temperature (-10℃-40℃), and compare the test results of several chips with the same batch. The applicability of the method for entropy estimation is also verified. We find that the variations of physical conditions cause a great impact on the entropy of the TRNG. In addition, when we employ the entropy estimation, we also discover that the values of the design parameter for security are not consistent due to the manufacture difference of chips and the variation of environmental conditions. The research achievement provides a large number of reference for the security evaluation of the oscillator-based TRNG. The conclusion obtained can guide the design, use and test of TRNGs. |
| Key words: true random number generator oscillator-based entropy estimation robustness |
