Abstract
True Random Number Generators (TRNGs) are one of the most crucial components in the design and use of cryptographic protocols and communication. Predictability of such random numbers are catastrophic and can lead to the complete collapse of security, as all the mathematical proofs are based on the entropy of the source which generates these bit patterns. The randomness in the TRNGs is hugely attributed to the inherent noise of the system, which is often derived from hardware subsystems operating in an ambiguous manner. However, most of these solutions need an add-on device to provide these randomness sources, which can lead to not only latency issues but also can be a potential target of adversaries by probing such an interface. In this paper, we address to alleviate these issues by proposing an in-situ TRNG construction, which depends on the functioning of the underlying hardware architecture. These functions are observed via the Hardware Performance Counters (HPCs) and are shown to exhibit high-quality randomness in the least significant bit positions. We provide extensive experiments to research on the choice of the HPCs, and their ability to pass the standard NIST and AIS 20/31 Tests. We also analyze a possible scenario where an adversary tries to interfere with the HPC values and show its effect on the TRNG output with respect to the NIST and AIS 20/31 Tests. Additionally, to alleviate the delay caused for accessing the HPC events and increase the throughput of the random-source, we also propose a methodology to cascade the random numbers from the HPC values with a secured hash function.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
We selected 10 ms as it is the lowest interval of time that the perf tool supports, and thus corresponds to the highest supported frequency.
- 2.
We empirically selected last 9 least significant bits for our experimental setup as for most of the events the last 9 bits provide highest entropy values.
References
Alam, M., Bhattacharya, S., Dutta, S., Sinha, S., Mukhopadhyay, D., Chattopadhyay, A.: RATAFIA: ransomware analysis using time and frequency informed autoencoders. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 218–227 (2019)
Alam, M., Bhattacharya, S., Mukhopadhyay, D., Bhattacharya, S.: Performance counters to rescue: a machine learning based safeguard against micro-architectural side-channel-attacks. IACR Cryptology ePrint Archive 2017, 564 (2017)
Alam, M., Bhattacharya, S., Sinha, S., Rebeiro, C., Mukhopadhyay, D.: IPA: an instruction profiling-based micro-architectural side-channel attack on block ciphers. J. Hardw. Syst. Secur. 3(1), 26–44 (2019)
Alam, M., Mukhopadhyay, D.: How secure are deep learning algorithms from side-channel based reverse engineering? In: Proceedings of the 56th Annual Design Automation Conference 2019, p. 226. ACM (2019)
Alam, M., Mukhopadhyay, D., Kadiyala, S.P., Lam, S.K., Srikanthan, T.: Side-channel assisted malware classifier with gradient descent correction for embedded platforms. In: PROOFS@ CHES, pp. 1–15 (2018)
Alameldeen, A.R., Wood, D.A.: Variability in architectural simulations of multi-threaded workloads. In: 2003 Proceedings of the Ninth International Symposium on High-Performance Computer Architecture, HPCA-9 2003, pp. 7–18. IEEE (2003)
Bayon, P., et al.: Contactless electromagnetic active attack on ring oscillator based true random number generator. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 151–166. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29912-4_12
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_19
Bhattacharya, S., Mukhopadhyay, D.: Who watches the watchmen?: utilizing performance monitors for compromising keys of RSA on Intel platforms. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 248–266. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_13
Chen, W., et al.: A 1.04 \(\mu \)W truly random number generator for Gen2 RFID tag. In: 2009 IEEE Asian Solid-State Circuits Conference, pp. 117–120. IEEE (2009)
Cherkaoui, A., Fischer, V., Fesquet, L., Aubert, A.: A very high speed true random number generator with entropy assessment. In: Bertoni, G., Coron, J.S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 179–196. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_11
Güneysu, T.: True random number generation in block memories of reconfigurable devices. In: 2010 International Conference on Field-Programmable Technology, pp. 200–207. IEEE (2010)
Gutterman, Z., Pinkas, B., Reinman, T.: Analysis of the Linux random number generator. In: 2006 IEEE Symposium on Security and Privacy (S&P 2006), pp. 15–pp. IEEE (2006)
Jun, B., Kocher, P.: The Intel random number generator. White Paper, vol. 27, pp. 1–8. Cryptography Research Inc. (1999)
Killmann, W., Schindler, W.: A proposal for: functionality classes for random number generators. Ser. BDI, Bonn (2011)
Markettos, A.T., Moore, S.W.: The frequency injection attack on ring-oscillator-based true random number generators. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 317–331. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_23
Mc Guire, N., Okech, P., Schiesser, G.: Analysis of inherent randomness of the Linux kernel. In: Proceedings of the 11th Real-Time Linux Workshop. Citeseer (2009)
Mytkowicz, T., Diwan, A., Hauswirth, M., Sweeney, P.F.: Producing wrong data without doing anything obviously wrong!. ACM SIGARCH Comput. Archit. News 37(1), 265–276 (2009)
Petrie, C.S., Connelly, J.A.: A noise-based IC random number generator for applications in cryptography. IEEE Trans. Circuits Syst. I: Fundam. Theory Appl. 47(5), 615–621 (2000)
Robson, S., Leung, B., Gong, G.: Truly random number generator based on a ring oscillator utilizing last passage time. IEEE Trans. Circuits Syst. II Express Briefs 61(12), 937–941 (2014)
Rožić, V., Yang, B., Mentens, N., Verbauwhede, I.: Canary numbers: design for light-weight online testability of true random number generators. In: NIST RBG Workshop, Gaithersburg, MD, USA, vol. 386, p. 2016 (2016). Cryptology ePrint Archive, Technical report
Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E.: A statistical test suite for random and pseudorandom number generators for cryptographic applications. Technical report, Booz-Allen and Hamilton Inc., Mclean, VA (2001)
Weaver, V.M.: Using dynamic binary instrumentation to create faster, validated, multi-core simulations. Ph.D. thesis, Cornell University (2010)
Weaver, V.M., McKee, S.A.: Can hardware performance counters be trusted? In: 2008 IEEE International Symposium on Workload Characterization, pp. 141–150. IEEE (2008)
Weaver, V.M., Terpstra, D., Moore, S.: Non-determinism and overcount on modern hardware performance counter implementations. In: 2013 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), pp. 215–224. IEEE (2013)
Yang, B., Rožic, V., Grujic, M., Mentens, N., Verbauwhede, I.: ES-TRNG: a high-throughput, low-area true random number generator based on edge sampling. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018, 267–292 (2018)
Yang, B., Rožić, V., Mentens, N., Dehaene, W., Verbauwhede, I.: TOTAL: TRNG on-the-fly testing for attack detection using lightweight hardware. In: Proceedings of the 2016 Conference on Design, Automation & Test in Europe, pp. 127–132. EDA Consortium (2016)
Yao, A.C.: Theory and application of trapdoor functions. In: 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982), pp. 80–91. IEEE (1982)
Zaparanuks, D., Jovic, M., Hauswirth, M.: Accuracy of performance counter measurements. In: 2009 IEEE International Symposium on Performance Analysis of Systems and Software, pp. 23–32. IEEE (2009)
Acknowledgement
The authors thankfully acknowledge the Defence Research & Development Organisation (DRDO) for funding the project through JCBCAT, Kolkata, India.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Alam, M., Singh, A., Bhattacharya, S., Pratihar, K., Mukhopadhyay, D. (2020). In-situ Extraction of Randomness from Computer Architecture Through Hardware Performance Counters. In: Belaïd, S., Güneysu, T. (eds) Smart Card Research and Advanced Applications. CARDIS 2019. Lecture Notes in Computer Science(), vol 11833. Springer, Cham. https://doi.org/10.1007/978-3-030-42068-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-42068-0_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42067-3
Online ISBN: 978-3-030-42068-0
eBook Packages: Computer ScienceComputer Science (R0)