using SRAM state as a source of randomness

Netsecurity netsecurity at sound-by-design.com
Mon Sep 17 14:20:32 EDT 2007


Back in the late 60's I was playing with audio and a magazine I subscribed
to had a circut for creating warble tones for standing wave and room
resonance testing.

The relevance of this is that they were using a "random" noise generating
chip that they acknowledged was not random enough for good measurements. The
fix suggested was to parallel a number, six as I recall, to improve the
randomness by mixing the signals to achieve better randomness. I don't
recall the math but the approach improved the randomness by more than an
order of magnitude. 

I have also seen the same effect on reverse biased zener diodes used as
random noise generators and that seemed - no real hard measurements that I
can recall - to work quite well. Mind you these were not zeners all
fabricated on a single chip, but rather individuals soldered together so the
charateristics of each were more random because of the semi-randomness of
the manufacturing process.

Perhaps a similar approach could be used here.

Best,

Allen

 


--------- Original Message --------
From: Udhay Shankar N <udhay at pobox.com>
To: cryptography at metzdowd.com <cryptography at metzdowd.com>
Subject: using SRAM state as a source of randomness
Date: 09/12/07 11:03

> 
> Sounds like an interesting idea - using SRAM state as a source of 
> randomness. Any of the folks here willing to comment on this?
> 
> Udhay
> 
> http://prisms.cs.umass.edu/~kevinfu/papers/holcomb-FERNS-RFIDSec07.pdf
> 
> Initial SRAM State as a Fingerprint and Source
> of True Random Numbers for RFID Tags
> 
> Daniel E. Holcomb, Wayne P. Burleson, and Kevin Fu
> University of Massachusetts, Amherst MA 01002, USA,
> {dholcomb, burleson}@ecs.umass.edu, kevinfu at cs.umass.edu
> http://www.rfid-cusp.org/
> 
> Abstract.
> 
> RFID applications create a need for low-cost security and
> privacy in potentially hostile environments. Our measurements show
> that initialization of SRAM produces a physical fingerprint. We propose
> a system of Fingerprint Extraction and Random Numbers in SRAM
> (FERNS) that harvests static identity and randomness from existing
> volatileCMOSstorage.Theidentityresultsfrommanufacture-timephys-
> icallyrandomdevicethresholdmismatch,andtherandomnumbersresult
> from run-time physically random noise. We use experimental data from
> virtual tags, microcontroller memory, and the WISP UHF RFID tag to
> validate the principles behind FERNS. We show that a 256byte SRAM
> can be used to identify circuits among a population of 160 virtual tags,
> and can potentially produce 128bit random numbers capable of passing
> cryptographic statistical tests.
> 
> 
> -- 
> ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))
> 
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to
majordomo at metzdowd.com
> 

________________________________________________
Message sent using UebiMiau 2.7.10


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list