using SRAM state as a source of randomness

Netsecurity netsecurity at
Mon Sep 17 14:20:32 EDT 2007

Back in the late 60's I was playing with audio and a magazine I subscribed
to had a circut for creating warble tones for standing wave and room
resonance testing.

The relevance of this is that they were using a "random" noise generating
chip that they acknowledged was not random enough for good measurements. The
fix suggested was to parallel a number, six as I recall, to improve the
randomness by mixing the signals to achieve better randomness. I don't
recall the math but the approach improved the randomness by more than an
order of magnitude. 

I have also seen the same effect on reverse biased zener diodes used as
random noise generators and that seemed - no real hard measurements that I
can recall - to work quite well. Mind you these were not zeners all
fabricated on a single chip, but rather individuals soldered together so the
charateristics of each were more random because of the semi-randomness of
the manufacturing process.

Perhaps a similar approach could be used here.




--------- Original Message --------
From: Udhay Shankar N <udhay at>
To: cryptography at <cryptography at>
Subject: using SRAM state as a source of randomness
Date: 09/12/07 11:03

> Sounds like an interesting idea - using SRAM state as a source of 
> randomness. Any of the folks here willing to comment on this?
> Udhay
> Initial SRAM State as a Fingerprint and Source
> of True Random Numbers for RFID Tags
> Daniel E. Holcomb, Wayne P. Burleson, and Kevin Fu
> University of Massachusetts, Amherst MA 01002, USA,
> {dholcomb, burleson}, kevinfu at
> Abstract.
> RFID applications create a need for low-cost security and
> privacy in potentially hostile environments. Our measurements show
> that initialization of SRAM produces a physical fingerprint. We propose
> a system of Fingerprint Extraction and Random Numbers in SRAM
> (FERNS) that harvests static identity and randomness from existing
> volatileCMOSstorage.Theidentityresultsfrommanufacture-timephys-
> icallyrandomdevicethresholdmismatch,andtherandomnumbersresult
> from run-time physically random noise. We use experimental data from
> virtual tags, microcontroller memory, and the WISP UHF RFID tag to
> validate the principles behind FERNS. We show that a 256byte SRAM
> can be used to identify circuits among a population of 160 virtual tags,
> and can potentially produce 128bit random numbers capable of passing
> cryptographic statistical tests.
> -- 
> ((Udhay Shankar N)) ((udhay @ ((
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to
majordomo at

Message sent using UebiMiau 2.7.10

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list