Designing a Side Channel Resistant Random Number Generator

Abstract: This paper describes the design of the random number generator (RNG) in the Caernarvon high assurance smart card operating system. Since it is used in the generation of cryptographic keys and other sensitive materials, the RNG has a number of stringent security requirements that the random bits must be of good quality i.e. the bits must not be predictable or biased. To this end, a number of standards such as the German AIS 31 mandate that true random bits be continuously tested before use in sensitive applicat… Show more

“…Nevertheless, old log entries can't be modified and stay secure, because a CSPRNG withstands state compromise extensions. There are many real-world physical attacks on memory that enable an attacker to gain access to the random number generator by memory leakage or side channels (Akavia et al, 2009;Chari et al, 2010). To avoid this problem, a random generator implemented in hardware can be used.…”

Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations

“…Nevertheless, old log entries can't be modified and stay secure, because a CSPRNG withstands state compromise extensions. There are many real-world physical attacks on memory that enable an attacker to gain access to the random number generator by memory leakage or side channels (Akavia et al, 2009;Chari et al, 2010). To avoid this problem, a random generator implemented in hardware can be used.…”

Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations

“…Як обговорювалося в праці [18], ці жорсткі вимоги ускладнюють ефективний та корисний ІГВЧ. Тому альтернативою було б мати генератор псевдовипадкових чисел (ГПВЧ).…”

Testing Pseudorandom Number Sensors Built in Smart Cards

Design and Analysis of Reconfigurable Cryptographic Primitives: TRNG and PUF