An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin...
-
Upload
pamela-shelton -
Category
Documents
-
view
217 -
download
1
Transcript of An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin...
![Page 1: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/1.jpg)
An Embedded True Random Number Generator for FPGAs
Bebek, Jerry
Paul KohlbrennerLockheed Martin
3201 Jermantown RoadFairfax, VA 22030, USA
Kris GajGeorge Mason University
4400 University DriveFairfax, VA 22030, USA
![Page 2: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/2.jpg)
•Random numbers are an essential in ComS.…and, just as problematic.
•There are several methods to generate them.
•Unfortunately, all these methods are deterministic.
The Question: HOW COULD A TOTALLY LOGICAL MACHINE GENERATE
A RANDOM NUMBER?
![Page 3: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/3.jpg)
The Answer: It Can’t.The only truly random number sources are
those related to physical phenomena such as the rate of radioactive decay of an element
or the thermal noise of a semiconductor.
BOTTOM LINERandomness is bound to natural phenomena.It is impossible to algorithmically generate
truly random numbers.
![Page 4: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/4.jpg)
PSEUDO-VULNERABILITYPseudo-Random numbers are prone to being broken into.
`It is not an impossibletask to analyze
patterns in pseudo-random numbers. A
40-bit encryption with algorithmically
generated random numbers could be
broken in as little as 30 hours`.
..and yes, it has happened.
The Netscape 2.0 Attack Was An Example.
![Page 5: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/5.jpg)
FPGA Advantage In The Field
• Near-ASIC encryption speeds
• Algorithm and resource efficiencies
• In service algorithm modification
• Low development costs
• Parameter and algorithm eraser on intrusion detection
![Page 6: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/6.jpg)
The Method: Clock JitterJitter is variations in the significant instants of a clock.
Jitter is nondeterministic (random)
Jitter may have many sources:
•semiconductor noise•cross talk•Power supply variations•electro-magnetic fields
Jitter may be characterized in several ways:• Period Jitter• Amplitude Jitter
![Page 7: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/7.jpg)
Period Jitter(clock skew)
![Page 8: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/8.jpg)
Overall Design
![Page 9: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/9.jpg)
The Ring Oscillators
x2
Uses Propagation Delay – 130 MHz
![Page 10: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/10.jpg)
The Sampler
One of the clocksignals is usedto sample the other signal.
![Page 11: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/11.jpg)
The Output From The SamplerClock Skew (jitter) in between two clock signals is used(e.g. sampled) to generate a totally random bit.
Note that clock skew will never be uniform.Note that clock skew is NOT simple out-out-phase ness.
![Page 12: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/12.jpg)
Jitter (detail)
![Page 13: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/13.jpg)
Good Speed Ratios Ring oscillators with closely matched frequencies
require that a desired speed ratio must be achieved.
What factors affect this achievement? Variation in CLB speed
7% difference between the slowest CLB and the fastest one Sensitive to temperature and difficult for measurement
Variation in the frequency of an oscillator with the chip temperature
Close placement To use a large number of oscillators
![Page 14: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/14.jpg)
Evidence of Jitter Clocks with jitter lead to randomness of
output bit stream
If signal S0 has a single length, the output will be deterministic (all 0s, or 1s or 0s and 1s with a repeating pattern)
Evidence: Variation in the cycle lengths of Oscillators Variation in the cycle length of the signal S0
![Page 15: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/15.jpg)
Evidence of Jitter (details)
Frequency 130MHz
![Page 16: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/16.jpg)
Bias in the Output Ideal Output: 1s and 0s are evenly and
randomly distributed. Output with bias: 1s more likely than 0s,
or vice versa
The sources of bias: The limited number of difference bit length
of S0 signal Occasional meta-stable output from the
sampling flip-flop, (using a buffer can alleviate this problem)
![Page 17: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/17.jpg)
Reduction of Bias XOR of successive pairs of bits
Example:P(X=1)=2*p(1-p),P(X=0)=p^2+(1-p)^2(p is the probability of 1s)
A von Neumann corrector
NOTE: Limitation: no correlations in the output bit stream Disadvantage: reduction of the output bit rate
![Page 18: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/18.jpg)
Output Bit generation speed
![Page 19: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/19.jpg)
Experimental Environment
SLAAC-1V board with three Xilinx Virtex XCV1000 FPGA
Synplify V7.2 Xilinx ISE 4.2 NIST Statistical Test Suite for Random
and Pseudorandom Number Generator for Cryptographic Applications
![Page 20: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/20.jpg)
Experimental Results
P-value: the probability that a perfect random number generator would have produced a sequence less random than the sequence that was tested; The larger, the better.
![Page 21: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/21.jpg)
Future Work Increasing output bit rate by
Increasing the speed of ring oscillators Generating S0 signal from both rising and falling
edge of the clock Increasing the number of oscillators to solve
problems in finding matched CLBS Adding a counter to S0 signal for real time
“noise-failure” alarm
![Page 22: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/22.jpg)
Conclusion
The implementation is useful addition to the cryptographic systems using FPGA
No special requirement within FPGA increases the universal of the design
![Page 23: An Embedded True Random Number Generator for FPGAs Bebek, Jerry Paul Kohlbrenner Lockheed Martin 3201 Jermantown Road Fairfax, VA 22030, USA Paul.W.Kohlbrenner@lmco.com.](https://reader036.fdocuments.us/reader036/viewer/2022062422/56649ef45503460f94c069f0/html5/thumbnails/23.jpg)
Questions
???