TY - JOUR
T1 - EM Information Security Threats Against RO-Based TRNGs
T2 - The Frequency Injection Attack Based on IEMI and em Information Leakage
AU - Osuka, Saki
AU - Fujimoto, Daisuke
AU - Hayashi, Yu-Ichi
AU - Homma, Naofumi
AU - Beckers, Arthur
AU - Balasch, Josep
AU - Gierlichs, Benedikt
AU - Verbauwhede, Ingrid
N1 - Funding Information:
Manuscript received February 26, 2018; revised May 5, 2018; accepted May 17, 2018. Date of publication June 21, 2018; date of current version August 13, 2019. This work was supported in part by the JSPS KAKENHI under Grant 16H02831 and in part by the JSPS and FWO under the Japan–Belgium Research Cooperative Program. (Corresponding author: Yu-ichi Hayashi.) S. Osuka, D. Fujimoto, and Y.-i. Hayashi are with the Nara Institute of Science and Technology, Nara 630-0192, Japan (e-mail:, osuka.saki.ok1@is.naist.jp; fujimoto@is.naist.jp; yu-ichi@is.naist.jp).
Publisher Copyright:
© 1964-2012 IEEE.
PY - 2019/8
Y1 - 2019/8
N2 - True random number generators (TRNGs) based on ring oscillators (ROs) are employed in many devices because they can be constructed with a simple circuit structure. Many systems are affected if an RO-based TRNG is attacked, and its security is degraded. Conventional attacks against RO-based TRNGs reduce randomness using direct physical access to the target device and/or modification/invasion of the device or the equipment on which it is implemented. However, depending on the physical location of the device and its tamper resistance measures, directly accessing the device or operating/modifying the implementation may not be easy. This study introduces a noninvasive attack against RO-based TRNGs. In this attack, we intentionally induce sinusoidal electromagnetic waves in a TRNG and estimate the change in its randomness under this interference by observing the signal leaked from the TRNG from a distance. We also consider countermeasures against noninvasive attacks on TRNGs.
AB - True random number generators (TRNGs) based on ring oscillators (ROs) are employed in many devices because they can be constructed with a simple circuit structure. Many systems are affected if an RO-based TRNG is attacked, and its security is degraded. Conventional attacks against RO-based TRNGs reduce randomness using direct physical access to the target device and/or modification/invasion of the device or the equipment on which it is implemented. However, depending on the physical location of the device and its tamper resistance measures, directly accessing the device or operating/modifying the implementation may not be easy. This study introduces a noninvasive attack against RO-based TRNGs. In this attack, we intentionally induce sinusoidal electromagnetic waves in a TRNG and estimate the change in its randomness under this interference by observing the signal leaked from the TRNG from a distance. We also consider countermeasures against noninvasive attacks on TRNGs.
KW - Electromagnetic (EM) information leakage
KW - intentional electromagnetic interference (IEMI)
KW - true random number generator (TRNG)
UR - http://www.scopus.com/inward/record.url?scp=85049095640&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85049095640&partnerID=8YFLogxK
U2 - 10.1109/TEMC.2018.2844027
DO - 10.1109/TEMC.2018.2844027
M3 - Article
AN - SCOPUS:85049095640
SN - 0018-9375
VL - 61
SP - 1122
EP - 1128
JO - IEEE Transactions on Electromagnetic Compatibility
JF - IEEE Transactions on Electromagnetic Compatibility
IS - 4
M1 - 8393451
ER -