International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Maciej Skórski

Publications

Year
Venue
Title
2023
TCHES
Enhancing Quality and Security of the PLL-TRNG
Field Programmable Gate Arrays (FPGAs) are used more and more frequently to implement cryptographic systems, which need random number generators (RNGs) to be embedded in the same device. The main challenge related to the implementation of a generator running inside FPGAs is that the physical source of randomness, such as jittered clock generator, is implemented in the configurable logic area, i.e. in the close vicinity of noisy running algorithms, which can have significant impact on generated numbers or even serve to attack the generator. A possible approach to prevent such influence is the use of Phase-Lock Loops (PLLs), which are separated from the re-configurable logic area inside the FPGA chip. In this paper, we propose a new architecture of the PLL-based TRNG including a method to avoid correlation in the output through control of timing in the sampling process, as well as new embedded tests based on the enhanced stochastic model. We also propose a workflow to help find the best parameters, such as output bitrate and entropy rate. We show that bitrates of around 400 kb/s or more can be achieved, while guaranteeing min-entropy rates per bit higher than 0.98 as required by the latest security standards.
2021
EUROCRYPT
The Mother of All Leakages: How to Simulate Noisy Leakages via Bounded Leakage (Almost) for Free 📺
We show that noisy leakage can be simulated in the information-theoretic setting using a single query of bounded leakage, up to a small statistical simulation error and a slight loss in the leakage parameter. The latter holds true in particular for one of the most used noisy-leakage models, where the noisiness is measured using the conditional average min-entropy (Naor and Segev, CRYPTO'09 and SICOMP'12). Our reductions between noisy and bounded leakage are achieved in two steps. First, we put forward a new leakage model (dubbed the dense leakage model) and prove that dense leakage can be simulated in the information-theoretic setting using a single query of bounded leakage, up to small statistical distance. Second, we show that the most common noisy-leakage models fall within the class of dense leakage, with good parameters. We also provide a complete picture of the relationships between different noisy-leakage models, and prove lower bounds showing that our reductions are nearly optimal. Our result finds applications to leakage-resilient cryptography, where we are often able to lift security in the presence of bounded leakage to security in the presence of noisy leakage, both in the information-theoretic and in the computational setting. Additionally, we show how to use lower bounds in communication complexity to prove that bounded-collusion protocols (Kumar, Meka, and Sahai, FOCS'19) for certain functions do not only require long transcripts, but also necessarily need to reveal enough information about the inputs.
2018
TCHES
Evaluation and Monitoring of Free Running Oscillators Serving as Source of Randomness
In this paper, we evaluate clock signals generated in ring oscillators and self-timed rings and the way their jitter can be transformed into random numbers. We show that counting the periods of the jittery clock signal produces random numbers of significantly better quality than the methods in which the jittery signal is simply sampled (the case in almost all current methods). Moreover, we use the counter values to characterize and continuously monitor the source of randomness. However, instead of using the widely used statistical variance, we propose to use Allan variance to do so. There are two main advantages: Allan variance is insensitive to low frequency noises such as flicker noise that are known to be autocorrelated and significantly less circuitry is required for its computation than that used to compute commonly used variance. We also show that it is essential to use a differential principle of randomness extraction from the jitter based on the use of two identical oscillators to avoid autocorrelations originating from external and internal global jitter sources and that this fact is valid for both kinds of rings. Last but not least, we propose a method of statistical testing based on high order Markov model to show the reduced dependencies when the proposed randomness extraction is applied.
2016
TCC
2016
TCC
2016
TCC
2015
EUROCRYPT