Dissertations / Theses on the topic 'True Random Number Generator (TRNG)'

Les nombres aléatoires sont essentiels pour les systèmes cryptographiques modernes. Ils servent de clés cryptographiques, de nonces, de vecteurs d’initialisation et de masques aléatoires pour la protection contre les attaques par canaux cachés. Dans cette thèse, nous traitons des générateurs de nombres aléatoires dans les circuits logiques (FPGA et ASIC). Nous présentons les méthodes fondamentales de génération de nombres aléatoires dans des circuits logiques. Ensuite, nous discutons de différents types de TRNG en utilisant le jitter d’horloge comme source d’aléa. Nous faisons une évaluation rigoureuse de divers noyaux TRNG conformes à la norme AIS-20/31 et mis en œuvre dans trois familles de FPGA différentes: Intel Cyclone V, Xilinx Spartan-6 et Microsemi SmartFusion2. Puis, nous présentons l’implémentation des noyaux TRNG sélectionnés dans des ASIC et leur évaluation. Ensuite, nous étudions en profondeur PLL-TRNG afin de fournir une conception sécurisée de ce TRNG ainsi que des tests intégrés. Enfin, nous étudions les TRNG basés sur les oscillateurs. Nous comparons de différentes méthodes d'extraction d’aléa ainsi que de différents types d'oscillateurs et le comportement du jitter d'horloge à l'intérieur de chacun d'eux. Nous proposons également des méthodes de mesure du jitter intégrée pour le test en ligne des TRNG basés sur les oscillateurs
Random numbers are essential for modern cryptographic systems. They are used as cryptographic keys, nonces, initialization vectors and random masks for protection against side channel attacks. In this thesis, we deal with random number generators in logic devices (Field Programmable Gate Arrays – FPGAs and Application Specific Integrated Circuits – ASICs). We present fundamental methods of generation of random numbers in logic devices. Then, we discuss different types of TRNGs using clock jitter as a source of randomness. We provide a rigorous evaluation of various AIS-20/31 compliant TRNG cores implemented in three different FPGA families : Intel Cyclone V, Xilinx Spartan-6 and Microsemi SmartFusion2. We then present the implementation of selected TRNG cores in custom ASIC and we evaluate them. Next, we study PLL-TRNG in depth in order to provide a secure design of this TRNG together with embedded tests. Finally, we study oscillator based TRNGs. We compare different randomness extraction methods as well as different oscillator types and the behavior of the clock jitter inside each of them. We also propose methods of embedded jitter measurement for online testing of oscillator based TRNGs

Thesis (M.S.)--George Mason University, 2009.
Vita: p. 91. Thesis director: Jens-Peter Kaps. Submitted in partial fulfillment of the requirements for the degree of Master of Science in Computer Engineering. Title from PDF t.p. (viewed Oct. 12, 2009). Includes bibliographical references (p. 88-90). Also issued in print.

Les objets connectés sont omniprésents dans notre société actuelle (ex. véhicules, transports en commun, santé, domotique, smartphone, moyen de paiement, etc.). La connexion et l'accès à distance des appareils d'usage quotidien améliorent considérablement notre confort et notre efficacité dans notre vie professionnelle comme personnelle. Cependant, cela peut également nous confronter à des problèmes de sécurité sans précédent. Les risques liés à la large expansion des systèmes embarqués et de l'internet des objets sont doubles :- L'accès d'une personne non autorisée aux données pour la lecture, la copie, l'écriture ou l'effacement complet. - L'utilisation de l'objet connecté pour une action non prévue par celui-ci, sa mise hors service du système ou bien sa destruction.Pour répondre à de tels risques, il est nécessaire de mettre en place des mécanismes de sécurité permettant le chiffrement des données sensibles, ainsi qu'une authentification et une autorisation pour chaque appareil de l'internet des objets. Fort heureusement, les fonctions cryptographiques permettent de répondre à ces besoins en garantissant confidentialité, authenticité, intégrité et non-répudiation. Dans ce contexte, les générateurs physiques d'aléa (Générateurs de nombres aléatoires et fonctions physiques non clonables) sont essentiels puisqu'ils assurent le bon fonctionnement des fonctions cryptographiques. En effet, ils exploitent des sources de bruit analogique présentes dans les circuits électroniques pour générer: des clés secrètes permettant de chiffrer les données, ou encore, des identifiants uniques permettant l'authentification des circuits. La sécurité des fonctions cryptographiques repose sur la qualité des clés et identifiant générés par ces générateurs d'aléa. Les nombres produits par ces générateurs doivent être imprévisibles. A défaut, les clés utilisées pour chiffrer les données pourraient être cassées et les identifiants recopiés. C'est pourquoi il est d'une extrême nécessité d'étudier les générateurs physiques d'aléa. Dans ce manuscrit, nous proposons tout d'abord une approche rigoureuse d'implémentation et de comparaison de TRNG et de PUF sur les circuits électroniques numériques, suivis d'une intégration au sein d'un système complet de ces générateurs physiques d'aléa. Ensuite, nous amorçons une démarche de modélisation des PUF afin d'améliorer l'évaluation de leur imprévisibilité. Nous réalisons aussi une étude complète de l'impact du phénomène de verrouillage sur les cellules oscillantes et le. conséquences sur les générateurs physiques d'aléa. Enfin, nous démontrons la sensibilité d'un type particulier de PUF à une attaque par analyse électromagnétique
With the sharp increase in the deployment and integration of the Internet of Things, one challenge is to ensure security with respect to privacy and trust issues. With billions of connected devices, there is a huge risk of unauthorized use or abuse. To protect from such risks, security mechanisms are neede for per-device authentication and authorization, integrated in early design stages. Thankfully, cryptographic functions allow ciphering of sensitive data, as well as per-device authentication and authorization since they guarantee confidentialify, authenticity, integrity and non-repudiation. In this context, physical random generator (random number generator TRNG and physical unclonable functions PUF) are particularly useful since they generate secret keys, random masks or unique identifiers. The robustness of the cryptographic functions stand by the quality of the physical random generators. For that, numbers provided by those generators must be entropic. Otherwise, keys used to cipher data could be broken and identifiers could be retrieved. That's why, it is necessary to study physical random generators. In this thesis, we provide a rigorous approach to implement TRNGs and PUFs in reconfigurable logic devices. After that, we integrate those generators in a complete system. We also propose an innovative approach to evaluate the quality of PUF by modeling their behavior prior to designing it. This should he!p designers anticipate PUF quality in term of randomness. We also realize a complete a study of two kind of threats on physical random generators using oscillating cells: the locking phenomena and the EM analysis

Cette thèse, financée par la DGA, est motivée par la problématique d’évaluation des TRNG pour des applications à très haut niveau de sécurité. Les standards actuels tels que AIS-31 n’étant pas suffisants pour ces types d’applications, la DGA propose une procédure complémentaire, validée sur les TRNG utilisant les oscillateurs en anneau (RO), qui vise à caractériser la source d’aléa des TRNG afin d’identifier les bruits électroniques présents dans celle-ci. Ces bruits se traduisent dans les circuits numériques par le jitter d’horloge générée dans les RO. Ils peuvent être caractérisés par leur densité spectrale de puissance reliée à la variance d’Allan temporelle qui permet, contrairement à la variance standard pourtant encore largement utilisée, de discriminer ces différents types de bruit (thermique, flicker principalement). Cette étude a servi de base à l’estimation de la part du jitter due au bruit thermique utilisé dans les modèles stochastiques décrivant la sortie des TRNG. Afin d’illustrer et de valider l’approche de certification DGA sur d’autres principes de TRNG que les RO, nous proposons une caractérisation de la PLL en tant que source d’aléa. Nous avons modélisé la PLL en termes de fonctions de transfert. Cette modélisation a conduit à l’identification de la source de bruit en sortie de la PLL, ainsi que de sa nature en fonction des paramètres physiques de la PLL. Cela a permis de proposer des recommandations quant au choix des paramètres afin de garantir une entropie maximale. Afin d’aider à la conception de ce type de TRNG, nous proposons également un outil de recherche des paramètres non physiques du générateur assurant le meilleur compromis sécurité/débit
This thesis, funded by the DGA, is motivated by the problem of evaluation of TRNG for applications with a very high level of security. As current standards such as AIS-31 are not sufficient for these types of applications, the DGA proposes a complementary procedure, validated on TRNG using ring oscillators (RO), which aims to characterize the source of randomness of TRNG in order to identify electronic noises present in it. These noises are manifested in the digital circuits by the clock jitter generated in the RO. They can be characterized by their power spectral density related to the time Allan variance which allows, unlike the standard variance which is still widely used, to discriminate these different types of noise (mainly thermal, flicker). This study was used as a basis for estimating the proportion of jitter due to thermal noise used in stochastic models describing the output of TRNG. In order to illustrate and validate the DGA certification approach on other principles of TRNG apart from RO, we propose a characterization of PLL as a source of randomness. We have modeled the PLL in terms of transfer functions. This modeling has led to the identification of the source of noise at the output of the PLL, as well as its nature as a function of the physical parameters of the PLL. This allowed us to propose recommendations on the choice of parameters to ensure maximum entropy. In order to help in the design of this type of TRNG, we also propose a tool to search for the non-physical parameters of the generator ensuring the best compromise between security and throughput

Random numbers are important for gaming, simulation and cryptography. Random numbers have been generated using analog circuitry. Two problems exist with using analog circuits in a digital design: (1) analog components require an analog circuit designer to insure proper structure and functionality and (2) analog components are not easily transmigrated into a different fabrication technology. This paper proposes a class of random number generators that are constructed using only digital components and typical digital design methodology. The proposed classification is called divergent path since the path of generated numbers through the range of possible values diverges at every sampling. One integrated circuit was fabricated and several models were synthesized into a FPGA. Test results are given.

Random number generator is a key component for strengthening and securing the confidentiality of electronic communications. Random number generators can be divided as either pseudo random number generators or true random number generators. A pseudo random number generator produces a stream of numbers that appears to be random but actually follow predefined sequence. A true random number generator produces a stream of unpredictable numbers that have no defined pattern. There has been growing interest to design true random number generator in past few years. Several Field Programmable Gate Array (FPGA) and Application Specific Integrated Circuit (ASIC) based approaches have been used to generate random data that requires analog circuit. RNGs having analog circuits demand for more power and area. These factors weaken hardware analog circuit-based RNG systems relative to hardware completely digital-based RNGs systems. This thesis is focused on the design of completely digital true random number generator ASIC.

De nombreuses applications (internet des objets, systèmes embarqués automobiles et médicales, intelligence artificielle) ont besoin d’un circuit intégré (ou SoC pour System on Chip) avec des mémoires non volatiles embarquées performantes pour fonctionner de manière optimale. Bien que la mémoire Flash soit largement utilisée aujourd'hui, cette technologie nécessite une tension élevée pour les opérations de programmation et présente des problèmes de fiabilité difficiles à gérer au-delà du nœud technologique 18 nm, augmentant les coûts de conception et de fabrication des circuits. Dans ce contexte, l'industrie du semi-conducteur est à la recherche d’une mémoire non volatile alternative pouvant remplacer les mémoires Flash. Parmi les candidats actuellement étudiés (MRAM - mémoire à accès aléatoire magnétique, PCM - mémoire à changement de phase, FeRAM - mémoire à accès aléatoire Ferroélectrique), les mémoires résistives (RRAM) offrent de meilleures performances sur différents points capitaux : compatibilité avec le processus de fabrication standard CMOS, consommation de courant, rapidité de fonctionnement, etc. La technologie RRAM peut être aisément introduite dans n'importe quel flot de conception ouvrant la voie au développement de nouvelles architectures qui répondent à l’engorgement des systèmes classiques Von Neumann. Dans cette thèse, l'objet principal est de montrer le potentiel d’intégration des dispositifs RRAM avec la technologie CMOS, à l’aide de simulation et de mesures électriques, afin d’élaborer différentes structures hybrides : mémoires à accès aléatoire statique (SRAM) non volatiles, générateurs de nombres aléatoires (TRNG) et réseaux de neurones artificiels
Many diversified applications (internet of things, embedded systems for automotive and medical applications, artificial intelligence) require an integrated circuit (SoC, System on Chip) with high-performance non-volatile memories to operate optimally. Although Flash memory is widely used today, this technology needs high voltage for programing operations and has reliability issues that are hard to handle beyond 18 nm technological node, increasing the cost of circuit design and fabrication. In this context, the semiconductor industry seeks an alternative non-volatile memory that can replace Flash memories. Among possible candidates (MRAM - Magnetic Random Access Memory, PCM - Phase Change Memory, FeRAM - Ferroelectric Random Access Memory), Resistive memories (RRAMs) offer superior performances on essential key points: compatibility with CMOS manufacturing processes, scalability, current consumption (standby and active), operational speed. Due to its relatively simple structure, RRAM technology can be easily integrated in any design flow opening the way for the development of new architectures that answer Von Neumann bottleneck. In this thesis, the main object is to show the integration abilities of RRAM devices with CMOS technology, using circuit design and electrical measurements, in order to develop different hybrid structures: non-volatile Static Random Access Memories (SRAM), True Random Number Generator (TRNG) and artificial neural networks

Random numbers are required for cryptographic applications such as IT security products, smart cards etc. Hardwarebased random number generators are widely employed. Cryptographic algorithms are implemented on FieldProgrammable Gate Arrays (FPGAs). In this work a True Random Number Generator (TRNG) employed for spaceapplication was designed, investigated and evaluated. Several cryptographic requirements has to be satisfied for therandom numbers. Two different noise sources was designed and implemented on the FPGA. The first design wasbased on ring oscillators as a noise source. The second design was based on astable oscillators developed on a separatehardware board and interfaced with the FPGA as another noise source. The main aim of the project was to analyse theimportant requirement of independent noise source on a physical level. Jitter from the oscillators being the source forthe randomness, was analysed on both the noise sources. The generated random sequences was finally subjected tostatistical tests.

Cryptographically secure random number generators usually require an outside seed to be initialized. Other solutions instead use a continuous entropy stream to ensure that the internal state of the generator always remains unpredictable. This thesis analyses four such generators with entropy inputs. Furthermore, different ways to estimate entropy is presented and a new method useful for the generator analysis is developed. The developed entropy estimator performs well in tests and is used to analyse entropy gathered from the different generators. Furthermore, all the analysed generators exhibit some seemingly unintentional behaviour, but most should still be safe for use.
Kryptografiskt säkra slumptalsgeneratorer behöver ofta initialiseras med ett oförutsägbart frö. En annan lösning är att istället konstant ge slumptalsgeneratorer entropi. Detta gör det möjligt att garantera att det interna tillståndet i generatorn hålls oförutsägbart. I den här rapporten analyseras fyra sådana generatorer som matas med entropi. Dessutom presenteras olika sätt att skatta entropi och en ny skattningsmetod utvecklas för att användas till analysen av generatorerna. Den framtagna metoden för entropiskattning lyckas bra i tester och används för att analysera entropin i de olika generatorerna. Alla analyserade generatorer uppvisar beteenden som inte verkar optimala för generatorns funktionalitet. De flesta av de analyserade generatorerna verkar dock oftast säkra att använda.

Pulsars, as rotating magnetised neutron stars got much attention during the last 40 years since their discovery. Observations revealed them to be gamma-ray emitters with energies continuing up to the sub 100 GeV region. Better observation of this upper energy cut-off region will serve to enhance our theoretical understanding of pulsars and neutron stars. The H-test has been used the most extensively in the latest periodicity searches, whereas other tests have limited applications and are unsuited for pulsar searches. If the probability distribution of a test statistic is not accurately known, it is possible that, after searching through many trials, a probability for uniformity can be given, which is much smaller than the real value, possibly leading to false detections. The problem with the H-test is that one must obtain the distribution by simulation and cannot do so analytically. For such simulations, random numbers are needed and are usually obtained by utilising so-called pseudo-random number generators, which are not truly random. This immediately renders such generators as useless for the simulation of the distribution of the H-test. Alternatively there exists hardware random number generators, but such devices, apart from always being slow, are also expensive, large and most still don't exhibit the true random nature required. This was the motivation behind the development of a hardware random number generator which provides truly random U(0,l) numbers at very high speed and at low cost The development of and results obtained by such a generator are discussed. The device delivered statistically truly random numbers and was already used in a small simulation of the H-test distribution.
Thesis (M.Sc. (Physics))--North-West University, Potchefstroom Campus, 2005.

The thesis deals with issues of random numbers, their generating and use in cryptography. Introduction of work is aimed to resolution of random number generators and pseudo--random number generators. There is also included often used dividing generators on software and hardware. We mention advantages and disadvantages of each type and area of their use. Then we describe examples of random and pseudorandom numbers, mainly hardware based on physical phenomenon such as the decay of radioactive material or use atmospheric noise. The following part is devoted to suggestion own random number generator and a description of its functionality. In the second half of the work we devote to the field of cryptography. We know basic types of cryptographic systems, namely symmetric and asymmetric cryptosystems. We introduce a typical representant the various type and their properties. At the end of the work we again return to our random number generator and verify the randomness generated numbers and obtained cryptograms.

Random number generation can be based on physical events with probabilistic character, or on algorithms that use complex or one-way functions, alternatively on both of these approaches. A magnetic vortex is a basic state of magnetization that forms in magnetic micro- and nanostructures of an appropriate shape, dimensions and material. Quantities of the magnetic vortex form randomly if ambient conditions are chosen eligibly. A concept of a true random number generator using a random switching of states of the magnetic vortex is presented in this thesis. This concept is realized and random numbers were experimentally generated and numbers were statistically analysed.

Les nombres aléatoires sont indispensables dans de nombreuses applications notamment en cryptographie où l’aléa est utilisé dans les protocoles de sécurité. Les générateurs de nombres aléatoires, plus connus sous le nom de RNG comme “Random Number Generator” se déclinent en deux familles, les PRNG (Pseudo RNG) qui sont des générateurs de nombres aléatoires ayant des séquences déterministes et les TRNG (True RNG) qui sont des générateurs d’aléa “vrai”, donc non prédictibles. Les applications cryptographiques utilisent à la fois les TRNG et les PRNG. Un PRNG nécessite une valeur initiale, ou graine, qui peut être la sortie d’un TRNG. Les TRNG tirent profit de l’aléa des phénomènes physiques. Les TRNGs dans les technologies numériques comme les FPGAs font appel à des oscillateurs qui présentent l’inconvénient de pouvoir être attaqués par couplage harmonique. De façon à évaluer la qualité entropique d’un TRNG, des standards basés sur des tests statistiques ont été élaborés par des organismes de certification comme le NIST ou la BSI. Cependant, il est recommandé de formaliser, par le biais d’un modèle, le caractère stochastique de la génération d’aléa. Dans cette thèse, nous étudions une architecture de TRNG, peu coûteuse et robuste face aux attaques harmoniques car elle n’utilise pas d’oscillateurs. Ce TRNG extrait une variable aléatoire en exploitant à la fois les états métastables des bascules et les fluctuations temporelles (ou gigue) des signaux échantillonnés. Nous proposons par la suite un modèle stochastique qui nous permet de décrire le comportement aléatoire du TRNG indépendamment de la technologie ciblée. Les caractérisations et évaluations sur des circuits prototypes en technologies FPGA et ASIC montrent que l’architecture TRNG proposée génère de l’aléa de qualité et est robuste face aux variations environnementales
Random numbers are required in numerous applications namely in cryptography where randomness is used in security protocols. There are two main classes of Random Number Generators (RNG) : The Pseudo RNG (PRNG) which have a deterministic sequence, and the True RNG (TRNG) which generates unpredictable random numbers. Cryptographic applications use both TRNG and PRNG. The PRNG needs an initial value, or seed, which can be the output of a TRNG. In digital technologies, like FPGAs, TRNG are commonly based on oscillators which have the drawback of being biased by harmonic coupling. In order to assess the entropic quality of TRNGs, standards based on statistical tests have been elaborated by certification organisms namely the NIST and the BSI. However, it is recommended to formalize the stochastic behaviour of the randomness generation process. In this Ph.D, we address the design and quality evaluation of TRNGs in digital circuits. We study of a low-cost digital TRNG without oscillators, hence robust against harmonics attacks. The proposed TRNG exploits both the metastability phenomenon and the jitter noise in CMOS digital flip-flops to generate the random numbers. A stochastic model of this TRNG has been formalized. This model describes the random generation process regardless of the targeted technology. The characterization and evaluation on a prototype circuit, in FPGA and ASIC technologies, has shown that the proposed TRNG architecture generates randomness of good quality and is robust against environmental variations

Les nombres aléatoires sont indispensables dans de nombreuses applications notamment en cryptographie où l’aléa est utilisé dans les protocoles de sécurité. Les générateurs de nombres aléatoires, plus connus sous le nom de RNG comme “Random Number Generator” se déclinent en deux familles, les PRNG (Pseudo RNG) qui sont des générateurs de nombres aléatoires ayant des séquences déterministes et les TRNG (True RNG) qui sont des générateurs d’aléa “vrai”, donc non prédictibles. Les applications cryptographiques utilisent à la fois les TRNG et les PRNG. Un PRNG nécessite une valeur initiale, ou graine, qui peut être la sortie d’un TRNG. Les TRNG tirent profit de l’aléa des phénomènes physiques. Les TRNGs dans les technologies numériques comme les FPGAs font appel à des oscillateurs qui présentent l’inconvénient de pouvoir être attaqués par couplage harmonique. De façon à évaluer la qualité entropique d’un TRNG, des standards basés sur des tests statistiques ont été élaborés par des organismes de certification comme le NIST ou la BSI. Cependant, il est recommandé de formaliser, par le biais d’un modèle, le caractère stochastique de la génération d’aléa. Dans cette thèse, nous étudions une architecture de TRNG, peu coûteuse et robuste face aux attaques harmoniques car elle n’utilise pas d’oscillateurs. Ce TRNG extrait une variable aléatoire en exploitant à la fois les états métastables des bascules et les fluctuations temporelles (ou gigue) des signaux échantillonnés. Nous proposons par la suite un modèle stochastique qui nous permet de décrire le comportement aléatoire du TRNG indépendamment de la technologie ciblée. Les caractérisations et évaluations sur des circuits prototypes en technologies FPGA et ASIC montrent que l’architecture TRNG proposée génère de l’aléa de qualité et est robuste face aux variations environnementales
Random numbers are required in numerous applications namely in cryptography where randomness is used in security protocols. There are two main classes of Random Number Generators (RNG) : The Pseudo RNG (PRNG) which have a deterministic sequence, and the True RNG (TRNG) which generates unpredictable random numbers. Cryptographic applications use both TRNG and PRNG. The PRNG needs an initial value, or seed, which can be the output of a TRNG. In digital technologies, like FPGAs, TRNG are commonly based on oscillators which have the drawback of being biased by harmonic coupling. In order to assess the entropic quality of TRNGs, standards based on statistical tests have been elaborated by certification organisms namely the NIST and the BSI. However, it is recommended to formalize the stochastic behaviour of the randomness generation process. In this Ph.D, we address the design and quality evaluation of TRNGs in digital circuits. We study of a low-cost digital TRNG without oscillators, hence robust against harmonics attacks. The proposed TRNG exploits both the metastability phenomenon and the jitter noise in CMOS digital flip-flops to generate the random numbers. A stochastic model of this TRNG has been formalized. This model describes the random generation process regardless of the targeted technology. The characterization and evaluation on a prototype circuit, in FPGA and ASIC technologies, has shown that the proposed TRNG architecture generates randomness of good quality and is robust against environmental variations

De nos jours, la sécurité des systèmes embarqués prend une place de plus en plus importante. Notamment du fait de l'augmentation de la part du marché prise par l'IoT et le marché automobile.Afin de justifier un certain niveau de sécurité ces systèmes embarqués doivent subir des audits de sécurité afin soit d'obtenir une certification, qui peut s'avérer nécessaire pour adresser certains marché, ou alors plus simplement pour éviter de ternir le nom de l'entreprise en cas de faille.Le chemin d'attaque le plus efficace est probablement l'injection de faute obtenue par une violation volontaire des conditions d'utilisation d'un circuit.De cette faute différent scénarios sont possibles, soit celle-ci est couplée à des outils statistiques pour obtenir la clef secrète d'un algorithme cryptographique, soit elle permet une escalade de privilège.Cette thèse se concentre sur les fautes induites par perturbation électromagnétique, qui est le support qui offre le meilleur compromis précision coût.Si les attaques par injections de fautes se sont montrées maintes fois efficaces dans la littérature, elles possèdent néanmoins un défaut conséquent dans le cadre de l'évaluation sécuritaire. Ce défaut vient du très grand nombre de paramètres offert par l'injection de faute à son utilisateur. Si on ajoute à cela les contraintes temporelles inhérentes à l'évaluation, on se rend compte de la difficulté de garantir la sécurité d'un produit contre de telles menaces.De ce constat il devient évident que des métriques ou stratégie sont nécessaire pour améliorer la qualité des évaluations.Cette thèse est un premier pas dans cette direction et propose de résoudre la complexité spatiales lors d'une campagne évaluation face à l'injection de faute électromagnétique.L'idée est de définir une métrique se basant sur des expérimentations ainsi que l'état de l'art pour réduire l'espace à tester à quelques positions qui vont presque certainement mener à une faute du fait de leur propriété physique.Dans une première partie la création d'un tel critère est présentée. Celui-ci se base sur un modèle simplifié du couplage sonde d'injection circuit et sur le modèle de faute le plus récent.Ensuite les limites d'un tel critère sont analysées afin d'en trouver une amélioration.Cependant, l'injection de faute ne permet pas seulement d'attaquer directement une cible, elle peut aussi diminuer sa sécurité en visant ses contre-mesures.La plupart des contre-mesures ont en commun l'utilisation d'un générateur de nombre aléatoire, c'est pourquoi la robustesse d'un générateur aléatoire récent sera évaluée dans une troisième partie.De cette analyse un chemin d'attaque sera dérivé dans le cadre de l'injection de faute via ondes électromagnétiques
Today, security of embedded devices is put in the limelight with the increasing market share of both IoT and automotive.To ensure a proper level of security to its customer such embedded components must undergo pentesting either to obtain some certifications to address security market but also to avoid tarnishing the name of the firm in case of vulnerability.Amongst the various attack paths, one of most threatening is the voluntary violation of operation condition to induce a fault on a circuit.These faults are then used for privilege escalation or combined with statistic tools to recover cryptographic keys. This thesis focuses on the use of electromagnetic field to generate such faults, this medium being the one that offers the best trade-off between cost and accuracy.The efficiency of such family of attack has already been demonstrated in the literature. Yet fault injection techniques shared a common problem which root cause is the amount of parameter an evaluator has to tweaks to obtain a fault. Therefore, it is hard to state whether a target is protected against fault injection since evaluation is bounded in time, thus exhaustive search is not an option.Metrics or strategies should be defined to get the most out of up to date fault injection methods.This thesis is a first step towards defining such metrics, and proposed to tackle the space complexity of EM fault injection. In other words, according to the attack scenario we developed metrics or strategy relying on both experimentation and state of the art. The aims of those metrics/strategy being to reduce the space on the DUT that undergo electromagnetic emanation to the most likely to be faulted area.In a first part, a criterion based on a basic model of the coupling between the injection probes and the circuit as well as today fault model will be developed.This criterion is then analysed and a refinement is proposed.Yet fault injection could also be used to nullify countermeasure that disable some attack vectors. Most of those countermeasures have in common the use of a true random generator.Thence in a second part we evaluate the robustness of an up to date true random number generator against electromagnetic perturbation.From this analysis we derived which parts of true random number generator are more relevant to be targeted using electromagnetic waves

La jonction tunnel magnétique (JTM) commutée par la couple de transfert de spin (STT) a été considérée comme un candidat prometteur pour la prochaine génération de mémoires non-volatiles et de circuits logiques, car elle fournit une solution pour surmonter le goulet d'étranglement de l'augmentation de puissance statique causée par la mise à l'échelle de la technologie CMOS. Cependant, sa commercialisation est limitée par la fiabilité faible, qui se détériore gravement avec la réduction de la taille du dispositif. Cette thèse porte sur l'étude de la fiabilité des circuits basés sur JTM. Tout d'abord, un modèle compact de JTM incluant les problèmes principaux de fiabilité est proposé et validé par la comparaison avec des données expérimentales. Sur la base de ce modèle précis, la fiabilité des circuits typiques est analysée et une méthodologie d'optimisation de la fiabilité est proposée. Enfin, le comportement de commutation stochastique est utilisé dans certaines nouvelles conceptions d'applications classiques
Spin transfer torque magnetic tunnel junction (STT-MTJ) has been considered as a promising candidate for next generation of non-volatile memories and logic circuits, because it provides a perfect solution to overcome the bottleneck of increasing static power caused by CMOS technology scaling. However, its commercialization is limited by the poor reliability, which deteriorates severely with device scaling down. This thesis focuses on the reliability investigation of MTJ based non-volatile circuits. Firstly, a compact model of MTJ including main reliability issues is proposed and validated by the comparison with experimental data. Based on this accurate model, the reliability of typical circuits is analyzed and reliability optimization methodology is proposed. Finally, the stochastic switching behavior is utilized in some new designs of conventional applications

La jonction tunnel magnétique (JTM) commutée par la couple de transfert de spin (STT) a été considérée comme un candidat prometteur pour la prochaine génération de mémoires non-volatiles et de circuits logiques, car elle fournit une solution pour surmonter le goulet d'étranglement de l'augmentation de puissance statique causée par la mise à l'échelle de la technologie CMOS. Cependant, sa commercialisation est limitée par la fiabilité faible, qui se détériore gravement avec la réduction de la taille du dispositif. Cette thèse porte sur l'étude de la fiabilité des circuits basés sur JTM. Tout d'abord, un modèle compact de JTM incluant les problèmes principaux de fiabilité est proposé et validé par la comparaison avec des données expérimentales. Sur la base de ce modèle précis, la fiabilité des circuits typiques est analysée et une méthodologie d'optimisation de la fiabilité est proposée. Enfin, le comportement de commutation stochastique est utilisé dans certaines nouvelles conceptions d'applications classiques
Spin transfer torque magnetic tunnel junction (STT-MTJ) has been considered as a promising candidate for next generation of non-volatile memories and logic circuits, because it provides a perfect solution to overcome the bottleneck of increasing static power caused by CMOS technology scaling. However, its commercialization is limited by the poor reliability, which deteriorates severely with device scaling down. This thesis focuses on the reliability investigation of MTJ based non-volatile circuits. Firstly, a compact model of MTJ including main reliability issues is proposed and validated by the comparison with experimental data. Based on this accurate model, the reliability of typical circuits is analyzed and reliability optimization methodology is proposed. Finally, the stochastic switching behavior is utilized in some new designs of conventional applications

碩士
國立交通大學
電子研究所
107
This thesis mainly developed a multivariable analysis to study the source/drain(S/D) variation in FinFETs. With the scaling of CMOS technology, aggressive scaling of fin-pitch and contact length reduces the contact area. Nevertheless, few studies have been focused on the variation of S/D region, which should be a big concern for next generation device design. Then, we utilized the result of multivariable analysis to construct the Physical Unconable Function (PUF) and True Random Number Generator (TRNG). In the Internet of Things (IoT) era, both PUF and TRNG play very important role in embedded cryptographic system designs. First, we developed a multivariable analysis to quantify the impact of S/D region variation on device driving current. When channel length scales down to nanometer, the channel resistance rolls off at the same time; however, Rsd accounts for an increasing proportion of the total resistance. Therefore, Rsd cannot be ignored while improving the performance of the advanced generation devices. Next, to get more information about the Rsd, the Virtual Source Model will be introduced in chapter 2. Also, the doping profile along the direction of channel to S/D region can be extracted by discrete dopant profiling. Owing to these aforementioned techniques, the source of Rsd variation can be delineated, in which dopant is dominant (76.3~89.4%) and interface trap is a secondary factor (10.6~23.7%) with less contribution to the Rsd variation, in both n-FinFET and p-FinFET. The Physical Unclonable Function (PUF) will be introduced in chapter 3. During IC manufacturing process, variability occurs and creates different physical microstructures. These manufacturing variations cannot be fully controlled and re-fabricated intentionally, so the underlying physical properties are unique and become silicon fingerprints of individual ICs. That’s why PUF can be seen as the fingerprint of devices; hence, the suitable variation source for PUF is important. We utilize the S/D mismatch current to achieve PUFs and show the great performance (Inter-HD~49.9952%, Hamming Weight~50%) of S/D-mismatch-based PUF. Also, after 150℃ 720hrs thermal stress experiment, the unstable bits are still near 0. In the fabrication process, there are some lithography induced traps in S/D junction. These traps will induce not only the variation of S/D resistance, but also the RTN phenomenon. Because of the characteristic of randomness in RTN, we can use the junction-RTN phenomenon to construct the TRNG. In order to prove the randomness of TRNGs, we use the junction-RTN TRNG to generate 65536 random bits and evaluate these random numbers though NIST, showing that the random numbers pass 9 statistic tests.

This diploma thesis deals with creation of several random number generators. The data from these prototypes are then compared according to various aspects and statistical methods. The reader is familiar with the basic concepts, the existing random number generators and the technologies used.

碩士
國立清華大學
電機工程學系
90
As the government, the business, and many personal users are gradually adopting the electronic methods to store information, information security has been a highly noticed important issue. Among all the methods that can provide information security, cryptographic systems provide the maximum flexibility and safety. In a cryptographic system, there are some essential, safety-related initial values, public keys, and private keys needed to be generated. Because these values have something to do with the security of the whole cryptographic system, they need to be random and unpredictable. A random number generator is applied to generate these randomly produced (not calculated) values. Generally speaking, the security of a cryptographic system relies mainly on the goodness of both the algorithm and the random number generator. In order to cooperate with the ACP/NP project, we tried to implement three different kinds of true random number generators. As for Discrete-Time Chaos method, we mentioned the problems that might occur when designing the circuit and proposed ways to solve them. Because we use analog circuit to implement a mathematically well-behaved equation, the simulation results can pass all the requirements for random data defined in “Security Requirements for Cryptographic Modules, FIPS PUB 140-2”, which is proposed by NIST (National Institute of Standards and Technology) in 2001. As for Oscillator Sampling method, we proposed a circuit that can increase the phase noise and a compensation method in case the outputs cannot pass the requirements for random data. As for the Pure Digital Circuit method, we concluded that this method is not practical in real case according to our drawing the layout and running the post simulation of the circuit.

碩士
國立清華大學
電子工程研究所
100
With the popularization of the Internet, data transmission has become more convenient and highly mobile. In order to prevent data theft, data encryption system is essential to modern communication chips. A stable and True Random Number Generator (TRNG) is a key element to ensure the security of transmitted data. TRNG based on the trapping and de-trapping process in the oxide defects has been proposed in recent years. Generating random numbers using electron trapping has several advantages. First, as the source of this random process occurs naturally, hence the resulting random number is aperiodic. In addition, the output is generally insensitive to temperature. Random number generator circuits depend on random latching of inverter pair can subject to mismatch effects. In a MOSFET, random telegraph noise (RTN) refers to the drain current fluctuation (ID-RTN) as a result of the change in the amount of carriers flowing from source to drain. These RTN signals with discrete drain current levels is generally very small and can lead to misleading results after amplifications. In this paper, we proposed a TRNG based on the RTN signals found in the contact resistive random access memory (CRRAM) device. As reported in previous studies, the resistance levels of both the high and low resistance states are subject to high RTN, leading to large read current noises as a results of electron trapping in the conductive pathway. These RTN signals from the embedded CRRAM cells is much larger than ID-RTN, which allows CRRAM to be more appropriate source for generating true random number for encryption circuitry.

Since the beginning of times that human beings were presented with the difficult of protecting their data. In all wars, cryptographic systems where essential to wining. Nowadays, fighting global terrorism makes cryptography of paramount importance in communication and security of critical systems. Cryptographic methods present a real challenge, so hard that it is as difficult to create as it is to crack. Since the first appearances of Integrated Circuits, methods have been created to protect the data on them, the same happened when the first networks appeared and nowadays we still face the same challenge. Centuries have passed and the definition of the random word still creates confusion when trying to define it. This thesis proposes a random generation method which proved to be effective according to worldwide standards with the new emerging technologies of the IoT in mind. A True Random Number Generator (TRNG) based on ring oscillators, implemented in a Field Programmable Gate Array (FPGA) platform is proposed and evaluated. Based on some new concepts on ring oscillators, jitter noise was analysed and used as a main noise source to create randomness. The main aim of this project was to investigate and develop of a secure system that met the international requirements for IoT purposes.

碩士
國立雲林科技大學
電機工程系
107
This thesis aims to propose a new design approach for a true random number generator (TRNG) to improve the randomness of the traditional random number generator. As well known, the traditional TRNG cannot be clearly modeled and effectively controlled and applied, while these problems can be well solved by using the TRNG design in this thesis. First, we propose a new structure based on chaotic system for the generation of true random numbers. The Chi-square test and NIST test are used as the standard for evaluating the true random number. Secondly, using the sliding mode control method, the synchronization controller is proposed to achieve the synchronization of the master-slave TRNGs. After successfully completing the modeling and synchronization of the true random numbers, we integrate these research results to design a real-time voice encryption system. In this system, we use the real random number as the key of the voice encryption system. By combining with the concept of dynamic password, the overall security of encrypted voice is improved and the high security voice encryption system design is completed.

Advancement in cryptography over the past few decades has enabled a spectrum of security mechanisms and protocols for many applications. Despite the algorithmic security of classic cryptography, there are limitations in application and implementation of standard security methods in ultra-low energy and resource constrained systems. In addition, implementations of standard cryptographic methods can be prone to physical attacks that involve hardware level invasive or non-invasive attacks. Physical unclonable functions (PUFs) provide a complimentary security paradigm for a number of application spaces where classic cryptography has shown to be inefficient or inadequate for the above reasons. PUFs rely on intrinsic device-dependent physical variation at the microscopic scale. Physical variation results from imperfection and random fluctuations during the manufacturing process which impact each device’s characteristics in a unique way. PUFs at the circuit level amplify and capture variation in electrical characteristics to derive and establish a unique device-dependent challenge-response mapping. Prior to this work, PUF implementations were unsuitable for low power applications and vulnerable to wide range of security attacks. This doctoral thesis presents a coherent framework to derive formal requirements to design architectures and protocols for PUFs. To the best of our knowledge, this is the first comprehensive work that introduces and integrates these pieces together. The contributions include an introduction of structural requirements and metrics to classify and evaluate PUFs, design of novel architectures to fulfill these requirements, implementation and evaluation of the proposed architectures, and integration into real-world security protocols. First, I formally define and derive a new set of fundamental requirements and properties for PUFs. This work is the first attempt to provide structural requirements and guideline for design of PUF architectures. Moreover, a suite of statistical properties of PUF responses and metrics are introduced to evaluate PUFs. Second, using the proposed requirements, new and efficient PUF architectures are designed and implemented on both analog and digital platforms. In this work, the most power efficient and smallest PUF known to date is designed and implemented on ASICs that exploits analog variation in sub-threshold leakage currents of MOS devices. On the digital platform, the first successful implementation of Arbiter-PUF on FPGA was accomplished in this work after years of unsuccessful attempts by the research community. I introduced a programmable delay tuning mechanism with pico-second resolution which serves as a key component in implementation of the Arbiter-PUF on FPGA. Full performance analysis and comparison is carried out through comprehensive device simulations as well as measurements performed on a population of FPGA devices. Finally, I present the design of low-overhead and secure protocols using PUFs for integration in lightweight identification and authentication applications. The new protocols are designed with elegant simplicity to avoid the use of heavy hash operations or any error correction. The first protocol uses a time bound on the authentication process while second uses a pattern-matching index-based method to thwart reverseengineering and machine learning attacks. Using machine learning methods during the commissioning phase, a compact representation of PUF is derived and stored in a database for authentication.

Low-dimensional systems are an exciting platform for exploring new physics and realizing novel devices. The intriguing features, such as the existence of strongly bound multiparticle complexes and thickness-dependent band structures, enable us to utilize them to overcome many challenges faced by bulk materials and conceive new technologies. Since the isolation of graphene, the class of two-dimensional materials has grown tremendously. The array of materials one can choose from for implementing an idea is vast. Nevertheless, understanding the underlying physics is essential for utilizing these properties for real-life applications. Here, we explore the optical, electrical, and optoelectrical characteristics of heterostructures based on 2D layered systems. The strongly bound excitonic complexes hosted by monolayer transition metal dichalcogenide semiconductors (TMDC) are an excellent platform for probing many-body physics. The strong luminescence and a plethora of exciting properties make them a good candidate for applications such as single photon emitters and light-emitting diodes. In the first work, we explore new ways to tune the emission from these particles without compromising their luminescence. Using a high-quality graphene/hBN/WS2/hBN/Au vertical heterojunction, we demonstrate for the first time an out-of-plane electric field-driven change in the sign of the Stark shift from blue to red for four different excitonic species, namely, the neutral exciton, the charged exciton (trion), the charged biexciton, and the defect-bound exciton. We also find that the encapsulating environment of the monolayer TMDC plays a vital role in wave function spreading and hence in determining the magnitude of the blue Stark shift. We also provide a theoretical framework to understand the underlying physics better. The findings have important implications in probing many-body interaction in the two dimensions and developing layered semiconductor-based tunable optoelectronic devices. A significant advantage of the 2D material system is its robustness against lattice mismatch between the successive layers and the ability to extract exciting characteristics from the resultant system. The final system's behavior greatly depends on how the energy bands of the individual materials line up and can result in drastically different properties. In the second work, we demonstrate how an additional ultra-thin barrier layer modifies the properties of a black phosphorus (BP)/SnSe2 tunnel diode. While the system without the barrier layer showed a linear relationship between current and voltage, the additional barrier layer modified it to a highly nonlinear relation and exhibited negative differential resistance (NDR). Moreover, the tunnel diodes exhibited highly repeatable, ultra-clean, and gate tunable NDR characteristics with a signature of intrinsic oscillation and a large peak-to-valley current ratio (PVCR) of 3.6 at 300 K (4.6 at 7 K), making them suitable for practical applications. We then show that the thermodynamic stability of the van der Waals (vdW) tunnel diode circuit can be tuned from astability to bistability by altering the constraint by choosing a voltage or a current bias, respectively. After exploring the dynamics of the device, we assess its viability for designing systems with real-life applications. In the astable mode under voltage bias, we demonstrate a compact, voltage-controlled oscillator without needing an external tank circuit. In the bistable mode under current bias, we demonstrate a highly scalable, single element, a one-bit memory cell promising for dense random access memory applications in memory-intensive computation architectures. In the third work, we explore the usage of vdW materials for generating a cryptographically secure true random number generator. Such generators rely on external entropy sources for their indeterminism. Physical processes governed by the laws of quantum mechanics are excellent sources of entropy available in nature. However, extracting enough entropy from such systems for generating truly random sequences is challenging while maintaining the feasibility of the extraction procedure for real-world applications. Here, we design a compact and an all-electronic vdW heterostructure-based device capable of detecting discrete charge fluctuations for extracting entropy from physical processes and use it for the generation of independent and identically distributed (IID) true random sequences. Using the proposed scheme, we extract a record high value (> 0.98 bits/bit) of min-entropy. We demonstrate an entropy generation rate tunable over multiple orders of magnitude and show the persistence of the underlying physical process for temperatures ranging from cryogenic to ambient conditions. We verify the random nature of the generated sequences using tests such as the NIST SP 800-90B standard and other statistical measures and verify the suitability of our random sequence for cryptographic applications using the NIST SP 800-22 standard. The generated random sequences are then used to implement various randomized algorithms in real life without preconditioning steps. We then investigate how knowledge of the dynamics of optically generated carriers, ability to sense discrete charge fluctuation, and transport of carriers across vdW heterostructure can be combined to design a comprehensive system to detect single photons. Single-photon detectors (SPDs) are crucial in applications ranging from space and biological imaging to quantum communication and information processing. The SPDs operating at room temperature are particularly interesting to broader application spaces as the energy overhead introduced by cryogenic cooling can be avoided. Although silicon-based single photon avalanche diodes (SPADs) are well matured and operate at room temperature, the bandgap limitation restricts their operation at telecommunication wavelength (1550 nm) and beyond. On the other hand, InGaAs-based SPADs are sensitive to 1550 nm photons but suffer from relatively lower efficiency, high dark count rate, afterpulsing probability, and pose hazards to the environment from the fabrication process. By coupling a low bandgap (~350 meV) absorber (black phosphorus) to a sensitive van der Waals probe capable of detecting discrete electron fluctuation, we demonstrate a room-temperature single-photon detector. While the device is capable of covering up to a wavelength of ~3.5 um, we optimize the device for operation at 1550 nm and demonstrate an overall quantum efficiency of 21.4% (estimated as 42.8% for polarized light) and a minimum dark count of ~720 Hz at room temperature.