Enhancing Quality and Security of the PLL-TRNG

Authors

Maciej Skrski, Quentin Dallison, Nathalie Bochard, Florent Bernard, Viktor Fisher

About

This repository contains supplementary material (data and code) to reproduce the evaluation of a true random number generator presented in :open_book: "Enhancing Quality and Security of the PLL-TRNG" at TCHES 2023.

Code execution

The code is available in form of Python and R notebooks under the src directory. The notebooks run interactively under the customized Docker Image of Jupyter. For convenience, the image provides the user with both software and data.

Run Online with Docker

For a single-click online access use the Binder link at the top. <!-- markdown-link-check-enable -->

Run Locally with Docker

On a machine with Docker (local computer, virtual machine on cloud) run this image console docker run -it --rm -p 8888:8888 ghcr.io/maciejskorski/enhanced-pll-trng:latest and follow instructions to access the repository via Jupyter.

Data

All necessary data can be found under the data directory. The zipped data are available to download from releases.

Scripts Overview

The code can be found under the src directory, as Python scripts and Python or R notebooks.

Generating configurations

findPLL-TRNGconfigs.py is the Python script that generates the list of all possible configurations, along with the list of time distances between contributing bits. The main code block contains the constraints of the state-space to explore. First developed by Brice Colombier, the authors modified this script to compute the time distances between contributing bits.

Data Basics

The notebook rawdataprocessing.ipynb shows how to process and visualize data samples. It reproduces Figures 10 and 11 from the paper.

Theoretical Model Properties

The R notebook stochastic_model.ipynb explains in detail how to use the theoretical model. It reproduces Figures 4, 5, 6 and 7 from the paper.

Statistical Analysis under Regular Conditions

The notebook model_analysis.ipynb runs the statistical analysis of the acquired data to validate empirically all of the model assumptions. It reproduces Table 4, Figure 12 and Figure 13 from the paper.

Analysis under Corner Values

The notebook corner_values.ipynb analyzes the data aquired under corner values of temperature and voltage.

Temperature Attack

A temperature attack was executed during acquisition and the results are shown in the animation below. As the TRNG was online, we blew cold air (around -40C) directly on the chip to influence the jitter and the performance of the TRNG. Plotted are consecutive values of the empirical variance of the counter estimated on 4096 counter values (left) and the reconstructed period of the sampled PLL (right). During the first 80 to 90 estimations of the counter variance, we see that it remains constant to 0.92-0.98. However, with a sudden drop in temperature, the samples seem to shift along the reconstructed period. We also observe a sharp increase in the estimated variance on the left panel to about 1.15. In addition to the lower bound for counter variance that we defined in the paper, the experiment suggests that an embedded test dedicated to detecting a sudden change in counter variance could address third-party attacks. For more details, see the notebook temperature_attack.ipynb.

Links

• For random number generator standards, see AIS-31 (New Draft)
• For more about stochastic models for PLL-based designs, see "Modern Random Number Generator Design - Case Study on a Secured PLL-based TRNG"

Award

This work received the "Best Artefact Award" at TCHES'23.