Conference ProceedingsOPEN ACCESS

The frequency injection attack on ring-oscillator-based true random number generators

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2009) 5747 LNCS 317-331
DOI: 10.1007/978-3-642-04138-9_23
166Citations
Citations of this article
112Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We have devised a frequency injection attack which is able to destroy the source of entropy in ring-oscillator-based true random number generators (TRNGs). A TRNG will lock to frequencies injected into the power supply, eliminating the source of random jitter on which it relies. We are able to reduce the keyspace of a secure microcontroller based on a TRNG from 2 64 to 3300, and successfully attack a 2004 EMV ('Chip and PIN') payment card. We outline a realistic covert attack on the EMV payment system that requires only 13 attempts at guessing a random number that should require 232. The theory, three implementations of the attack, and methods of optimisation are described. © 2009 Springer.

Cite

CITATION STYLE

APA

Markettos, A. T., & Moore, S. W. (2009). The frequency injection attack on ring-oscillator-based true random number generators. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5747 LNCS, pp. 317–331). Springer Verlag. https://doi.org/10.1007/978-3-642-04138-9_23

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free