A Novel Attack on a FPGA based True Random Number Generator

Anju P. Johnson, Rajat Subhra Chakraborty, Debdeep Mukhopadhyay

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

True random Number Generators (TRNGs) are important
sources of randomness necessary in several cryptographic algorithms
and protocols. We describe an attack on a practical
Field Programmable Gate Array (FPGA) based TRNG that
severely affects the randomness of its output bitstream. In
particular, we develop, mathematically analyze and demonstrate
an “in-field”, post-deployment Hardware Trojan Horse
(HTH) insertion technique that exploits the Dynamic Partial
Reconfiguration (DPR) capability of modern FPGAs.
The attack can be launched from a remote device connected
to the FPGA over a standard network connection. The inserted
HTH operates by adversely affecting the source of entropy
of the TRNG, which results in the probability of zero
in the output bitstream to increase to about 0.75 (instead
of the ideal value of 0.5). Our experimental results demonstrate
that the Trojan is extremely effective, with very low
hardware and resource footprint, making its detection very
challenging.
Original languageEnglish
Title of host publicationWESS'15 Proceedings of the WESS'15
Subtitle of host publicationWorkshop on Embedded Systems Security
PublisherACM
ISBN (Print)9781450336673
DOIs
Publication statusPublished - 4 Oct 2015

Cite this