The paper deals with true random number generators employing oscillatorrings, namely, with the one proposed by Sunar et al.in 2007 and enhanced by Wold and Tan in 2009. Our mathematical analysisshows that both architectures behave identically whencomposed of the same number of rings and ideal logic components. However, the reduction of the number of rings, as proposedby Wold and Tan, would inevitably cause the loss of entropy. Unfortunately, this entropy insufficiency is maskedby the pseudo-randomness caused by XOR-ing clock signals having differentfrequencies. Our simulation model shows that thegenerator, using more than 18 ideal jitter-free rings having slightlydifferent frequencies and producing only pseudo-randomness,will let the statistical tests pass. We conclude that a smallernumber of rings reduce the security if the entropy reduction isnot taken into account in post-processing. Moreover, the designer cannotavoid that some of rings will have the same frequency,which will cause another loss of entropy. In order to confirm this, weshow how the attacker can reach a state where over25% of the rings are locked and thus completely dependent. This effectcan have disastrous consequences on the system security.
展开▼
