Data remanence effects on memory-based entropy collection for RFID systems

摘要

Random number generation is a fundamental security primitive. This relatively simple requirement is beyond the capacity of passive RFID (radio frequency identification) tags, however. A recent proposal, fingerprint extraction and random number generation in SRAM (FERNS), uses onboard RAM as a randomness source. Unfortunately, practical considerations prevent this approach from reaching its full potential. First, the amount of RAM available for utilization as a randomness generator may be severely restricted due to competition with other system functionalities. Second, RAM is subject to data remanence; there is a period after losing power during which stored data remains intact in memory. Thus, after memory has been used for entropy collection once it will require time without power before it can be reused. This may lead to unacceptable delays in a usable security application. In this paper, the practical considerations that must be taken into account when using RAM as an entropy source are demonstrated. The implementation of a true random number generator on Intel's WISP (wireless identification and sensing platform) RFID tag is also presented, which is the first to the authors' best knowledge. By relating this to the requirements of some popular RFID authentication protocols, the practicality of utilizing memory-based randomness techniques on resource-constrained devices is assessed.