[Cryptech Tech] RAM as source of entropy
Leif Johansson
leifj at sunet.se
Thu Feb 6 13:36:45 UTC 2014
On 2014-02-06 13:47, Joachim Strömbergson wrote:
> Aloha!
>
> I just had a (not very unique) idea of using RAM memories as source of
> entropy. The idea is to power cycle an external memory and read the
> contents. Due to how memories work the contents will be in more or less
> random state.
Can you affect the state of the memory remotely (radiation)?
>
> The SRAM memory, which basically consists of a D-flipflop built with 6
> transistors will be in either 0 or 1 state. The state based on previous
> state, random charge fluctuations in the transistors, temperature of
> device and whatnot.
>
> For a DRAM the contents of a power cycle is some sort of decay state
> based on the state before power (or refresh) was dropped. This means
> that using a DRAM would require some sore of pattern written into the
> memory, drop power for x amount of time, read out the contents and repeat.
>
> The good things with memories as entropy source are:
> * Capacity - should be able to generate quite a lot of entropy/s
>
> * Digital - No A/D converter required, simply treat the source as a
> normal memory, just add an extra I/O to control the power cycle.
>
> * Cheap and easy to integrate. We should be able to use small serial
> connected memories for this. This baby here costs less than 1 USD:
>
> http://se.farnell.com/microchip/23a640-i-p/ic-sram-serial-64k-1-7v-pdip8/dp/1695544
>
> These entropy sources would be fairly robust. Temperature seems to
> affect the DRAM decay more than SRAM. Basically dropping the DRAM memory
> into a freezer slows decay down very much. But the Crypech HSM should be
> able to check its ambient temperature anyway.
>
> I've found a few papers that looks at DRAM and SRAM memories as entropy
> sources [1][2][3]. I'm quite infatuated with this idea and would really
> appreciate some clear headed thoughts. I'm willing to test this in hw.
>
> FredrikT from your work on the YubiHSM can you say that you considered
> this memory based type of entropy source. And if so, why not using it?
> And if you can't speak about this, just say "NDA". ;-)
>
>
> [1] http://goo.gl/25TFov
> [2] http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.164.6432
> [3] https://eprint.iacr.org/2013/304.pdf
>
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://cryptech.is/mailman/listinfo/tech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cryptech.is/pipermail/tech/attachments/20140206/4b4a243e/attachment.html>
More information about the Tech
mailing list