[Cryptech Tech] RAM as source of entropy
Joachim Strömbergson
joachim at secworks.se
Thu Feb 6 16:14:13 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Warren Kumari wrote:
> It seems that the initial state of DRAM and SRAM is fairly far from
> random -- there was some research (that I can try drudge up) after
> the "Lest We Remember: Cold Boot Attacks on Encryption Keys" paper
> that showed that the initial state of DRAM and SRAM (weeeellll CPU
> cache) is different for each unit, but fairly predictable within the
> unit...
Judging by the papers some memories actually are pretty random at
initial state.
If you look at the papers I referenced they talk precisely about this.
For DRAM memories there are cells that decay much slower than others,
and they alway do this. And some SRAM cells seem to move into the same
initial state for every cycle. This is used to fingerprint devices. But
the fingerprinting is done by reading massive amounts of times and
averaging to remove noise and extract the unique pattern. There seems to
be enough entropy generated to (via whitening, conditioning) extract
good entropy. At least from some memories. The paper that tested
internal RAMs in PIC MCU vs STM32 showed that the former had very bad
entropy, while the latter was a seemingly good source.
I.e. using this requires testing of the SRAM chips (at least the type
and revision). But then you have to test all your entropy sources.
Also it is not clear how much time one needs to give the memory in
between extraction. But the SRAM seems to be a better choice.
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJS87TUAAoJEF3cfFQkIuyNFEMP/RMYnvknpyFWdVdwiy9g/xGf
/Ooe1eu5gt0aC8TIoh80zM6zhVqcis0gSfDxYfCWCl/c4kxOvx3sxJ+HiKlG8QQ4
k0yizQ7dDH/AP/w3K2fQsebfqXzmEvZJxfaufQ4ktnhzO4tJKueK+8y/Uw40F/rc
hyB4B2mBAROwppJmq/ZHZStb/6P2qUORNbqPkHjdaM1TyOV95EFYG6aDb+wXJ/bS
5ilaMhIkb7cT2Xk1+4sQuO+sF6+pn1baZWNpFGmLnGZR8USu99fyVEwShAdyOvnk
5VmpBTdqQmdsFeiwfrGit7te8hKnB8w+TDb6xBGIaECEsxO9w5iKJwE6Icdj3Laz
xdKuBWfv2xkNL9HT32hY78jOepukzHTufyd9lWady255VuDNLWDTzubfhLZorSzp
2Xh9E4JZ8V3Z86ASFUgjv11OsQAjAF6jMOtmlYkPuM8hx75WPN+LHB7LaGLADZuz
DSsupSeOHOVZDz9lgJ39Bvq/rwtrNWCqvmf2RPzdugIaHeUEeAwyEet7ICic1Vbp
FYhlFD6chO1rGiHdZVVtAOff/HUk1bfd1QgVYqEuCIqpgB3gci3EZgf0Yx0t2ukf
lGiAdNxsMocZyWXXfpAXTNG7hoWGtdBk58eXWzXwZnJ471ctB3wvMD3KGg+uZB/G
sAm4psBdBHA1b0Zwfh4C
=Sr6B
-----END PGP SIGNATURE-----
More information about the Tech
mailing list