[Cryptech Tech] RAM as source of entropy
Joachim Strömbergson
joachim at secworks.se
Fri Feb 7 12:48:22 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Warren Kumari wrote:
> This sounds very similar to the "CCD in total darkness" ideas... Last
> I'd heard, apart from some cells that like to bias in one or the
> other direction (imperfections, internally generated heat from
> nearby A/D, etc) it was basically a quantum phenomenon. This is why
> there has been so much (unsuccessful) research into removing noise
> from CCD imagers. This also seems like it would generate much higher
> (after some removal of known sticky bits / whitening) rates.
I'd say that DRAM decay resembles CCD in total darkness. And SRAM
initial state is more closely related to the entropy source in Intel
Bull Mountain where a flip-flop-like construction is repeatedly powered
off and on.
And yes, there will be cells that due to variance in manufacturing are
more or less heavily biased. But not all of them aren't, otherwise the
memory stability would be a big issue.
The idea is to extract the (for example 64 kbits from the memory) and
then send it as a message through a hash fuction to create our "sampled"
raw entropy of say 256 bits. With the farnell memory we could do this
including having the memory powered off for several thousands of seconds
and still get something like 64 kbps entropy.
I had another idea too. One could actually take some of the outputs from
the CSPRNG (output that is then not given to the user applications) and
use it as random pattern written into the SRAM before the power
off-power on-extraction operations. This would eliminate (reduce) the
risk of latent values in the cells from one cycle to affect the data
extracted in the next cycle.
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJS9NYVAAoJEF3cfFQkIuyNBlAQALpojdlqTMdOh8vINvQ0kBb9
ujshIi1BqQ+TF3KlL+TgdnRQ0Szypual0Z5UfWxv6dVtyIV/2hee6jpa3k3VcAVr
SYgkk2doQkoxtRHJNvaY94RuuIYmP4Vuy+wKeKHm6slVC8V0E5nrS+I/EqjE+rf2
Pz0yVJ5nj3Brhzi7USxc+YRJBFYm9rjiWldnzrJm0XuZsYamk3OoQPxROG3MR/E3
xrlh4TgSMfF8iTzrM5La37qcJCmxMTZdN0OdUQOQIXNtPM193X84mP0YkovaDELX
/DVunH+2OgtS2/2D+QU5r1FiVwZxLiaH+BnAd2rKcFb2qCDqo36JZCA5DAZNZ9XX
lFl/MwFQgFJWXmEDR+du8McbWBWmbZbkntYheCyKjAhFYYdqFk6Xg4u7Z/PdXLQ6
6q10MTOReb8RobGxEJf5GTCE9Py+L6YM8Tn2Pnbi9/E5zwghrLdV+EO8AbHnJ+8b
CVDNHB6A0xSqoUYHYNnF5BYMWkNcoFJNAx616mZws1fzfyxWasBG0qHfdRFyamQl
Txm9gUfnXQ92vP+TwC8RuHdCgWvc5U9siRE+LAoc35G0qI+jymNLS1DUVXIk1YIh
QbZ8iczdGsA0cD1qpiLITPtG/y51zcziDSnanR0UlrcXofGFt9UDkeHbdwkUqMW1
rFcFhaUDZNmqPJn4nTVb
=0CGr
-----END PGP SIGNATURE-----
More information about the Tech
mailing list