• Title/Summary/Keyword: True random number generator, TRNG

Search Result 14, Processing Time 0.017 seconds

A Security SoC supporting ECC based Public-Key Security Protocols (ECC 기반의 공개키 보안 프로토콜을 지원하는 보안 SoC)

  • Kim, Dong-Seong;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.24 no.11
    • /
    • pp.1470-1476
    • /
    • 2020
  • This paper describes a design of a lightweight security system-on-chip (SoC) suitable for the implementation of security protocols for IoT and mobile devices. The security SoC using Cortex-M0 as a CPU integrates hardware crypto engines including an elliptic curve cryptography (ECC) core, a SHA3 hash core, an ARIA-AES block cipher core and a true random number generator (TRNG) core. The ECC core was designed to support twenty elliptic curves over both prime field and binary field defined in the SEC2, and was based on a word-based Montgomery multiplier in which the partial product generations/additions and modular reductions are processed in a sub-pipelining manner. The H/W-S/W co-operation for elliptic curve digital signature algorithm (EC-DSA) protocol was demonstrated by implementing the security SoC on a Cyclone-5 FPGA device. The security SoC, synthesized with a 65-nm CMOS cell library, occupies 193,312 gate equivalents (GEs) and 84 kbytes of RAM.

Probabilistic Analysis of AIS.31 Statistical Tests for TRNGs and Their Applications to Security Evaluations (진난수발생기용 난수성 검정 방법 AIS.31에 대한 확률론적 분석 및 보안성 평가 적용 방법)

  • Park, Hojoong;Kang, Ju-Sung;Yeom, Yongjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.1
    • /
    • pp.49-67
    • /
    • 2016
  • SP 800-90B of NIST(USA) and AIS.31 of BSI(Germany) are representative statistical tests for TRNGs. In this paper, we concentrate on AIS.31 which is under the ongoing international standardization process. We examine the probabilistic meaning of each statistic of the test in AIS.31 and investigate its probability distribution. By changing significance level and the length of sample bits, we obtain formalized accept region of the test. Furthermore we propose the accept regions for some iterative tests, that are not mentioned in AIS.31, and provide some simulations.

Design of Quantum Key Distribution System without Fixed Role of Cryptographic Applications (암호장치의 송·수신자 역할 설정이 없는 양자키분배 시스템 설계)

  • Ko, Haeng-Seok;Ji, Se-Wan;Jang, Jingak
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.5
    • /
    • pp.771-780
    • /
    • 2020
  • QKD(Quantum Key Distribution) is one of the protocols that can make two distant parties safely share secure keys against the threat of quantum computer. Generally, cryptographic applications which are connected to the QKD device have fixed roles as a transmitter and a receiver due to the race condition and complexity of implementation. Because the conventional QKD system is mainly applied to the link encryptor, there are no problems even if the roles of the cryptographic devices are fixed. We propose a new scheme of QKD system and protocol that is easy to extend to the QKD network by eliminating quantum key dependency between cryptographic device and QKD node. The secure keys which are generated by the TRNG(True Random Number Generator) are provided to the cryptographic applications instead of quantum keys. We design an architecture to transmit safely the secure keys using the inbound and outbound quantum keys which are shared between two nodes. In this scheme, since the dependency of shared quantum keys between two QKD nodes is eliminated, all cryptographic applicatons can be a master or a slave depending on who initiates the cryptographic communications.

A Security SoC embedded with ECDSA Hardware Accelerator (ECDSA 하드웨어 가속기가 내장된 보안 SoC)

  • Jeong, Young-Su;Kim, Min-Ju;Shin, Kyung-Wook
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.26 no.7
    • /
    • pp.1071-1077
    • /
    • 2022
  • A security SoC that can be used to implement elliptic curve cryptography (ECC) based public-key infrastructures was designed. The security SoC has an architecture in which a hardware accelerator for the elliptic curve digital signature algorithm (ECDSA) is interfaced with the Cortex-A53 CPU using the AXI4-Lite bus. The ECDSA hardware accelerator, which consists of a high-performance ECC processor, a SHA3 hash core, a true random number generator (TRNG), a modular multiplier, BRAM, and control FSM, was designed to perform the high-performance computation of ECDSA signature generation and signature verification with minimal CPU control. The security SoC was implemented in the Zynq UltraScale+ MPSoC device to perform hardware-software co-verification, and it was evaluated that the ECDSA signature generation or signature verification can be achieved about 1,000 times per second at a clock frequency of 150 MHz. The ECDSA hardware accelerator was implemented using hardware resources of 74,630 LUTs, 23,356 flip-flops, 32kb BRAM, and 36 DSP blocks.