trng evaluation certification
play

TRNG - EVALUATION & CERTIFICATION WRACH 2019 | DUMAS Ccile | 15 - PowerPoint PPT Presentation

Oct 30, 2023 •239 likes •683 views

TRNG - EVALUATION & CERTIFICATION WRACH 2019 | DUMAS Ccile | 15 avril 2019 OUTLINE Evaluation Lab Random Number Generators Evaluation of RNG Conclusion & Perspectives WRACH 2019 | Ccile Dumas | 15 avril

  1. TRNG - EVALUATION & CERTIFICATION WRAC’H 2019 | DUMAS Cécile | 15 avril 2019

  2. OUTLINE • Evaluation Lab • Random Number Generators • Evaluation of RNG • Conclusion & Perspectives WRAC’H 2019 | Cécile Dumas | 15 avril 2019 2

  3. FRENCH CERTIFICATION SCHEME ITSEF I nformation T echnology S ecurity E valuation F acility CESTI C entre d’ É valuation de la S écurité des T echnologies d’ I nformation ANSSI • Several ITSEFs and several types of product  Leti into CEA Grenoble: Hardware ITSEF WRAC’H 2019 | Cécile Dumas | 15 avril 2019 3

  4. Leti ITSEF Center established in 1999  Scope of Approval: Hardware ITSEF   Electronic Components and Embedded Software  Hardware device with security boxes ACCREDITATION N°1-1294 PORTEE DISPONIBLE SUR WWW.COFRAC.FR  Site certification  Evaluation Standard  Common Criteria : CC version 3.1 ; up to EAL7 Licensed by private schemes   EMVCo, VISA, MASTER-CARD, NXP-MIFARE, BAROC, FIDO 4

  5. ITSEF – EVALUATION TASKS Product ? Report WRAC’H 2019 | Cécile Dumas | 15 avril 2019 5

  6. ITSEF – EVALUATION TASKS Functions Product Encryption / decryption = Smart card Signature Authentication Key generation / exchange ? … Mechanisms Symmetrical algorithms Applications Asymmetrical algorithms Banking Identity Hash functions Health Report Random number generator PayTV Hardware / Software … WRAC’H 2019 | Cécile Dumas | 15 avril 2019 5

  7. ITSEF – EVALUATION TASKS Functions Product Report Encryption / decryption = Smart card Signature Authentication Key generation / exchange … Mechanisms Symmetrical algorithms Applications Asymmetrical algorithms Banking Identity Hash functions Health Random number generator PayTV Hardware / Software … Source: Security IC Platform Protection Profile - BSI-PP-0084 WRAC’H 2019 | Cécile Dumas | 15 avril 2019 5

  8. ITSEF – EVALUATION TASKS ? Functions Product Report Encryption / decryption = Smart card Signature Authentication Key generation / exchange … Mechanisms Symmetrical algorithms Applications Asymmetrical algorithms Banking Identity Hash functions Health Random number generator PayTV Hardware / Software … Source: Security IC Platform Protection Profile - BSI-PP-0084 WRAC’H 2019 | Cécile Dumas | 15 avril 2019 5

  9. ITSEF – EVALUATION TASKS Product = Smart card Conformity • Document analysis • Code analysis Efficiency • Functional testing • Penetration testing Report WRAC’H 2019 | Cécile Dumas | 15 avril 2019 6

  10. OUTLINE • Evaluation Lab • Random Number Generators • Evaluation of RNG • Conclusion & Perspectives WRAC’H 2019 | Cécile Dumas | 15 avril 2019 7

  11. RANDOM NUMBER GENERATOR • Random numbers in smart cards • Key generation • Challenge generation • Generation of initialization vectors, nonces, padding, ... • Countermeasures against side channel attacks • To play 421, the result of a die roll shall be • Uniform • Independent • Unpredictable  Expected properties of the random numbers WRAC’H 2019 | Cécile Dumas | 15 avril 2019 8

  12. RANDOM NUMBER GENERATOR • Deterministic (Pseudo-) random number generators (DRNG) • Algorithmic • Good statistical properties • Physical (True-) random number generators (TRNG) • Using some physical source of randomness • Physics is not deterministic • Moderate statistical properties • Hybrid random number generators • TRNG with algorithmic (e. g. cryptographic) post-processing • DRNG seeded repeatedly by a TRNG WRAC’H 2019 | Cécile Dumas | 15 avril 2019 9

  13. RNG ARCHITECTURE Hardware Software Initialization Post- Cryptographic Output TRNG processing post-processing Online tests WRAC’H 2019 | Cécile Dumas | 15 avril 2019 10

  14. RNG – EVALUATION TASKS Product • Initialization ? = Smart card • TRNG with a RNG • Online tests Conformity • Post-Processing • Document analysis • Crypto post-processing • Code analysis • Initialization TRNG non deterministic !! Efficiency • TRNG • Functional testing • Online tests • Penetration testing • Post-Processing Report • Statistical testing • Crypto post-processing WRAC’H 2019 | Cécile Dumas | 15 avril 2019 11

  15. RNG EVALUATION TASKS Environment alteration Functional testing Initialization analysis Attacks Alarm management Hardware Software Statistical tests: no default Initialization (all tests, all conditions) Post- Cryptographic Output TRNG processing post-processing Source Efficiency analysis Online tests analysis Cryptanalysis Forward secrecy Efficiency analysis Backward secrecy Conformity Alarm management WRAC’H 2019 | Cécile Dumas | 15 avril 2019 12

  16. EVALUATION NORMS • Common Criteria • Security Functional Requirements (Family FCS_RNG) • Evaluation • RGS - French Scheme Référentiel Général de Sécurité • AIS 20 31 - German Scheme Anwendungshinweise und Interpretationen zum Schema  Talk of Werner Schindler, BSI Germany, tomorrow WRAC’H 2019 | Cécile Dumas | 15 avril 2019 13

  17. OUTLINE • Evaluation Lab • Random Number Generators • Evaluation of RNG • Conclusion & Perspectives WRAC’H 2019 | Cécile Dumas | 15 avril 2019 14

  18. RNG EVALUATION TASKS Functional testing Environment alteration Initialization analysis Attacks Alarm management THIS TALK Statistical tests: no default Initialization (all tests, all conditions) Post- Cryptographic Output TRNG processing post-processing Source Efficiency analysis Online tests analysis Cryptanalysis Forward secrecy Efficiency analysis Backward secrecy Conformity Alarm management WRAC’H 2019 | Cécile Dumas | 15 avril 2019 15

  19. OUTLINE • Evaluation Lab • Random Number Generators • Evaluation of RNG • Acquisition • Statistical Tests • Online Tests • Penetration Tests • Conclusion & Perspectives WRAC’H 2019 | Cécile Dumas | 15 avril 2019 16

  20. RANDOM NUMBERS ACQUISITION • Need to acquire random numbers • After source • After post-processing • All configurations (voltage, clock frequency, etc.)  Acquire several sequences • Statistical testing  Acquire several very large sequences  Acquire several very large continuous sequences • Several devices have to be tested 17 WRAC’H 2019 | Cécile Dumas | 15 avril 2019

  21. RANDOM NUMBERS ACQUISITION • All environmental conditions have to be tested Source: M. Sourcarros, Analyse des générateurs de nombres aléatoires dans des conditions anormales d’utilisation, rapport de thèse - 2006 Resistor heater Peltier cooler Liquid nitrogen ambiant ~ 120°C -25°C ~ ambiant -190°C ~ ambiant • Acquisition compaign of several very large continuous sequences WRAC’H 2019 | Cécile Dumas | 15 avril 2019 18

  22. RANDOM NUMBERS ACQUISITION • Acquisition effort for the developer • The random numbers must be accessible from the source • The random numbers must be output without stopping the TRNG or • Large sequences must be stored before outputting • Acquisition effort for the evaluator • 30-50 files • 100 MB per file  ~ 4 GB • 2-3 hours per file  ~ five days • The data is stored for a long time  At each evaluation we keep 4 GB of really nothing, for a long time! 19 WRAC’H 2019 | Cécile Dumas | 15 avril 2019

  23. OUTLINE • Evaluation Lab • Random Number Generators • Evaluation of RNG • Acquisition • Statistical Tests • Online Tests • Penetration Tests • Conclusion & Perspectives WRAC’H 2019 | Cécile Dumas | 15 avril 2019

  24. STATISTICAL TESTS • Uniformity, independence, unpredictability • No universal test Focus on one property of uniform i.i.d. random variables • Statistical test • Defines a random variable and the expected range of values. • Test result = FAIL or SUCCESS • SUCCESS = No detected defect ≠ Randomness • Batteries •  FIPS140-1 and FIPS140-2 20,000 bits •  DIEHARD ~80,000,000 bits •  NIST SP800-22 ~1,000,000,000 bits •  AIS31 test suite ~100,000,000 bits • Tests U01 ( L’Ecuyer) Leti ITSEF statistical • Characterization tests  Selection of devices under tests tool • Adapted tests WRAC’H 2019 | Cécile Dumas | 15 avril 2019 20

  25. ADAPTED TESTS • An example: a biased source biased unbiased post-processing source • How evaluate this Bernouilli source? • Majority of statistical tests fail Example 𝑄 1 = 0.46 before post-processing • AIS31: T1, T2, T3, T6, T8 fail TestU01: 50 / 57 tests fail • • Other defaults than bias? • Need to know the statistical properties of the source • Is the post-processing sufficient? • Bring confidence in the source modelling  Adapted tests WRAC’H 2019 | Cécile Dumas | 15 avril 2019 21

  26. ADAPTED TESTS • Tests adapted with the Bernouilli distribution • Example poker test (FIPS140-1, AIS31 T2): 15 𝑔(𝑗) 2 − 5000 16 • 5000 × 𝑗=0 𝑌 2 = 𝑔(𝑗) pattern occurrence number follows a  2 distribution with 15 degrees of freedom • The test passes if 𝑄[𝑌 2 = 𝑦] 1.03 < 𝑌 2 < 57.4 • This corresponds to: 𝑄𝑠 𝑌 2 > 57.4 = 7.0184 × 10 −7 𝑄𝑠 𝑌 2 < 1.03 = 3.1236 × 10 −7 𝑦 WRAC’H 2019 | Cécile Dumas | 15 avril 2019 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Random Number Generators for Cryptography Design and Evaluation Viktor F ISCHER Laboratoire

Random Number Generators for Cryptography Design and Evaluation Viktor F ISCHER Laboratoire

TRNG Design TRNG Classes Conclusions Random Number Generators for Cryptography Design and Evaluation Viktor F ISCHER Laboratoire Hubert Curien, UMR 5516 CNRS Jean Monnet University, Member of University of Lyon Saint-Etienne, France

675 views • 52 slides
A Physical Approach for Stochastic Modeling of TERO-based TRNG Patrick Haddad 1 , 2 , Viktor F

A Physical Approach for Stochastic Modeling of TERO-based TRNG Patrick Haddad 1 , 2 , Viktor F

TERO P-TRNG TERO analysis P-TRNG model Conclusions A Physical Approach for Stochastic Modeling of TERO-based TRNG Patrick Haddad 1 , 2 , Viktor F ISCHER 1 , Florent B ERNARD 1 , and Jean N ICOLAI 2 1: Jean Monnet University Saint-Etienne,

369 views • 18 slides
ES-TRNG A High- throughput , Low-area T rue R andom N umber G enerator based on E dge S ampling

ES-TRNG A High- throughput , Low-area T rue R andom N umber G enerator based on E dge S ampling

ES-TRNG A High- throughput , Low-area T rue R andom N umber G enerator based on E dge S ampling Bohan Yang , Vladimir Roi , Milo Gruji Nele Mentens and Ingrid Verbauwhede COSIC, KU Leuven Generic TRNG Architecture Timing jitter

522 views • 16 slides
EVALUATION AND CERTIFICATION OF QUALITY AND NON-CLINICAL DATA RELATING TO ATMPs DEVELOPED BY

EVALUATION AND CERTIFICATION OF QUALITY AND NON-CLINICAL DATA RELATING TO ATMPs DEVELOPED BY

EVALUATION AND CERTIFICATION OF QUALITY AND NON-CLINICAL DATA RELATING TO ATMPs DEVELOPED BY SMEs 3 April 2009 Overview Aim and Scope of Certification Art 18 of ATMP Regulation Implementing legislation Development of

337 views • 22 slides
An Evaluation and Certification An Evaluation and Certification Scheme for MILS Scheme for MILS

An Evaluation and Certification An Evaluation and Certification Scheme for MILS Scheme for MILS

An Evaluation and Certification An Evaluation and Certification Scheme for MILS Scheme for MILS Rance DeLong* Rance DeLong* The Open Group The Open Group Layered Assurance Workshop Layered Assurance Workshop December 2010 December 2010 1

355 views • 11 slides
ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn

ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn

ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn Java Basic 1 Selections When you compute area, if you enter a negative value: the program prints an invalid result. you dont want

942 views • 76 slides
A Survey of AIS-20/31 Compliant TRNG Cores Suitable for FPGA Devices Oto P E TURA , Ugo M

A Survey of AIS-20/31 Compliant TRNG Cores Suitable for FPGA Devices Oto P E TURA , Ugo M

Goals Methodology Implementation results Conclusions A Survey of AIS-20/31 Compliant TRNG Cores Suitable for FPGA Devices Oto P E TURA , Ugo M UREDDU , Nathalie B OCHARD , Viktor F ISCHER , Lilian B OSSUET Univ Lyon, UJM-Saint-Etienne, CNRS

440 views • 28 slides
HECTOS Harmonized Evaluation, Certification and Testing of Security Products Coordinator: FOI

HECTOS Harmonized Evaluation, Certification and Testing of Security Products Coordinator: FOI

HECTOS Harmonized Evaluation, Certification and Testing of Security Products Coordinator: FOI HECTOS at a glance HECTOS is a project under the EUs seventh framework (FP7) September 2014 August 2017 (3 years) Total: 287 PM, 3.5 M

301 views • 9 slides
1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training Inspection/Audit Establish MoC Status of Operator/ Maintainer Manual, Function Identify CRB Record and Interfaces Result of Form Ground/

618 views • 24 slides
WRAC'H 2019 Analysis of Mixed PUF-TRNG Circuit Based on SR-Latches in FD-SOI Technology Jean-Luc

WRAC'H 2019 Analysis of Mixed PUF-TRNG Circuit Based on SR-Latches in FD-SOI Technology Jean-Luc

WRAC'H 2019 Analysis of Mixed PUF-TRNG Circuit Based on SR-Latches in FD-SOI Technology Jean-Luc DANGER , Tlcom ParisTech In collaboration with: Risa Yashiro, Kazuo Sakiyama (UEC) Noriyuki Miura, Makoto Nagata (Kobe University) Yves Mathieu,

628 views • 26 slides
Geotechnical Evaluation of a Small Levee System for FEMA Certification Rebecca Money, PE, GE, CFM

Geotechnical Evaluation of a Small Levee System for FEMA Certification Rebecca Money, PE, GE, CFM

Geotechnical Evaluation of a Small Levee System for FEMA Certification Rebecca Money, PE, GE, CFM Purpose Provide an overview and an understanding for Cities/Counties/Districts of what it takes from a Geotechnical Engineering perspective to

1.02k views • 37 slides
CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO APPLY TO WRITE Once you have logged into the Then under Certification The Certification committee Application Forms may be CAPLA website using

687 views • 37 slides
1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA Certification is based on Dr. As Habits of Health Transformational System and is available to all Coaches who want to apply and reinforce their knowledge of

613 views • 19 slides
Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

ASHA Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the CFCC Presentation Overview What is Certification? CCC-A Certification Standards CCC-A Application Process FAQs Keep your

209 views • 19 slides
ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn

ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn

ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn 1 Assessment Attendance + exercise: 20% Midterm exam: 30%, closed-book, lab test Final exam: 50%, opened-book, lab test Java Basic 2

1.28k views • 85 slides
ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn

ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn

ThS. Trn Th Thanh Nga Khoa CNTT, Trng H Nng Lm TPHCM Email: ngattt@hcmuaf.edu.vn Java Basic - Arrays 1 Array Basics An array is used to store a collection of data An array as a collection of variables of the same type .

1.11k views • 52 slides
Quasar-Lyman Forest Cross- Correlation from BOSS survey: Baryon Acoustic Oscillations Autor:

Quasar-Lyman Forest Cross- Correlation from BOSS survey: Baryon Acoustic Oscillations Autor:

Quasar-Lyman Forest Cross- Correlation from BOSS survey: Baryon Acoustic Oscillations Autor: 5/10/16 Hlion du Mas des Bourboux (CEA) Pheniics Doctoral School Days Outline Introduction to

633 views • 22 slides
Summary of SRF WG, LCWS14 H. Hayano, A. Yamamoto SRF (15 talks) Cavity XFEL Vertical Test

Summary of SRF WG, LCWS14 H. Hayano, A. Yamamoto SRF (15 talks) Cavity XFEL Vertical Test

Summary of SRF WG, LCWS14 H. Hayano, A. Yamamoto SRF (15 talks) Cavity XFEL Vertical Test Results and extrapolation to ILC, N. Walker(DESY) SRF R&amp;D on Q0 and gradient at DESY, A. Navitski(DESY) Update on High Efficiency High Gradient SRF

543 views • 25 slides
PAMELA science PAMELA AMELA PAMELA is a Space Observatory @ 1AU Search for dark matter

PAMELA science PAMELA AMELA PAMELA is a Space Observatory @ 1AU Search for dark matter

PAMELA science PAMELA AMELA PAMELA is a Space Observatory @ 1AU Search for dark matter Search for primordial antimatter but also: Study of cosmic-ray origin and propagation Study of solar physics and solar modulation

814 views • 39 slides
SERVING A VARIETY OF 5G WIRELESS APPLICATIONS Mobile communications Challenges: increasing data

SERVING A VARIETY OF 5G WIRELESS APPLICATIONS Mobile communications Challenges: increasing data

5G RESEARCH AREAS AT CEA-LETI FROM 5G RESEARCH TO 5G PRE-INDUSTRIALIZATION Dr. Emilio Calvanese Strinati Smart Devices &amp; Telecommunications Strategy Program Director CEA-LETI Emilio.cavlanese-strinati@cea.fr SERVING A VARIETY OF 5G WIRELESS

800 views • 23 slides
t t r

t t r

tt tst P rts ss Prsts t t

757 views • 42 slides
Evolution of groups and clusters since z=1.5 in cosmological simulations Amandine M. C. Le Brun

Evolution of groups and clusters since z=1.5 in cosmological simulations Amandine M. C. Le Brun

Evolution of groups and clusters since z=1.5 in cosmological simulations Amandine M. C. Le Brun CEA Saclay DRF/IRFU Service dAstrophysique Collaborators: Monique Arnaud (CEA Saclay), Iacopo Bartalucci (CEA Saclay), Ian McCarthy (LJMU),

454 views • 24 slides
New signatures in directional dark matter searches in the lab Bradley J. Kavanagh (IPhT -

New signatures in directional dark matter searches in the lab Bradley J. Kavanagh (IPhT -

New signatures in directional dark matter searches in the lab Bradley J. Kavanagh (IPhT - CEA/Saclay) ICAP@IAP - 25th June 2015 Based on arXiv:1505.07406 NewDark Overview Directional searches for DM in the lab: Why search for a

679 views • 53 slides
Worst-Case Execution Time Analysis from UML-based RT/E Applications Chokri Mraidha, Sbastien

Worst-Case Execution Time Analysis from UML-based RT/E Applications Chokri Mraidha, Sbastien

Worst-Case Execution Time Analysis from UML-based RT/E Applications Chokri Mraidha, Sbastien Grard, Franois Terrier, David Lugato Chokri.Mraidha@cea.fr Dtsi/SOL/L-LSP Lisbon, October 11 2004 1 SVERTS 2004 Introduction PhD student

977 views • 26 slides

More recommend