Secret key and true random number generator and method for generating secret key and true random number

Abstract

The invention discloses a secret key and true random number generator and a method for generating a secret key and a true random number. The generator comprises a double-arbiter physically unclonable function (DAPUF), a trigger signal generation register (TReg), a response acquisition register (RReg), a microcontroller, a linear feedback shift register (LFSR), a Hash engine, a volatile memory and a nonvolatile memory. The invention also aims at providing a method for generating the secret key and the true random number. The method comprises the steps of: (1) initialization process of the secret key; (2) reconstruction process of the secret key; (3) initialization process of the true random number; and (4) the generation process of the true random number. The secret key and the true random number which are obtained by combining the response of the DAPUF with the steps in the method have the effects that (1) the error rate of the generated secret key is decided by the noise of the DAPUF and the election times of a majority of election methods, and the error rate of the generated secret key can be reduced unlimitedly; and (2) the LFSR is updated for a number of times, so that a random seed becomes an uncertain entropy source, and after the response which is generated by taking the uncertain entropy source as challenge is treated by the Hash, so that the output true random number meets the pseudo-randomness.

Description

technical field [0001] The invention relates to the field of cryptographic chip security in information security, in particular to a method for generating a secret key and a true random number of a cryptographic chip with a high security level. Background technique [0002] The key security is a prerequisite for the security of the cryptographic chip. Once the secret is leaked, the cryptographic chip will be completely broken. Traditional cryptographic chips store the keys in unprotected memory, which makes the keys easily accessible to Torrance et al. in the paper TJ09 "The state-of-the-art in IC reverse engineering" Reverse-engineering methods in steal. The difficulty of stealing the key can be increased by enhancing the security of the key in the storage area, but this is too expensive to be suitable for most cryptographic chip applications. Existing examples of attacks show that even expensive protection of memory is not sufficient against a well-equipped attacker. Fo...

AI Technical Summary

Problems solved by technology

Although ECC solves the reliability problem of PUF, it requires expensive resource overhead, and more importantly, it introduces a new security problem: ECC is vulnerable to side-channel attacks (ECC-SCA)—Karakoyunlu et al. in the paper KS10 "Differential template Attacks on PUF enabled cryptographic devices" (differential template attack on PUF-based cryptographic devices) raises the SCA problem of ECC

However, this method still has some disadvantages. For example, when the voltage drops by more than 2% or the ambient temperature exceeds 40 degrees, the probability of using secure multi-party computation when generating keys is higher than 1e-6, and the cost of secure multi-party computation is extremely high.

[0007] To sum up, considering the large changes in voltage and temperature, the existing PUF scheme can only effectively meet the reliability requirements of the key with the help of ECC, and ECC is vulnerable to side-channel attacks, which seriously affects the security of the key.

Images