Udhay Shankar N skrev:
Sounds like an interesting idea - using SRAM state as a source of randomness. Any of the folks here willing to comment on this?


IMHO a very interesting paper.

But I have a few questions about practical aspects of this (and the paper).

First off I don't see any info in the paper about the time between power cycling and reading the memory. Shouldn't the RNG generated by the memory be affected by remanence problems if the power cycle is to short? I.e if the power off state is to short, the bit pattern from one read operation will contain more of the bit pattern from previous power on states.

(2) How would one go about extracting the fingerprint/ID? As I see it you would either have to do numerous read operations (with power cycling in between) and then extract the fixed bits on a host. That is, the host reads the whole memory (just like in the paper) and from that extract the ID. This means that the RFID-unit will not know it's own ID.

The other way to do it (as I see it), is to do the multiple reads during manufacturing (post production test/configuration), extract the fixed bits and then stor the index to these bits within the RFID chip. This would allow the RFID to assemble the bits and know it's own ID, but then the idea (as presented in the paper) to not have to do post manufacturing work to set the ID is gone.

(3) in the opposite situation to (2), how should the RFID unit avoid the fixed bits when generating a key based on the random bits? Would it be ok to simply run the power on memory state through a cryptographic hash function, ignoring the fixed bits?

Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
Kryptoblog - IT-säkerhet på svenska

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to