摘要
本文介绍一种应用于智能卡的真随机数发生器,并分析了以杂凑函数SM3作为后处理算法来提高其随机数的质量.真随机数发生器是智能卡中不可缺少的一部分,它用于智能卡中机密信息的加密和签名,大多数加密系统的安全性依赖于随机数的不可预测性和不可重现性.真随机数发生器的实现电路中使用固定低频时钟采样通过反馈模式来控制的的高频时钟,采用环形振荡器在振荡过程中不断积累的抖动作为熵源,并通过三级级联的耦合方式提高输出的统计特性,促进随机性的扩散,同时相较传统环形振荡器面积也得到了节省.电路采用SMIC 0.13μm工艺平台实现,核心电路版图面积小于0.0156 mm^2,包括3个输入端口,4个输出端口.考虑到智能卡具有很高的安全需求,本文也讨论了一些常见的攻击方式及对应的预防措施.本文介绍的真随机数发生器已经完成了流片,并已对芯片进行了完整的测试.很多研究表明,后处理算法可以提高随机数的质量,本文表明测试数据在经过后处理之后,可以通过随机性测试标准.
This paper introduces a True Random Number Generator(TRNG) for smart cards and analyzes the hash function SM3 as a post-processing algorithm to improve the quality of the random number. TRNG is an indispensable part of smart card, and the security of most cryptographic systems rely on unpredictability and irreproducibility of digital key-streams that are used for encryption and signing of confidential information. To obtain better randomness, the circuit utilizes a fixed frequency clock to sample the output of a frequency variable high speed ring oscillator using feedback control. The TRNG uses the jitter of ring oscillator as the entropy source. Inter-stage feedback ring is introduced to control the frequency of the high speed ring oscillator to accumulate the phase noise as well as shrinking down the circuit area. The TRNG is designed under SMIC 0.13μm standard process, the core circuit layout area is less than 0.0156 mm^2, including three input ports, four output ports. Considering that the smart card has very high security requirements, this paper also discusses some common attack methods and the corresponding preventive measures. The TRNG has taped-out and chip has completed test. Many studies have shown that the post-processing algorithm can improve the quality of the random number, this paper shows that random bit stream after post-processing can pass statistical test for randomness.
出处
《密码学报》
CSCD
2016年第6期555-563,共9页
Journal of Cryptologic Research
基金
核高基重大专项(2014ZX01032205)
