Rambus

At Rambus, we create cutting-edge semiconductor and IP products, providing industry-leading chips and silicon IP to make data faster and safer.

Home > Archives for [email protected] > Page 328

[email protected]

Intel Random Number Generator

 

Good cryptography requires good random numbers. This paper evaluates the hardware-based Intel Random Number Generator (RNG) for use in cryptographic applications.

Almost all cryptographic protocols require the generation and use of secret values that must be unknown to attackers. For example, random number generators are required to generate public/private keypairs for asymmetric (public key) algorithms including RSA, DSA, and Diffie-Hellman. Keys for symmetric and hybrid cryptosystems are also generated randomly. RNGs are also used to create challenges, nonces (salts), padding bytes, and blinding values. The one time pad – the only provably-secure encryption system – uses as much key material as ciphertext and requires that the keystream be generated from a truly random process.

Because security protocols rely on the unpredictability of the keys they use, random number generators for cryptographic applications must meet stringent requirements. The most important is that attackers, including those who know the RNG design, must not be able to make any useful predictions about the RNG outputs. In particular, the apparent entropy of the RNG output should be as close as possible to the bit length.

Download “Intel Random Number Generator”

Differential Power Analysis

 

Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specfi c methods for analyzing power consumption measurements to and secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.

Download “Di fferential Power Analysis”

Introduction to Differential Power Analysis and Related Attacks

 

As part of Cryptography Research’s ongoing cryptosystem research activities, we have been analyzing how to improve security of portable cryptographic tokens, including smart cards. Over the past year and a half, we have been working with the smart card vendor community to address attacks we have developed including Simple Power Analysis, Differential Power Analysis, High-Order Differential Power Analysis, and other related techniques. These are technically sophisticated and extremely powerful analysis tools that can be used by a cryptanalyst to extract secret keys from cryptographic devices.

Download “Introduction to Differential Power Analysis and Related Attacks”

Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

 
An academic paper introducing timing attack cryptanalysis. Many elements of timing attacks are relevant to DPA.

Abstract: By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed Diffe-Hellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. Techniques for preventing the attack for RSA and Die-Hellman are presented. Some cryptosystems will need to be revised to protect against the attack, and new protocols and algorithms may need to incorporate measures to prevent timing attacks.

Download “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems”

Rambus logo