The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지
DOI QR코드

DOI QR Code

A Design and Implementation of the Light-Weight Random Number Generator Using Sensors

센서를 이용한 경량 난수발생기 설계 및 구현

  • Kang, Hana (Kookmin University Department of Financial Information Security) ;
  • Yoo, Taeil (Kookmin University Department of Financial Information Security) ;
  • Yeom, Yongjin (Kookmin University Department of Math / Financial Information Security) ;
  • Kang, Ju-Sung (Kookmin University Department of Math / Financial Information Security)
  • Received : 2016.08.31
  • Accepted : 2016.12.15
  • Published : 2017.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Random number generator(RNG) is essential in cryptographic applications. As recently a system using small devices such as IoT, Sensor Network, SmartHome appears, the lightweight cryptography suitable for this system is being developed. However due to resource limitations and difficulties in collecting the entropy, RNG designed for the desktop computer are hardly applicable to lightweight environment. In this paper, we propose a lightweight RNG to produce cryptographically strong random number using sensors. Our design uses a Hankel matrix, block cipher as the structure and sensors values as noise source. Futhermore, we implement the lightweight RNG in Arduino that is one of the most popular lightweight devices and estimate the entropy values of sensors and random number to demonstrate the effectiveness and the security of our design.

암호시스템에서 난수발생기는 필수적인 요소이다. 최근에 IoT, Sensor Network, SmartHome와 같은 소형 디바이스를 사용하는 환경이 등장하면서, 이에 적합한 다양한 경량 암호들이 개발되고 있다. 하지만 리소스 제한, 엔트로피 수집의 어려움 등의 문제로 인하여, 기존의 데스크 탑에 초점을 두고 만들어진 난수발생기가 제대로 동작하는 것이 어려워지고 있다. 본 논문에서 경량 환경에서 안전한 난수를 생성하는 방법으로 경량 난수발생기 설계를 소개한다. 구조는 헨켈 매트릭스와 블록암호를 사용하고 잡음원으로 센서를 사용한다. 또한 소형 디바이스 중에서 가장 대표적인 Arduino보드에 설계한 경량 난수발생기를 구현하고, 구현 결과로 센서 데이터와 최종 출력 난수의 엔트로피 값을 측정하고 평가함으로써 효율성과 안전성을 확인한다.

Keywords

References

  1. D. H. Kim, S. U. Yun, and Y. P. Yi, "The security of IoT service," in Proc. KICS Int. Conf. Commun., pp. 53-59, Jeju Island, Korea, Jul. 2013.
  2. K. Michaelis, C. Meyer, and J. Schwenk, Randomness fail! The State of randomness in current java implementations, Springer Berlin Hedelberg, pp. 129-144, Feb. 2013.
  3. D. J. Bernstein, Y. A. Chang, C. M. Cheng, L. P. Chou, N. Heninger, T. Lange, and N. V. Someren, "Factoring RSA keys form certified smart cards : Coppersmith in the wild," in Int. Conf. Theory and Appl. Cryptololgy and Inf. Secur., Springer Berlin Heidelberg, pp. 341- 360, Dec. 2013.
  4. Audit of github SSH Keys finds many still vu lnerable to old debian bug (2015), Retrieved November, 18, 2016, from https://threatpost.com/audit-of-gitbub-ssh-keys-finds-many-still-vulnerable-to-old-debian-bug/113117/
  5. True random number generator for a true hacker (2015), Retrieved November, 18, 2016, from http://hackday.com/2015/06/29/true-random-generator-for-a-true-hacker
  6. J. Y. Park, S. M. Shin, and N. H. Kang, "Mutual authentication and key agreement scheme between lightweight devices in internet of things," in Proc. KICS Int. Conf. Commun., pp. 707-714, Jeju Island, Korea, Jul. 2013.
  7. B. Barak and S. Halevi, "A model and architecture for pseudo-random generator and application to d/dev/random," CCS'05, Nov. 2015.
  8. Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone, Handbook of applied cryptography, Massachusetts Inst. Technol., 1996.
  9. NIST SP 800-38A, Recommendation for block cipher modes of operation methods and techniques, 2011.
  10. S. Thomas, SSL and TLS essentials, New York, John Wiley & Sons, Inc., 2000.
  11. C. H. Bennett, "Quantum cryptography: Public key distribution and coin tossing," in Int. Conf. Comput. Syst. and Sign. Process. IEEE, pp. 175-179, 1984.
  12. FIPS PUB 140-3, Security Requirements for Cryptographic Modules, 2009.
  13. NIST, SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, 2015.
  14. NIST, SP 800-90B, (Second Draft) Recommendation for the Entropy Sources Used for Random Bit Generation, 2016.
  15. NIST, SP 800-90C, Recommendation for Random Bit Generator(RGB) Construction, 2012.
  16. NIST, SP 800-22, A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Application, 2010.
  17. B. Kristinsson, "Ardrand : The arduino as a hardware random-number generator," Cryptography and Secur., Inf. Theory, Dec. 2012.
  18. Wikipedia, Linear congruential generator, https://en.wikipedia.org/wiki/Linear_congruential_g enerator
  19. National Security Agency, The simon and speck families of lightweight block ciphers, Jun. 2013.
  20. Implementations of lightweight block ciphers on a WSN430 sensor, http://bloc,project.citi-lab.fr/library_option_02.html
  21. C. Hennebert, H. Hossayni, and C. Lauraoux, "Entropy harvesting from physical sensors," Wisec'13, pp. 149-154, Budapest, Hungary, Apr. 2013.
  22. H. Kang, Y. Yeom, and J. S. Kang, "An implementation of integrated tool for statistical randomness tests and entropy estimations," in Proc. KICS Winter Conf., pp. 229-230, Jeongseon, Korea, Jan. 2013.
  23. Diharder, Retrieved November, 18, 2016, from http://www.phy.duke.edu/-rgb/General/deiharder.php