Liu Jing, Xie Jianguo, Chao Lu, Wu Han, Ding Peng, Chen Xiaoming, Feng Huamin
Beijing University of Posts and Telecommunications, Beijing, 100876, China.
Beijing Electronic Science and Technology Institute, Beijing, 100070, China.
Sci Rep. 2022 Feb 22;12(1):2948. doi: 10.1038/s41598-022-06815-2.
Semiconductor superlattice true random number generator (SSL-TRNG) has an outstanding practical property on high-throughput and high-security cryptographic applications. Security in random number generators is closely related to the min-entropy of the raw output because feeding cryptographic applications with insufficient entropy leads to poor security and vulnerability to malicious attacks. However, no research has focused on the min-entropy estimation based on the stochastic model for SSL-TRNG, which is a highly recommended method for evaluating the security of a specific TRNG structure. A min-entropy estimation method is proposed in this paper for the SSL-TRNG by extending the Markov stochastic model derived from the memory effects. By calculating the boundary of the transition matrix, the min-entropy result is the average value of each sample (1 bit) is 0.2487. Moreover, the experimental results show that the estimator is accurate enough to adjust compression rate dynamically in post-processing to reach the required security level, estimating entropy on the fly rather than off-line.
半导体超晶格真随机数发生器(SSL - TRNG)在高通量和高安全性加密应用方面具有出色的实用特性。随机数发生器的安全性与原始输出的最小熵密切相关,因为为加密应用提供的熵不足会导致安全性差且容易受到恶意攻击。然而,尚未有研究专注于基于随机模型的SSL - TRNG最小熵估计,而该模型是评估特定TRNG结构安全性的高度推荐方法。本文通过扩展源自记忆效应的马尔可夫随机模型,提出了一种针对SSL - TRNG的最小熵估计方法。通过计算转移矩阵的边界,得到的最小熵结果是每个样本(1位)的平均值为0.2487。此外,实验结果表明,该估计器足够准确,能够在后期处理中动态调整压缩率以达到所需的安全级别,可实时而非离线估计熵。
