Power analysis of a chaos-based random number generator for cryptographic security

6noIn this paper we consider a side-channel attack on a chaos-based Random Number Generator (RNG) based on power consumption analysis. The aim of this attack is to verify if it is possible to retrieve information regarding the internal state of the chaotic system used to generate the random bits. In fact, one of the most common arguments against this kind of RNGs is that, due to the deterministic nature of the chaotic circuit on which they rely, the system cannot be truly unpredictable. Here we analyze the power consumption profile of a chaos-based RNG prototype we designed in 0.35 μm CMOS technology, showing that for the proposed circuit the internal state (and therefore the future evolution) of the system cannot be determined with a side-channel attack based on a power analysis. This property makes the proposed RNG perfectly suitable for high-security cryptographic applications. ©2009 IEEE.partially_openopenPareschi F.; Scotti G.; Giancane L.; Rovatti R.; Setti G.; Trifiletti A.Pareschi, F.; Scotti, G.; Giancane, L.; Rovatti, R.; Setti, G.; Trifiletti, A

Power analysis of a chaos-based random number generator for cryptographic security

Power analysis of a chaos-based random number generator for cryptographic securit

Power analysis of a chaos-based random number generator for cryptographic security

In this paper we consider a side-channel attack on a chaos-based Random Number Generator (RNG) based on power consumption analysis. The aim of this attack is to verify if it is possible to retrieve information regarding the internal state of the chaotic system used to generate the random bits. In fact, one of the most common arguments against this kind of RNGs is that, due to the deterministic nature of the chaotic circuit on which they rely, the system cannot be truly unpredictable. Here we analyze the power consumption profile of a chaos-based RNG prototype we designed in 0.35 μm CMOS technology, showing that for the proposed circuit the internal state (and therefore the future evolution) of the system cannot be determined with a side-channel attack based on a power analysis. This property makes the proposed RNG perfectly suitable for high-security cryptographic applications

Analysis and Design Security Primitives Based on Chaotic Systems for eCommerce

Security is considered the most important requirement for the success of electronic commerce, which is built based on the security of hash functions, encryption algorithms and pseudorandom number generators. Chaotic systems and security algorithms have similar properties including sensitivity to any change or changes in the initial parameters, unpredictability, deterministic nature and random-like behaviour. Several security algorithms based on chaotic systems have been proposed; unfortunately some of them were found to be insecure and/or slow. In view of this, designing new secure and fast security algorithms based on chaotic systems which guarantee integrity, authentication and confidentiality is essential for electronic commerce development. In this thesis, we comprehensively explore the analysis and design of security primitives based on chaotic systems for electronic commerce: hash functions, encryption algorithms and pseudorandom number generators. Novel hash functions, encryption algorithms and pseudorandom number generators based on chaotic systems for electronic commerce are proposed. The securities of the proposed algorithms are analyzed based on some well-know statistical tests in this filed. In addition, a new one-dimensional triangle-chaotic map (TCM) with perfect chaotic behaviour is presented. We have compared the proposed chaos-based hash functions, block cipher and pseudorandom number generator with well-know algorithms. The comparison results show that the proposed algorithms are better than some other existing algorithms. Several analyses and computer simulations are performed on the proposed algorithms to verify their characteristics, confirming that these proposed algorithms satisfy the characteristics and conditions of security algorithms. The proposed algorithms in this thesis are high-potential for adoption in e-commerce applications and protocols