Générateurs de nombres véritablement aléatoires à base d'anneaux asynchrones : conception, caractérisation et sécurisation

True Random Number Generators (TRNG) are ubiquitous in many critical cryptographic applications (key generation, DSA signatures, etc). While many TRNG designs exist in literature, only a few of them deal with security aspects, which is surprising considering that they are low-level primitives in a cryptographic system (a weak TRNG can jeopardize a whole cryptographic system). The objective of this thesis was to study the advantages of asynchronous design techniques in order to build true random number generators that are secure and robust. We especially focused on digital oscillators called self-timed rings (STR), which use a handshake request and acknowledgement protocol to organize the propagation of data. Using some of the unique properties of STRs, we propose a new TRNG principle, with a detailed theoretical study of its behavior, and an evaluation of the TRNG core in ASICs and FPGAs. We demonstrate that this new principle allows to generate high quality random bit sequences with a very high throughput (> 100 Mbit/s). Moreover, it enables a realistic estimation for the entropy per output bit (this entropy level can be tuned using the entropy extractor parameters). We also present a complete methodology to design the TRNG, to properly set up the architecture with regards to the level of noise in the circuit, and to secure it against attacks and failuresLes générateurs de nombres véritablement aléatoires (TRNG) sont des composants cruciaux dans certaines applications cryptographiques sensibles (génération de clés de chiffrement, génération de signatures DSA, etc). Comme il s’agit de composants très bas-niveau, une faille dans le TRNG peut remettre en question la sécurité de tout le système cryptographique qui l’exploite. Alors que beaucoup de principes de TRNG existent dans la littérature, peu de travaux analysent rigoureusement ces architectures en termes de sécurité. L’objectif de cette thèse était d’étudier les avantages des techniques de conception asynchrone pour la conception de générateurs de nombres véritablement aléatoires (TRNG) sûrs et robustes. Nous nous sommes en particulier intéressés à des oscillateurs numériques appelés anneaux auto-séquencés. Ceux-ci exploitent un protocole de requêtes et acquittements pour séquencer les données qui y circulent. En exploitant les propriétés uniques de ces anneaux, nous proposons un nouveau principe de TRNG, avec une étude théorique détaillée sur son fonctionnement, et une évaluation du cœur du générateur dans des cibles ASIC et FPGA. Nous montrons que ce nouveau principe permet non seulement de générer des suites aléatoires de très bonne qualité et avec un très haut débit (>100 Mbit/s), mais il permet aussi une modélisation réaliste de l’entropie des bits de sortie (celle-ci peut être réglée grâce aux paramètres de l’extracteur). Ce travail propose également une méthodologie complète pour concevoir ce générateur, pour le dimensionner en fonction du niveau de bruit dans le circuit, et pour le sécuriser face aux attaques et défaillance

Self-timed rings as low-phase noise programmable oscillators

International audienceSelf-timed rings are promising for designing highspeed serial links and system clock generators. Indeed, their architecture is well-suited to digitally control their frequency and to easily adapt their phase noise by design. Self-timed ring oscillation frequency does not only depend on the number of stages as the usual inverter ring oscillators but also on their initial state. This feature is extremely important to make them programmable. Moreover, with such ring oscillators, it is easy to control the phase noise by design. Indeed, 3dB phase noise reduction is obtained at the cost of higher power consumption when the number of stages is doubled while keeping the same oscillation frequency, thanks to the oscillator programmability. In this paper, we completely describe the method to design selftimed rings in order to make them programmable and to generate a phase noise in accordance with the specifications. Test chips have been designed and fabricated in AMS 0.35 μm and in STMicroelectonics CMOS 65 nm technology to verify our models and theoretical claims

A Self-timed Ring Based True Random Number Generator

International audienceSelf-timed rings are oscillators in which several events can evolve evenly-spaced in time thanks to analog effects inherent to the ring stage structure. One of their interesting features is that they provide precise high-speed multiphase signals. This paper presents a true random number generator that exploits the jitter of events propagating in a self-timed ring with a high entropy. Designs implemented in Altera Cyclone III and Xilinx Virtex 5 devices provide high quality random bit sequences passing FIPS 140-1 and NIST SP 800-22 statistical tests at a high bit rate

Comparison of Self-Timed Ring and Inverter Ring Oscillators as Entropy Sources in FPGAs

International audienceMany True Random Numbers Generators (TRNG) use jittery clocks generated in ring oscillators as a source of entropy. This is especially the case in Field Programmable Gate Arrays (FPGA), where sources of randomness are very limited. Inverter Ring Oscillators (IRO) are relatively well characterized as entropy sources. However, it is known that they are very sensitive to working conditions. This fact makes them vulnerable to attacks. On the other hand, Self-Timed Rings (STR) are currently considered as a promising solution to generate robust clock signals. Although many studies deal with their temporal behavior and robustness in Application Specific Integrated Circuits (ASIC), equivalent study does not exist for FPGAs. Furthermore, these oscillators were not analyzed and characterized as entropy sources aimed at TRNG design. In this paper, we analyze STRs as entropy sources for TRNGs implemented in FPGAs. Next, we compare STRs and IROs when serving as sources of randomness. We show that STRs represent very interesting alternative to IROs: they are more robust to environmental fluctuations and they exhibit lower extra-device frequency variations

A Very High Speed True Random Number Generator with Entropy Assessment

International audienceThe proposed true random number generator (TRNG) exploits the jitter of events propagating in a self-timed ring (STR) to generate random bit sequences at a very high bit rate. It takes advantage of a special feature of STRs that allows the time elapsed between successive events to be set as short as needed, even in the order of picoseconds. If the time interval between the events is set in concordance with the clock jitter magnitude, a simple entropy extraction scheme can be applied to generate random numbers. The proposed STR-based TRNG (STRNG) follows AIS31 recommendations: by using the proposed stochastic model, designers can compute a lower entropy bound as a function of the STR characteristics (number of stages, oscillation period and jitter magnitude). Using the resulting entropy assessment, they can then set the compression rate in the arithmetic post-processing block to reach the required security level determined by the entropy per output bit. Implementation of the generator in two FPGA families confirmed its feasibility in digital technologies and also confirmed it can provide high quality random bit sequences that pass the statistical tests required by AIS31 at rates as high as 200 Mbit/s

New Paradigms for Access Control in Constrained Environments

International audienceThe Internet of Things (IoT) is here, more than 10 billion units are already connected and five times more devices are expected to be deployed in the next five years. Technological standarization and the management and fostering of rapid innovation by governments are among the main challenges of the IoT. However, security and privacy are the key to make the IoT reliable and trusted. Security mechanisms for the IoT should provide features such as scalability, interoperability and lightness. This paper adresses authentication and access control in the frame of the IoT. It presents Physical Unclonable Functions (PUF), which can provide cheap, secure, tamper-proof secret keys to authentify constrained M2M devices. To be successfully used in the IoT context, this technology needs to be embedded in a standardized identity and access management framework. On the other hand, Embedded Subscriber Identity Module (eSIM) can provide cellular connectivity with scalability, interoperability and standard compliant security protocols. The paper discusses an authorization scheme for a constrained resource server taking advantage of PUF and eSIM features. Concrete IoT uses cases are discussed (SCADA and building automation)

Electrolyte ions and glutathione enzymes as stress markers in Argania spinosa subjected to drought stress and recovery

Understanding the mechanisms underlying Argania spinosa responses to drought stress is essential for its regeneration and domestication. Toward that end, an integrative study of tolerance responses to drought stress in four A. spinosa ecotypes (2 contrasting coastal ecotypes (Adm and Rab) and 2 contrasting inland ecotypes (Alz and Lks)) have been conducted. Responses to soil drying and re -watering were measured at physiological and biochemical levels. Soil drying resulted in significant increase in leaf concentrations of potassium (K+), calcium (Ca2+) and magnesium (Mg2+) with differential responses between ecotypes. The glutathione-related enzymes: glutathione peroxidase (GP), glutathione reductase (GR) and glutathione S-transferase (GST) showed a significant increase in their enzymatic activity in A. spinosa plants subjected to drought stress. Additionally, a significant increase in thiol protein content in the four ecotypes was recorded, during drought stress. These antioxidant traits responded differently depending on ecotype. However, rapid and significant changes in the studied physiological and biochemical traits were observed during recovery from drought, only after four days. According to the traits having the most discriminating power, the both inland ecotypes, especially Lks ecotype, seem to be potential candidates for regeneration of argan forest and their domestication in arid and semi-arid environments.Key words: Argania spinosa, drought stress, glutathione enzymes, thiol compounds, recovery

Effect of phospho-compost and phosphate laundered sludge combined or not with endomycorrhizal inoculum on the growth and yield of tomato plants under greenhouse conditions

The study aims to evaluate the eff ect of endomycorrhizal inoculum (arbuscular mycorrhizal fungi), phospho-compost and phosphate sludge in single (M, PC, PS) or dual combinations (PC+M, PS+M, PS+PC) compared to agricultural and Mamora soils (A and S) on the growth, fl owering, and yield of tomato plants. Among the studied treatments, the substrates containing 5% of phospho-compost combined with endomycorrhizal inoculum (PC+M) gave the most positive eff ect followed by phospho-compost (PC) and endomycorrhizal inoculum (M). In response to PC+M substrate, tomato plant height, the number of leaves and fl owers attained 90 cm, 30, and 25, respectively. In substrates PC and M, tomato plants showed a height of 85 and 75 cm, leaves number of 30 and 19 leave/plant and number of fl owers of 21, and 19 fl ower/plant. An optimal yield with (12 fruits/plant) was recorded in tomato plants grown on the substrate amended with bio-inoculant (AMF) and phospho-compost at a rate of 5%. In terms of qualitative parameters, the highest fresh and dry weight of aerial plant parts and root system were recorded in tomato plants grown in culture substrate incorporating 10 g of endomycorrhizal inoculum and 5% of phospho-compost reaching respectively103.4 g, 34 g 90.1 g, 28.9 g as compared to 87, 51, 23 and 24.1 g noted by tomato plants on the substrate with phospho-compost (5%) (PC). The highest mycorrhization parameters (frequency (F), intensity of mycorrhization (M), average arbuscular content (A), average vesicular content (V), average intraradicular spore content (S)) were found in the roots of tomato plants growing on substrates amended with 5% phospho-compost plus 10 g of endomycorrhizal inoculum, with percentages of 100% F, 61% M, 40.67% A, 18.36% V, and 56.9% S

Effects of a Composite Endomycorrhizal Inoculum on Olive Cuttings under the Greenhouse Conditions

This study was carried out in a nursery to evaluate the impact of mycorrhizal fungi on the cutting's root growth, and root colonization of a Moroccan olive variety ‘Picholine Marocaine' under greenhouse conditions during 2 years of cultivation. The results revealed that the inoculation with a composite inoculum of arbuscular mycorrhizal fungi (AMF) stimulated an early root formation and high development of vegetative shoots in inoculated cuttings respectively, 35 days (50 days in the control plots) and 40 days (60 days in the control plots) after their culture. The progressive establishment of mycorrhizal symbiosis in the roots of the inoculated plants showed that the root and vegetative masses were respectively 24 g and 19.5 g two years after inoculation. The average height and the leave's number of the inoculated plants relative to the control were respectively s 42/ 12 cm and 145/12. The newly formed roots were mycorrhizal and present different structures characteristic of AMF: arbuscules, vesicles, hyphae and spores, whose frequency and intensity reached 90% and 75% two years after cuttings cultivation. The arbuscular and vesicular contents and the number of spores were 67%, 96% and 212 spores/ 100 g of soil respectively. The fourteen species of mycorrhizal fungi isolated from the rhizosphere belong to 4 genera (Glomus, Acaulospora, Gigaspora, and Scutellospora) and three families (Glomaceae, Acaulosporaceae and Gigasporacea).The Glomus genus was the most dominant (65%) followed by the Gigaspora genus (22%). Glomus intraradices, Gigaspora sp.2, Glomus versiformes are the most abundant species, their frequency of occurrence are respectively 30%, 21% and 16%

Ring oscillator based true random number generators : design, characterization and security

Les générateurs de nombres véritablement aléatoires (TRNG) sont des composants cruciaux dans certaines applications cryptographiques sensibles (génération de clés de chiffrement, génération de signatures DSA, etc). Comme il s’agit de composants très bas-niveau, une faille dans le TRNG peut remettre en question la sécurité de tout le système cryptographique qui l’exploite. Alors que beaucoup de principes de TRNG existent dans la littérature, peu de travaux analysent rigoureusement ces architectures en termes de sécurité. L’objectif de cette thèse était d’étudier les avantages des techniques de conception asynchrone pour la conception de générateurs de nombres véritablement aléatoires (TRNG) sûrs et robustes. Nous nous sommes en particulier intéressés à des oscillateurs numériques appelés anneaux auto-séquencés. Ceux-ci exploitent un protocole de requêtes et acquittements pour séquencer les données qui y circulent. En exploitant les propriétés uniques de ces anneaux, nous proposons un nouveau principe de TRNG, avec une étude théorique détaillée sur son fonctionnement, et une évaluation du cœur du générateur dans des cibles ASIC et FPGA. Nous montrons que ce nouveau principe permet non seulement de générer des suites aléatoires de très bonne qualité et avec un très haut débit (>100 Mbit/s), mais il permet aussi une modélisation réaliste de l’entropie des bits de sortie (celle-ci peut être réglée grâce aux paramètres de l’extracteur). Ce travail propose également une méthodologie complète pour concevoir ce générateur, pour le dimensionner en fonction du niveau de bruit dans le circuit, et pour le sécuriser face aux attaques et défaillancesTrue Random Number Generators (TRNG) are ubiquitous in many critical cryptographic applications (key generation, DSA signatures, etc). While many TRNG designs exist in literature, only a few of them deal with security aspects, which is surprising considering that they are low-level primitives in a cryptographic system (a weak TRNG can jeopardize a whole cryptographic system). The objective of this thesis was to study the advantages of asynchronous design techniques in order to build true random number generators that are secure and robust. We especially focused on digital oscillators called self-timed rings (STR), which use a handshake request and acknowledgement protocol to organize the propagation of data. Using some of the unique properties of STRs, we propose a new TRNG principle, with a detailed theoretical study of its behavior, and an evaluation of the TRNG core in ASICs and FPGAs. We demonstrate that this new principle allows to generate high quality random bit sequences with a very high throughput (> 100 Mbit/s). Moreover, it enables a realistic estimation for the entropy per output bit (this entropy level can be tuned using the entropy extractor parameters). We also present a complete methodology to design the TRNG, to properly set up the architecture with regards to the level of noise in the circuit, and to secure it against attacks and failure