Ensuring high-quality randomness in cryptographic key generation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Secure PRNG seeding on commercial off-the-shelf microcontrollers
Proceedings of the 3rd international workshop on Trustworthy embedded devices
| Hi-index | 0.00 |
We present three techniques for extracting entropy during boot on embedded devices. Our first technique times the execution of code blocks early in the Linux kernel boot process. It is simple to implement and has a negligible runtime overhead, but, on many of the devices we test, gathers hundreds of bits of entropy. Our second and third techniques, which run in the bootloader, use hardware features -- DRAM decay behavior and PLL locking latency, respectively -- and are therefore less portable and less generally applicable, but their behavior is easier to explain based on physically unpredictable processes. We implement and measure the effectiveness of our techniques on ARM-, MIPS-, and AVR32-based systems-on-a-chip from a variety of vendors.