Random Number Generators in Secure Disk Drives
- PDF / 1,325,849 Bytes
- 10 Pages / 600.05 x 792 pts Page_size
- 4 Downloads / 205 Views
Research Article Random Number Generators in Secure Disk Drives Laszlo Hars Seagate Technology, 389 Disc Drive, Longmont, CO 80503, USA Correspondence should be addressed to Laszlo Hars, [email protected] Received 15 October 2008; Revised 19 March 2009; Accepted 9 June 2009 Recommended by Sandro Bartolini Cryptographic random number generators seeded by physical entropy sources are employed in many embedded security systems, including self-encrypting disk drives, being manufactured by the millions every year. Random numbers are used for generating encryption keys and for facilitating secure communication, and they are also provided to users for their applications. We discuss common randomness requirements, techniques for estimating the entropy of physical sources, investigate specific nonrandom physical properties, estimate the autocorrelation, then mix reduce the data until all common randomness tests pass. This method is applied to a randomness source in disk drives: the always changing coefficients of an adaptive filter for the read channel equalization. These coefficients, affected by many kinds of physical noise, are used in the reseeding process of a cryptographic pseudorandom number generator in a family of self encrypting disk drives currently in the market. Copyright © 2009 Laszlo Hars. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
1. Introduction Cryptographic random number generators are employed in many embedded systems, like in self encrypting disk drives, such as the Seagate Momentus Full Disk Encryption (FDE) drives. The generated random numbers can be used for encryption keys, facilitating secure communication (via nonces), performing self-tests, and so forth. Previous states of the random number generator are difficult to securely store, because an attacker could read, and in some point in the future restore earlier states (together with any possible local authentication tags) with the help of specialized tools (spin stand), and so force the generation of the same random sequence as earlier. This causes repeated nonces, recurring use of the same encryption keys, and so forth, that is, loss of security. Physical entropy sources are used to initialize cryptographic random number generators at every power up, and at special requests, like at reinitializing the firmware, or before generating long used cryptographic keys. Seeding with unpredictable physical values makes a cryptographic random number generator to supply pseudorandom sequences, with negligible probability of repetition. Generating secure random sequences this way needs no secure protected storage for keys or for the internal state of the generator, therefore it reduces costs and improves security.
Below we describe how an available digital signal with random components, the coefficients of the adaptive channel filter, is used in seeding a cryptographic random number generator in sel
Data Loading...
