An Indian Institute of Science (IISc) team has developed a “record-breaking” true random number generator (TRNG), which can improve data encryption and provide improved security for sensitive digital data such as credit card details, passwords and other personal information.
Encryption strength is dependent on quality of random number generation
The IISc in Bengaluru has published a study describing this device in the journal ACS Nano. For security, almost everything we do on the internet is encrypted. According to Nithin Abraham, a PhD student at IISc’s Department of Electrical Communication Engineering (ECE), the strength of this encryption is dependent on the quality of random number generation. Abraham is a member of the IISc team led by associate professor of ECE Kausik Majumdar.
Only authorised users can decode encrypted data
Only authorised users with access to a cryptographic key can decode encrypted data. To resist hacking, the key must be unpredictable and thus randomly generated. Typically, cryptographic keys are generated in computers using pseudo-random number generators (PRNGs), which use mathematical formulae or pre-programmed tables to generate numbers that appear random but are not.
Consists of an artificial electron trap
In IISc’s “breakthrough” TRNG device, random numbers are generated using the random motion of electrons. It consists of an artificial electron trap constructed by stacking atomically-thin layers of materials like black phosphorus and graphene. The current measured from the device increases when an electron is trapped, and decreases when it is released. Since electrons move in and out of the trap in a random manner, the measured current also changes randomly. The timing of this change determines the generated random number.
It is impossible to predict when the electron will enter the trap. As a result, there is inherent randomness in this process. The device outperformed Majumdar’s expectations on the standard tests for cryptographic applications designed by the US National Institute of Standards and Technology (NIST).
I knew it would be a good random number generator when the idea struck me, but I didn’t expect it to have a record-high min-entropy, he says.
Achieved a record-high min-entropy of 0.98
The parameter min-entropy is used to assess the performance of TRNGs. Its value ranges from zero to one (completely predictable) (completely random). Majumdar’s lab device achieved a record-high min-entropy of 0.98, a significant improvement over previously reported values of around 0.89.
According to Abraham, ours has by far the highest reported min-entropy among TRNGs. The electronic TRNG developed by the team is also more compact than its bulkier counterparts based on optical phenomena. Because our device is entirely electronic, millions of them can be created on a single chip, Majumdar adds. He and his colleagues intend to improve the device by making it faster and developing a new fabrication process that will allow for mass production of these chips.
