Fault Attacks on STRNGs: Impact of Glitches, Temperature, and Underpowering on Randomness

True random number generators (TRNGs) are the basic building blocks of cryptographic implementations. They are used to generate random numbers required for security protocols, to generate ephemeral keys, and are often used in hiding or masking countermeasures to thwart implementation attacks. The protection of TRNGs is an important issue to guarantee the security of cryptographic systems but less attention has been made in the past to evaluate the susceptibility of these building blocks against passive and active attacks. In this paper, we present active fault attacks on a recently proposed specific TRNG architecture presented by Cherkaoui et al. at CHES 2013. We successfully injected power and clock glitches in an FPGA implementation and elaborated the design in respect of thermo and underpowering attacks. Furthermore, we propose a method on how to reduce the susceptibility of these attacks to increase the resistance against fault attacks. To the best of our knowledge, this is the first work that evaluates practical clock-glitch-based fault attacks on self-timed ring-based TRNGs.