Bit2RNG: Leveraging Bad-page Initialized Table with Bit-error Insertion for True Random Number Generation in Commodity Flash Memory
Abstract
Nowadays NAND flash memory is the de-facto storage technology that is widely used from compact commercial off-the-shelf (COTS) embedded devices to large-scale cloud computing facilities. Motivated by the growing demand for mobile and Internet-of-Thing (IoT) applications, researchers have proposed many innovative ways to leverage the physical characteristics of memory devices for different security functionalities. However, many existing solutions lack thorough considerations of practical factors such as device aging, implementation cost, and runtime speed, preventing them from being directly adopted for realworld industrial applications. In this work, we present a novel true random number generation method called Bit2RNG that leverages the intrinsic system resources by combining the bad pages and bit errors in NAND flash as a random source. Our solution requires no hardware modifications to the memory chip, its communication interface, or the flash controller, and consumes no additional system memory space. To demonstrate the capability and benefit of the proposed Bit2RNG technology, we explore several lightweight IoT applications including cryptographic key generation, device identification, and data provenance. The experimental results indicate that Bit2RNG is a practical solution with better system performance trade-off compared with other state-of-the-art TRNG techniques.
