Random Number Generator Attack against the Kirchhoff-Law-Johnson-Noise Secure Key Exchange Protocol
This work highlights a critical vulnerability in a specific secure key exchange protocol, which is incremental as it builds on known security assumptions about randomness.
The paper introduces two attacks on the Kirchhoff-Law-Johnson-Noise secure key exchange protocol by exploiting compromised random number generators, showing that Eve can crack the key bit within a fraction of the exchange period if she knows both seeds, or within the full period if she knows only one seed.
This paper introduces and demonstrates two new attacks against the Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange scheme. The attacks are based on random number generators with compromised security. First we explore the situation in which Eve knows the seed of both Alice's and Bob's random number generators. We show that in this situation Eve can crack the secure key bit within a fraction of the bit exchange period even if her current and voltage measurements have only a single bit of resolution. In the second attack, we explore the situation in which Eve knows the seed of only Alice's random number generator. We show that in this situation Eve can still crack the secure key bit but she needs to use the whole bit exchange period for the attack. The security of the KLJN key exchange scheme, similarly to other protocols, necessitates that the random number generator outputs are truly random for Eve.