Random Number Generator, Zero-Crossing, and Nonlinearity Attacks against the Kirchhoff-Law-Johnson-Noise (KLJN) Secure Key Exchange Protocol (2112.09052v1)

Abstract: This dissertation demonstrates three new types of attacks against the KLJN scheme. The first attack type is based on compromised RNGs. The first RNG attacks are deterministic. First, Eve knows both noises. She can crack the bit via Ohm's Law and one-bit powers within a fraction of the bit exchange period. Second, Eve knows only Bob's noise, so she can learn Bob's resistance value via Ohm's Law and Alice's resistance at the end of the bit exchange period. She can also use a process of elimination. The second RNG attacks are statistical. First, Eve has partial knowledge of Alice's and Bob's noises. She can crack the bit by taking the highest cross-correlation between her noises and the measured noise in the wire, and by taking the highest cross-correlation between her noises and Alice's/Bob's noises. Second, Eve has partial knowledge of only Alice's noise. She can still crack the bit, but after the bit exchange period. The second attack type is based on thermodynamics. Previously, the KLJN scheme required thermal equilibrium. However, Vadai, et al, in (Nature) Science Reports shows a modified scheme, where there is a non-zero thermal noise, yet the system resists all the known attacks. We utilize coincidence events between the line current and voltage and show that there is non-zero information leak. As soon as thermal equilibrium is restored, the system is perfectly secure again. The final attack type is based on the nonlinearity of the noise generators. We explore the effect of distortion at the second and third orders. It is demonstrated that 1% distortion results in a significant information leak. We also show that decreasing the effective temperature results in the KLJN scheme approaching perfect security.