IISc develops device to improve data encryption

City Science Technology

To make digital data safer, encrypted information can only be decoded by authorised users who have access to a cryptographic “key”.

Indian Institute of Science (IISc) has developed a true random number generator (TRNG) device, which can improve data encryption and cyber security for sensitive digital data such as credit or debit card details, passwords and other personal information.

Currently, random number generators are largely pseudo-random number generators (PRNG), which rely on mathematical formulae or pre-programmed tables to produce numbers. The numbers appear random but they are not. TRNG devices generate random numbers using inherently random physical processes, making them more secure.

Nithin Abraham, a PhD student at the Department of Electrical Communication Engineering (ECE), who is a part of the research team, said, “PRNGs are inherently weak and could lead to security vulnerabilities; secure encryption standards need TRNGs to operate.”

The image of the fabricated electronic chip that generates random number. credit: Nithin Abraham

On this device, encrypted information can be decoded only by authorised users who have access to a cryptographic key. Saransh Kumar, who works at an IT company said, “Every one of us relies on secure encryption for information in our daily life. A TRNG device will be a game changer as it is more secure than the PRNG we use for our company.”

An IISc release said that in the breakthrough TRNG device, random numbers are generated using the random motion of electrons. It consists of an artificial electron trap constructed by stacking atomically-thin layers of materials like black phosphorus and graphene. The current measured from the device increases when an electron is trapped, and decreases when it is released. Since electrons move in and out of the trap in a random manner, the measured current also changes randomly. The timing of this change determines the generated random number.

Min-entropy is a parameter used to measure the performance of TRNGs.  The National Institution of Standards and Technology (NIST) has set forth a standard to measure the min-entropy of a TRNG, Its value ranges from 0 (completely predictable) to 1 (completely random). Abraham said, “After performing the analysis on our TRNG, we observed a min-entropy greater than 0.98 bits/bit, which is the highest value reported till date in any system.”

Debangana Roy, an Axis bank employee said, “Nowadays we all are making online payments and the scammers are getting smarter. The existing encryption keys follow mathematical formulas and because of that, hackers can predict the key sometimes. Once this newly developed IISc device will be available, it can fix this issue.”

Kausik Majumdar, IISc Associate Professor at the Department of ECE said, “Since our device is purely electronic, millions of such devices can be created on a single chip.” The study describing this device has been published in the journal ACS Nano.

Shrikant Pandey, a cyber security consultant said, “Due to the increase in cyber crime cases all around the world, there is a need to use encryption-based software to maximize our cyber security.”