Skip to main content

Certifiably Biased: An In-Depth Analysis of a Common Criteria EAL4+ Certified TRNG

Hurley-Smith, Darren, Hernandez-Castro, Julio (2018) Certifiably Biased: An In-Depth Analysis of a Common Criteria EAL4+ Certified TRNG. IEEE Transactions on Information Forensics and Security, 13 (4). pp. 1031-1041. ISSN 1556-6013. E-ISSN 1556-6021. (doi:10.1109/TIFS.2017.2777342) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided)

PDF - Publisher pdf
Restricted to Repository staff only
Contact us about this Publication Download (1MB)
Official URL


This paper reports the first in-depth analysis of the DESFire EV1’s EAL4+ certified TRNG and raises some difficult questions regarding the certification of non-deterministic random number generators. We start by analyzing the quality of the purportedly true random number generator (TRNG) on the DESFire EV1 card. Clear and consistent biases are identified, despite good performance in most randomness tests. These statistical tests, commonly used in popular certification processes, such as Common Criteria EAL4+, are found not to be able to detect these anomalies. The means we employ for the detection and characterization of the bias are explored, highlighting both novel and existing ways of spotting deficient TRNG output. Further analysis shows systemic issues affecting TRNG output at the byte level, for which we have developed an accurate explanation. Our results have been acknowledged by the manufacturer, after responsible disclosure.

Item Type: Article
DOI/Identification number: 10.1109/TIFS.2017.2777342
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Julio Hernandez-Castro
Date Deposited: 08 Jun 2018 14:32 UTC
Last Modified: 09 Jul 2019 11:28 UTC
Resource URI: (The current URI for this page, for reference purposes)
  • Depositors only (login required):


Downloads per month over past year