Deterministic Random Number Generator Attack Against the Kirchhoff-Law-Johnson-Noise Secure Key Exchange Protocol

Abstract

This paper demonstrates the vulnerability of the Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchanger to compromised random number generator(s) even if these random numbers are used solely to generate the noises emulating the Johnson noise of Alice’s and Bob’s resistors. The attacks shown are deterministic in the sense that Eve’s knowledge of Alice’s and/or Bob’s random numbers is basically deterministic. Moreover, no statistical evaluation is needed, except for rarely occurring events of negligible, random waiting time and verification time. We explore two situations. In the first case, Eve knows both Alice’s and Bob’s random noises. We show that, in this situation, Eve can quickly crack the secure key bit by using Ohm’s Law. In the other situation, Eve knows only Bob’s random noise. Then Eve first can learn Bob’s resistance value by using Ohm’s Law. Therefore, she will have the same knowledge as Bob, thus at the end of the bit exchange period, she will know Alice’s bit.