# Improved Side-Channel Attack on CTR DRBG Using a Clustering Algorithm

**Authors:** Jaeseung Han, Dong-Guk Han

PMC · DOI: 10.3390/s25134170 · Sensors (Basel, Switzerland) · 2025-07-04

## TL;DR

This paper improves a side-channel attack on a random number generator used in IoT devices, making it more effective even in noisy environments.

## Contribution

A clustering algorithm is introduced to enhance the success rate and accuracy of side-channel attacks on CTR DRBG.

## Key findings

- The proposed attack achieves a 50% higher success rate than previous methods at high noise levels.
- Steps 3 and 4 of the attack show an average 18.5% performance improvement.
- The attack extends the range of target devices to more noisy environments.

## Abstract

Deterministic random bit generators (DRBG) play a crucial role in device security because they generate secret information cryptographic systems, e.g., secret keys and parameters. Thus, attacks on DRBGs can result in the exposure of important secret values, which can threaten the entire cryptographic system of the target Internet of Things (IoT) equipment and smart devices. In 2020, Meyer proposed a side-channel attack (SCA) method that recovers the output random bits by analyzing the power consumption traces of the NIST standard AES CTR DRBG. In addition, most algorithmic countermeasures against SCAs also utilize random numbers; thus, such vulnerabilities are more critical than other SCAs on cryptographic modules. Meyer’s attack recovers the secret random number in four stages of the attack using only the power traces, which the CTR DRBG processes in 256 blocks. We present an approach that employs a clustering algorithm to enhance Meyer’s attack. The proposed attack increases the attack success rate and recovers more information using a clustering attack in the first step. In addition, it improves the attack accuracy in the third and fourth steps using the information obtained from the clustering process. These results lead to the possibility of attacks at higher noise levels and increase the diversity of target devices for attacking the CTR DRBG. Experiments were conducted on an Atmel XMEGA128D4 processor to evaluate the effectiveness of the proposed attack method. We also introduced artificial noise into the power traces to compare the proposed attack’s performance at different noise levels. Our results demonstrate that the first step of the proposed attack achieves a higher success rate than Meyer’s attack at all noise levels. For example, at high noise levels, the difference in the success rates is up to 50%. In steps 3 and 4, an average performance improvement of 18.5% greater than Meyer’s proposed method is obtained. The proposed attack effectively extends the target to more noisy environments than previous attacks, thereby increasing the threat of SCA on CTR DRBGs.

## Full-text entities

- **Diseases:** AES (MESH:D020178), SCA (MESH:D000069584), injury to (MESH:D014947)
- **Chemicals:** AES (-)
- **Species:** Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12252128/full.md

## Figures

15 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12252128/full.md

## References

34 references — full list in the complete paper: https://tomesphere.com/paper/PMC12252128/full.md

---
Source: https://tomesphere.com/paper/PMC12252128