THE QUANTUM INTELLIGENCER

SRAM Power-On Randomness as a Lightweight, Thermally Robust Source of Gaussian Noise for Post-Quantum Cryptography In Plain English: This paper tackles a big problem: future quantum computers could break the encryption that protects our online data today. To stop this, new encryption methods need random 'noise' that follows a specific bell-shaped pattern. Making this noise usually takes a lot of computing power, which doesn’t work well on small devices like smart cards or sensors. The researchers found a clever fix: they use the natural randomness that happens when computer memory (SRAM) turns on—like flipping thousands of coins at once. By counting how many land on 'heads,' they create the needed noise without extra hardware or power. This matters because it makes next-generation encryption practical and secure for everyday devices, even in extreme temperatures. Summary: As quantum computing advances, classical public-key cryptosystems like RSA and ECC are increasingly vulnerable to quantum attacks due to algorithms such as Shor’s algorithm that efficiently solve their underlying mathematical problems [3,4,5]. Post-quantum cryptography (PQC), particularly lattice-based schemes relying on the Learning with Errors (LWE) problem, offers a solution by introducing Gaussian-distributed noise to encryption processes, making cryptanalysis infeasible [7,8,9]. However, conventional Gaussian noise generation methods—such as Box-Muller transformation, rejection sampling, and Ziggurat sampling—are computationally intensive and require large memory resources, limiting their use in embedded and lightweight systems [12,13,14,15]. To overcome these limitations, Kim, Jeon, and Kim propose a hardware-based Gaussian noise generator that leverages the inherent randomness of SRAM power-on states [16,17]. The method involves collecting the initial bit states of SRAM cells after power-up and computing the Hamming weight—the number of '1' bits—across a group of cells. Due to the central limit theorem, aggregating multiple binary random variables (each SRAM cell’s state) results in a distribution that approximates a Gaussian normal distribution, analogous to a large-scale fair coin toss experiment. The experimental setup uses IS62WV51216 SRAM chips interfaced with an STM32-based Open103Z development board, with data collected across temperatures from −20°C to 100°C using a temperature chamber [18,19]. Simulations in LTSPICE and MATLAB provided theoretical baselines for SRAM initialization dynamics and ideal Gaussian/fair coin behavior [20,21]. Statistical validation confirms the Gaussian nature of the generated noise. Quantile-quantile (Q-Q) plots show strong alignment with the theoretical normal distribution. The Shapiro-Wilk (SW) and Kolmogorov-Smirnov (KS) tests achieve over 95% pass rates across various cell group sizes (32 bits and above), indicating high normality [29,30,31,32]. Kullback-Leibler (KL) divergence remains below 0.01, confirming near-identical distribution to an ideal Gaussian reference [33,34]. The system demonstrates robustness: the mean Hamming weight remains stable across temperatures, while standard deviation varies modestly (from σ = 12.1 at −20°C to σ = 8.9 at 100°C), attributed to temperature-dependent SRAM characteristics like data remanence and static noise margin [24,39,40]. Despite this, all normality metrics remain valid, proving environmental resilience. The Hamming weight extractor is implemented in both C (for microcontrollers) and HDL (for FPGAs/SoCs), showing low overhead and suitability for real-world PQC accelerators [25,26]. The approach eliminates the need for analog-to-digital converters, precomputed tables, or external entropy sources, making it ideal for resource-constrained platforms. The authors conclude that this SRAM-based generator provides a lightweight, statistically sound, and thermally robust solution for Gaussian noise in LWE-based PQC, with direct applicability to Kyber and NTRU algorithms [37,38]. Key Points: - The proposed method uses SRAM power-on randomness to generate Gaussian-distributed integers for post-quantum cryptography. - Instead of software-based samplers, it computes the Hamming weight of SRAM startup bits, leveraging intrinsic physical randomness. - The generator requires no analog components, large lookup tables, or external random number generators. - Experimental validation shows the output closely matches a Gaussian distribution, with KL divergence < 0.01 and >95% pass rates on SW and KS normality tests. - The system maintains Gaussian properties across a wide temperature range (−20°C to 100°C), demonstrating thermal robustness. - Mean Hamming weight remains stable across temperatures, while standard deviation increases slightly at lower temperatures. - The method is scalable and validated across different cell group sizes, with optimal performance at 32 bits or more. - Two implementation approaches—C for processors and HDL for FPGAs—are demonstrated, both with minimal overhead. - The technique is particularly suited for lattice-based PQC schemes like Kyber and NTRU that rely on Gaussian error sampling. - This approach enables secure, lightweight cryptographic implementations on embedded systems and SoCs in the post-quantum era. Notable Quotes: - "The LWE problem renders cryptanalysis infeasible for adversaries by introducing a Gaussian-distributed error term." - "By aggregating the start-up states of multiple SRAM cells and computing their Hamming weight, the proposed module efficiently generates integer values that follow a Gaussian normal distribution." - "The proposed Gaussian noise generator achieves direct Gaussian integer generation via Hamming weight extraction, eliminating the need for an additional entropy source, CDTs, RNGs, or analog circuitry." - "KL divergence values remain well below 0.01 across various conditions, indicating near-identical behavior relative to the ideal normal distribution." - "The mean Hamming weight remains nearly constant, while the standard deviation shifts modestly... indicating strong environmental resilience." - "The proposed SRAM-based Gaussian noise generator offers a lightweight, statistically validated, and thermally robust solution for PQC systems." - "Process variations influence whether the SRAM unit cell stabilizes in the logic '0' or '1' state, resulting in a statistical distribution that exhibits inherent unpredictability and unbiased characteristics, akin to a fair coin toss." Data Points: - Published: December 11, 2025 - Journal: Scientific Reports, volume 15, Article number: 43573 (2025) - SRAM chip model: IS62WV51216 (ISSI) - Microcontroller board: Open103Z (STM32) - Temperature range tested: −20°C to 100°C - KL divergence: < 0.01 across all conditions - Shapiro-Wilk test pass rate: >95% - Kolmogorov-Smirnov test pass rate: >95% - Optimal group size: 64 bits (lowest KL divergence) - Minimum effective group size: 32 bits (normality established) - Mean Hamming weight: ~129.8 (at 100°C) to 131.6 (at −20°C) - Standard deviation: σ = 12.1 at −20°C, σ = 8.9 at 100°C - Simulation tools: LTSPICE (circuit), MATLAB R2024b (statistical) - Funding: National Research Foundation of Korea (NRF) grants RS-2024-00449412, RS-2024-00334953, RS-2025-16063688 Controversial Claims: - The claim that SRAM-generated noise is sufficient for high-security PQC implementations may be debated, as long-term stability, aging effects, and potential predictability due to cell correlations (noted in [27,28]) could undermine security in adversarial scenarios. - While the paper claims 'no need for external RNGs or entropy sources,' this assumes SRAM startup randomness is irreproducible and uncorrelated—assumptions that may not hold under sophisticated physical attacks or environmental manipulation. - The assertion of 'practical and secure cryptographic implementations' may overstate readiness, as the study does not demonstrate integration into a full PQC protocol or resistance to side-channel attacks. - The use of Hamming weight extraction assumes independence among SRAM cells, but spatial correlations in manufacturing defects or temperature gradients could introduce bias, potentially affecting the Gaussian fidelity in real-world deployments. Technical Terms: - Post-Quantum Cryptography (PQC) - Learning with Errors (LWE) - Gaussian Noise - Static Random-Access Memory (SRAM) - Hamming Weight - Power-On State Randomness - Central Limit Theorem - Binomial Distribution - Quantile-Quantile (Q-Q) Plot - Shapiro-Wilk (SW) Test - Kolmogorov-Smirnov (KS) Test - Kullback-Leibler (KL) Divergence - Normality Testing - Physical Unclonable Function (PUF) - Field-Programmable Gate Array (FPGA) - System-on-Chip (SoC) - Static Noise Margin (SNM) - Data Remanence - Hardware Description Language (HDL) - Lattice-Based Cryptography - Code-Based Cryptography - Kyber and NTRU Algorithms —Ada H. Pemberley Dispatch from The Prepared E0