True Random Number Generator (TRNG) IP
A hardware solution which generates random values
As the IoT has reached a level that merges with our lives, with explosive growth over the past few decades, communication and data security have become a main concern for any system. In order to achieve the needed level of security, various algorithms and methods which use random numbers have been developed. To make the encryption and decryption process more robust, some level of randomness must be used to make it unpredictable.
In the industry there are two types of random number generator:
- Deterministic Random Number Generator (DRBG) where the data is computed by an algorithm (usually a cryptographic algorithm).
- The advantage of this type of RNG is that it is compact and guarantees a good throughput.
- The disadvantage of this type of RNG is that the data is predictable.
- True Random Number Generator (TRNG)
- It does not exploit an algorithm but a physical source of entropy.
- The advantage of this type of RNG is that it is unpredictable
- The disadvantage of this kind of RNG is it’s slower than the deterministic one
The DRBG and TRNG must cooperate to ensure concrete security without neglecting performances. Secure-IC offers both True Random Number Generator (TRNG) resilient to harmonic injection for statistically independent sets of bits generation and Deterministic Random Bit Generator (DRBG) for high bitrates requirements. These random generators are compatible with commonly used statistical test suites.
Secure-IC’s TRNG is composed of 3 components:
- The entropy source which exploits electronic noise to provide raw random bits
- 2 types of entropy generation:
- Based on metastability
- Based on ring oscillator
- 2 types of entropy generation:
- Embedded test module which detects non-tolerable statistical defects of the entropy source’s output in compliance with the standard requirements.
- CTR-DRBG: Optional post-processing module which can be included to ensure a high throughput.
Secure-IC’s TRNG IP is compliant with multiple standards:
- AIS-31 PTG.1
- AIS-31 PTG.2
- AIS-31 PTG.3
- NIST FIPS 140-2
- NIST FIPS 140-3
- NIST SP 800-90B
- NIST SP 800-90C
- GM/T 0005-2012
- Passes NIST SP 800-22 and AIS-31 statistical tests
- Embeds a CTR-DRBG (SP 800-90A) that is CAVP validated
TRNG is particularly relevant for:
- One Time Pad cryptography
- Key generation
- Mask generation for Side-channel analysis protection
- Nonces involved in digital signature
- Algorithms initializations and timer applications:
- Optimization problems based on simulated annealing or genetic algorithms
- Neural networks training
- Numerical recipes, such as Monte-Carlo simulation or multidimensional integration
- Random timers in communications protocols
TRNG IP offers the following benefits
- Small
- Easy transferable to any design kit
- Robust against process, temperature and voltage variations
- Protection against power coupling
- Post-silicon fine tuning to ensure high-level functional safety
- Capability to mix two different entropies (RO, metastability) for a highly secure product
- Throughput
- Area
- Embedded statistical test
- Type of output
- A unique interface for control and data
- Two different interfaces for control and data