www.design-reuse-embedded.com

Secure True Random Number Generators for IoT
Request More Info
 
Silicon IPs

General Description

Overview
True Random Number Generators (TRNGs) are typically deployed in semiconductors for secure data communications, secure electronic transactions, and secure data storage. They are typically used for generation of keys, initialization vectors, cookies, and nonces. The TRNGs can also be used for statistical sampling, timers in communications protocols, as well as noise generation.

To provide a hardware-based, nondeterministic noise source the TRNG-IP-76 uses a state of the art reliable Shot Noise oscillator implementation allowing operation across very wide PVT ranges as encountered in modern small-feature size (45nm and below) semiconductors. The Shot Noise oscillators create unpredictable jittering output when asynchronously sampled by the system clock provided to the TRNGs. The outputs from the shot noise generators feed a complex, non-linear combinatorial circuit that produces the final TRNG output. This function is referred to as a hardware-implemented Non-deterministic Random Bit Generator (NRBG).

The TRNGs are designed for compliance with Federal Information Processing Standards (FIPS) Publication 140-2 and 140-4, facilitating system certification to this standard. NIST SP80-900 Deterministic Random Bit Generator are available for the required post processing.

Benefits
  • Silicon-proven implementation.
  • FIPS approved in Vault-IP
  • Fast and easy to integrate into SoCs.
  • Flexible layered design.
  • Complete range of configurations.
  • World-class technical support.
  • Driver Development Kit.

Technical Details

Key Features

All configurations operate with four or eight Free Running Oscillators (FROs). Standard configurations of the TRNG-IP-76 include:

  • TRNG-IP-76a-4: base configuration with 4 FROs
  • TRNG-IP-76d-4-SHA2: 4 FROs and DRBG
  • TRNG-IP-76d-4-BC_DF: 4 FROs, DRBG with BC_DF
  • TRNG-IP-76a-8: base configuration with 8 FROs
  • TRNG-IP-76d-8-SHA2: 8 FROs and DRBG
  • TRNG-IP-76d-8-BC_DF: 8 FROs, DRBG with BC_DF.

In addition to this base functionality, the TRNG-IP-76 offers several configurable options that are described in SP800-IP-90:

  • A SHA-2 based conditioning function, can be embedded in the NRBG. These conditioning functions append their previous output value to the Noise Source input string to smooth out variations in Noise Source behavior.
  • A Deterministic Random Bit Generator, (DRBG) using AES-256 as the underlying block cipher, can be added.

The TRNG-IP-76 is a Security Aware design:

  • Patented test circuits on the oscillators to detect locking to periodic signals.
  • Repeating output data detection on NRBG and DRBG (compliant with FIPS-140).
  • Hardware implemented Repetition Count and Adaptive Proportion tests on the Noise Source (compliant with FIPS-140).
  • Continuous tests on the Noise Source (compliant with AIS-31): monobit test , poker test , runs test , long runs test and Noise Source failure .
  • Secure random data buffer wipe-after-read and zeroize functions (compliant with FIPS-140).
  • Secure reading mode where data is only available on request, for a (configurable) limited time.
  • Automatic shutdown on fatal errors.
  • Various on-line and off-line integrity and known-answer tests on the Conditioning Function, DRBG and self-test circuits.

Block Diagram

Related Products

Partner with us

Visit our new Partnership Portal for more information.

Submit your material

Submit hot news, product or article.

List your Products

Suppliers, list and add your products for free.

© 2016 Design And Reuse

All Rights Reserved.

No portion of this site may be copied, retransmitted,
reposted, duplicated or otherwise used without the
express written permission of Design And Reuse.