PUFtrng Introduction

True randomness with efficient power consumption and high-speed throughput


A random number generator (RNG) is an essential function for security solutions. The security strength of many systems and applications depends on a high-quality RNG. The National Institute of Standards and Technology (NIST) has proposed in document NIST800- 90C the construction of a qualified RNG as a combination of true random number seeds, deterministic generator methods and post-processing algorithms. However, a true high-quality random seed is hard to design. An entropy source must provide ideal randomness and be derived from physical sources. Moreover, according to NIST regulations, four separate entropy sources are needed to construct a fully qualified true random number generator (TRNG).


Our PUFtrng leverages the perfect randomness of NeoPUF to generate the qualified TRNG without the need for high-quality entropy sources. This allows for a simpler design to generate random bits and leads to efficient power consumption as well. Moreover, our circuit design enables PUFtrng to have the same level of randomness without the need for additional data post-processing, leading to a high throughput bit rate.


True randomness with efficient power consumption and high-speed throughput: PUFtrng


A conventional TRNG requires high-quality entropy sources and post-processing algorithms to generate high-quality random number bits. Many factors should be considered to design such high-quality entropy sources such as operation conditions, entropy behavior, generation rate, etc. Moreover, to enhance security strength, these live seeds should be modified by an approved post-processing method before a consuming application uses them. The counter mode of the advanced encryption standard (AES-CTR) and hash (SHA2-256) function are the two post-processing algorithms used most frequently.

In contrast, PUFtrng uses an entropy-assisted design to achieve the required output randomness quality. PUFtrng only uses NeoPUF, a simple entropy source, and a conditioner for reseeding to create an entropy engine that reaches “true randomness.” NeoPUF is a fixed random number pool with an ideal Hamming weight of 0.5, which is used as the multiplier for both entropy source and entropy engine to increase the overall entropy quality. NeoPUF is the key contributor to the enhanced randomness of entropy engine output, making it a true random number generator. Due to the reliability of NeoPUF, randomness doesn’t change in different environments. Moreover, the entropy engine also includes a hardware conditioner to ensure the true randomness of its output bits.

螢幕快照 2019-07-02 下午1.32.53_已編輯.png



The design of a high-quality entropy source is always critical to a TRNG circuit. However, by using NeoPUF, a qualified TRNG can be achieved more easily. Derived from the ideal randomness of NeoPUF, the quality of any entropy source can be improved by blending it with NeoPUF. Therefore, ultra-high-quality entropy sources are no longer needed. This will reduce the time for live seed generation and the difficulty of entropy design.


In addition, cryptographic-based post-processing is replaced by a highly efficient NeoPUF blender. Due to the reliability of NeoPUF, randomness doesn’t change in different environments. Therefore, post-processing is no longer needed. Without the need for extra post-processing time, PUFtrng features high-speed throughput and efficient power consumption. Furthermore, unlike with some traditional live seeds, the ideal performance of PUFtrng is not limited to just one process node. Since NeoPUF has been qualified for many different processes. PUFtrng is available across all many process nodes from 150 nm to 7 nm. Lastly, by using the uniqueness of NeoPUF, every PUFtrng will have a different random number pool. Therefore, each PUFtrng will have its unique random bit generation.

Key Features

  • A PUF-based True Random Number Generator

  • Easy adoption in all platforms, from .15um to 7nm

  • Ultra-fast initial time / stabilization (ready in m-sec)

  • High-speed throughput (over 100Mbits/sec)

  • Ultra-low power consumption (lower than 1pJ/bit)

  • Suitable for lightweight and cost-effective IoT devices

  • Compliant with NIST SP800-22 and NIST SP800-90B with IID/restart test​

  • (Optional) Available NIST SP800-90A DRBG for over Gb/s random number generation