A random number generator (RNG) is an essential function for security solutions. The security strength of many systems and applications depends on a high quality RNG. The National Institute of Standards and Technology (NIST) has proposed in document NIST800- 90C the construction of a qualified RNG as a combination of true random number seeds, deterministic generator methods and post-processing algorithms. However, a true high-quality random seed is hard to design. An entropy source must provide ideal randomness and be derived from physical sources. Moreover, according to NIST regulations, four separate entropy sources are needed to construct a fully qualified true random number generator (TRNG).
Our PUFtrng leverages the perfect randomness of NeoPUF to generate the qualified TRNG without the need for high-quality entropy sources. This allows for a simpler design to generate random bits and leads to efficient power consumption as well. Moreover, our circuit design enables PUFtrng to have the same level of randomness without the need for additional data post processing, leading to a high throughput bit rate.
True randomness with efficient power consumption and high-speed throughput: PUFtrng
A conventional TRNG requires high-quality entropy sources and post-processing algorithms to generate high-quality random number bits. To design such high-quality entropy sources, many factors should be considered such as operation conditions, entropy behavior, generation rate, etc. Moreover, in order to enhance security strength, these live seeds should be modified by an approved post-processing method before they are used by a consuming application. The counter mode of the advanced encryption standard (AES-CTR) and hash (SHA2-256) function are the two post processing algorithms used most frequently.
In contrast, PUFtrng uses an entropy-assisted design to achieve the required output randomness quality. PUFtrng only uses NeoPUF, a simple entropy source, and a conditioner for reseeding to create an entropy engine that reaches “true randomness”. NeoPUF is a fixed random number pool with an ideal Hamming weight of 0.5, which is used as the multiplier for both entropy source and entropy engine to increase the overall entropy quality. NeoPUF is the key contributor for the enhanced randomness of entropy engine output, making it a true random number generator. Due to the reliability of NeoPUF, randomness doesn’t change in different environments. Moreover, the entropy engine also includes a hardware conditioner to ensure the true randomness of its output bits.
The design of a high-quality entropy source is always critical to a TRNG circuit. However, by using NeoPUF, a qualified TRNG can be achieved more easily. Derived from the ideal randomness of NeoPUF, the quality of any entropy source can be improved by blending it with NeoPUF. Therefore, ultra-high-quality entropy sources are no longer needed. This will reduce the time for live seed generation and the difficulty of entropy design.
In addition, cryptographic-based post processing is replaced by a highly efficient NeoPUF blender. Due to the reliability of NeoPUF, randomness doesn’t change in different environments. Therefore, post processing is no longer needed. Without the need for extra post processing time, PUFtrng features high-speed throughput and efficient power consumption. Furthermore, unlike with some traditional live seeds, the ideal performance of PUFtrng is not limited to just one process node. Since NeoPUF has been qualified for many different processes. PUFtrng is available across all many process nodes from 150 nm to 7 nm. Lastly, by using the uniqueness of NeoPUF, every PUFtrng will have a different random number pool. Therefore, each PUFtrng will have its unique random bit generation.
A PUF-based True Random Number Generator
Easy adoption in all platforms, from .15um to 7nm
Ultra-fast initial time / stabilization (ready in m-sec)
High-speed throughput (over 100Mbits/sec)
Ultra-low power consumption (lower than 1pJ/bit)
Suitable for lightweight and cost-effective IoT devices
Compliant with NIST SP800-22 and NIST SP800-90B with IID/restart test
(Optional) Available NIST SP800-90A DRBG for over Gb/s random number generation