The TRNG-IP-76 is a FIPS-compliant and certified IP core for True Random Number Generation (TRNG) with an optional post-processor and several internal self-tests. Designed for easy integration into ASICs and SOCs, the 100% digital standard cell based TRNG-IP-76 provides a reliable and cost-effective embedded IP solution for our customer’s SoCs.
How the TRNG-IP-76 works
TRNGs are typically deployed in semiconductors for securing data communications, electronic transactions, and data storage. They are used for generation of keys, initialization vectors, cookies, and nonces. Additionally, TRNGs can also be used for statistical sampling, communications protocol timers, as well as noise generation.
To provide a hardware-based, nondeterministic noise source the TRNG-IP-76 uses a state of the art reliable free running oscillator (FRO) implementation.. This allows stable operation across very wide process, voltage, and temperature (PVT) ranges, as required for modern process node (45nm and below) semiconductors.
When running asynchronously, the FROs accumulate a timing jitter largely due to shot noise effects. When the signal is sampled, this jitter causes unpredictability of the outcome, thereby providing some entropy. These samples feed a complex, non-linear combinatorial circuit that produces the final TRNG output. This function is referred to as a hardware-implemented Non-deterministic Random Bit Generator (NRBG).
The TRNG-IP-76 is a security aware design:
- Patented test circuits on the oscillators that detect locking to periodic signals.
- Repeating output data detection on NRBG and DRBG (compliant with FIPS-140).
- Hardware-implemented health-tests, including ‘Repetition Count Test’ and ‘Adaptive Proportion Test’ (compliant with SP800-90B).
- Secure random data buffer wipe-after-read and zeroize functions (compliant with FIPS-140).
- Secure reading mode where data is only available on request, for a (configurable) limited time.
- Automatic shutdown on fatal errors.
- Various on-line and off-line integrity and known-answer tests on the Conditioning Function, DRBG and self-test circuits.
The TRNG-IP-76 is compliant with Federal Information Processing Standards (FIPS) Publication 140-3, facilitating system certification. The design is compliant with the latest versions for NIST SP800-90A/B/C. A NIST SP800-90 Deterministic Random Bit Generator (DRBG) is available for the required post processing. The TRNG-IP-76 is ESV certified and is FIPS-approved when integrated into Rambus Root of Trust solutions.
The TRNG-IP-76 is silicon proven, and its flexible, layered design makes it easy to integrate into SoCs. A driver development kit is included.
