CN117472327A - True random number generation method and circuit - Google Patents

True random number generation method and circuit Download PDF

Info

Publication number
CN117472327A
CN117472327A CN202311377754.4A CN202311377754A CN117472327A CN 117472327 A CN117472327 A CN 117472327A CN 202311377754 A CN202311377754 A CN 202311377754A CN 117472327 A CN117472327 A CN 117472327A
Authority
CN
China
Prior art keywords
data
random number
sequence
true random
bit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311377754.4A
Other languages
Chinese (zh)
Inventor
涂冰
乔栩
唐明桂
章书浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hexin Technology Co ltd
Shanghai Hexin Digital Technology Co ltd
Original Assignee
Hexin Technology Co ltd
Shanghai Hexin Digital Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hexin Technology Co ltd, Shanghai Hexin Digital Technology Co ltd filed Critical Hexin Technology Co ltd
Priority to CN202311377754.4A priority Critical patent/CN117472327A/en
Publication of CN117472327A publication Critical patent/CN117472327A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a true random number generation method and a circuit, wherein original data corresponding to all sensors in a chip sensor network are acquired, sampling bits of the original data are intercepted to obtain a data sample sequence, and the data sample sequence is subjected to randomness detection to obtain a randomness data sequence; performing data post-processing on the random data sequence to obtain a first true random number; compared with the prior art, the technical scheme of the invention does not need to adopt a special true random number generating circuit when generating the true random number, reduces the occupation of the chip area and reduces the chip cost.

Description

True random number generation method and circuit
Technical Field
The invention relates to the technical field of information security, in particular to a true random number generation method and a circuit.
Background
The true random number is widely applied to the fields of information security, analog analysis and the like, is obtained through a true random physical process, has uncertainty and unpredictability, and is a random physical process like atmospheric disturbance, white noise and the like.
In the prior art, in order to generate true random numbers, a digital chip generally adopts a special true random number generation circuit, and the circuit uses random physical variables in a digital integrated circuit, such as clock jitter generated by a crystal oscillator, to sample a high-frequency clock through a low-frequency clock so as to obtain random high level or low level; however, in the prior art, when designing a dedicated true random number generating circuit, the high random number generating circuit needs to occupy a certain area of a chip, resulting in an increase in chip cost.
Therefore, a true random number generating method is needed to solve the problem that the use of a dedicated true random number generating circuit in the prior art needs to occupy a certain area of a chip, resulting in increased cost.
Disclosure of Invention
The invention aims to solve the technical problems that: the method and the circuit for generating the true random number are provided, and a special true random number generating circuit is not needed when the true random number is generated, so that the occupation of the chip area is reduced, and meanwhile, the chip cost is reduced.
In order to solve the technical problems, the invention provides a true random number generation method, which comprises the following steps:
collecting original data corresponding to all sensors in a chip sensor network, intercepting sampling bits of the original data to obtain a data sample sequence, carrying out randomness detection on the data sample sequence, and obtaining a randomness data sequence after determining that the data sample sequence passes the randomness detection;
and carrying out data post-processing on the random data sequence to obtain a first true random number.
Furthermore, by utilizing all sensors in the existing chip sensor network, a special true random number generating circuit is not required to be additionally arranged to generate the true random number, the occupation of the chip area is reduced, the chip cost is reduced, meanwhile, the true random number can be efficiently generated by intercepting sampling bits and performing data post-processing on the original data, the randomness detection is performed on the original data, and the generated randomness data sequence can be ensured to have high true randomness.
The invention provides a true random number generation method, which further comprises the following steps after outputting the true random number:
the first true random number is used as a pseudorandom number generator seed, and the pseudorandom number generator seed is input into a pseudorandom number generator, so that the pseudorandom number generator generates a second true random number.
In one possible implementation manner, the collecting the raw data corresponding to all the sensors in the chip sensor network specifically includes:
acquiring original data corresponding to all sensors stored by a sensor module in a chip sensor network, wherein the original data corresponding to all sensors stored by the sensor module is acquired by the sensor module for data acquisition and data storage of all sensors;
wherein, all sensors include temperature detection sensor, voltage detection sensor, technology detection sensor and other types of detection sensor, the sensor module respectively with temperature detection sensor, voltage detection sensor, technology detection sensor and other types of detection sensor are connected.
Further, based on the connection relation between the sensor and the sensor module, the raw data collected by the sensor are stored in the sensor module, so that the data collected by various sensors are collected by utilizing the existing sensor network resources of the chip.
In one possible implementation manner, the method includes sampling bits of the original data to obtain a data sample sequence, and performing randomness detection on the data sample sequence, and specifically includes:
judging whether the original data is used as an entropy source, if so, arbitrarily selecting a preset number of bits in the original data, carrying out multi-sampling bit interception on the original data based on the preset number of bits to obtain a plurality of data samples, and carrying out splicing treatment on the plurality of data samples to obtain a data sample sequence;
counting a first probability of 0 in the data sample sequence, counting a second probability of 1 in the data sample sequence, calculating a probability difference value between the first probability and the second probability, and if the probability difference value is not larger than a preset probability difference threshold value, determining that the original data pass through the randomness detection, otherwise, determining that the original data do not pass through the randomness detection.
Further, whether the original data meets the entropy source requirement can verify the true randomness of the data, and the randomness detection can help to filter out the data which does not have enough randomness, so that the quality and the safety of the finally generated true random number are ensured; and the randomness in the original data can be quantitatively measured by selecting a preset number of bits in the process and then counting the occurrence probabilities of 0 and 1.
Further, by sampling bits of the original data, part of bits in the original data can be selected to be reserved as random data, so that the generated random data sequence still maintains high-quality randomness and is not influenced by non-random parts possibly existing in the original data; meanwhile, the random data sequence consists of sampling bits corresponding to each original data, and compared with the original data, sampling bits are intercepted, so that the data quantity and the storage space requirement can be reduced.
In one possible implementation manner, performing data post-processing on the random data sequence to obtain a first true random number, which specifically includes:
judging whether a mathematical operation function is opened or not based on the register configuration in the chip sensor network, and if so, performing mathematical operation on the random data sequence to obtain a first data sequence;
judging whether a von neumann data processing function is turned on, if so, performing von neumann data processing on the first data sequence to obtain a second data sequence;
judging whether the cryptographic algorithm function is opened, if so, carrying out cryptographic algorithm processing on the second data sequence to obtain a third data sequence, and taking the third data sequence as a first true random number.
Furthermore, based on the register configuration in the chip sensor network, mathematical operation processing, von neumann data processing and cryptography algorithm processing are performed on the random data sequence, so that the complexity and randomness of the data can be enhanced, the pseudorandom number generator seeds which are more complex, random and have high safety are obtained from the original random data sequence, and the quality and safety of the subsequently generated true random numbers are improved.
In one possible implementation manner, the mathematical operation processing is performed on the random data sequence to obtain a first data sequence, which specifically includes:
dividing every two adjacent bit data in the random data sequence to obtain a plurality of first bit data groups;
and performing exclusive-or processing on each first bit data set to obtain exclusive-or results corresponding to each first bit data set, and integrating all exclusive-or results to obtain a first data sequence.
In one possible implementation, the von neumann data processing is performed on the first data sequence to obtain a second data sequence, specifically including:
dividing every two adjacent bit data in the first data sequence to obtain a plurality of second bit data groups;
Classifying the plurality of first bit data sets into the same bit data set and different bit data sets based on whether two bit data in the second bit data set are the same;
classifying all the different bit data sets into a first arrangement data set and a second arrangement data set based on the arrangement order of two bit data in the different bit data sets;
outputting a first classification result corresponding to the second bit data group when the second bit data group is classified as the first arrangement data group, and outputting a second classification result corresponding to the second bit data group when the second bit data group is classified as the second arrangement data group;
and integrating all the first classification results and all the second classification results to obtain a second data sequence.
Further, by dividing and exclusive-or processing each two adjacent bit data, more operation operations and confusion can be introduced, so that the data sequence becomes more complex and random, meanwhile, by exclusive-or processing each first bit data group, some statistical rules and deviations can be removed, the correlation of the data is reduced, and the generated pseudo-random number sequence is more uniform and random.
Further, by dividing each two adjacent bit data in the first data sequence and classifying the bit data based on the identity and the arrangement sequence of the bit data, the data can be effectively classified, and the data can be processed differently based on different arrangement modes of the data to obtain different results, so that the data processing efficiency can be improved.
The invention also provides a true random number generating circuit, which comprises: the device comprises a sensor module, a data processing module and a true random number output module;
the sensor module is connected with the data processing module, and the data processing module is connected with the true random number output module;
the sensor module is used for connecting with a sensor in the chip sensor network;
the data processing module is used for collecting original data corresponding to all sensors in a chip sensor network, intercepting sampling bits of the original data to obtain a data sample sequence, carrying out randomness detection on the data sample sequence, obtaining a randomness data sequence after determining that the data sample sequence passes the randomness detection, and carrying out data post-processing on the randomness data sequence to obtain a first true random number;
The true random number output module is used for outputting a first true random number.
In one possible implementation, the data processing module is further configured to use the first true random number as a pseudorandom number generator seed, and input the pseudorandom number generator seed into the pseudorandom number generator to cause the pseudorandom number generator to generate a second true random number.
In one possible implementation manner, the sensor module is used for connecting sensors in a chip sensor network, wherein the sensors comprise a temperature detection sensor, a voltage detection sensor, a process detection sensor and other types of detection sensors;
the sensor module is used for being respectively connected with the temperature detection sensor, the voltage detection sensor, the process detection sensor and the other types of detection sensors.
In one possible implementation manner, the data processing module is configured to collect raw data corresponding to all sensors in the chip sensor network, and specifically includes:
and acquiring the original data corresponding to all the sensors stored by the sensor module in the chip sensor network, wherein the original data corresponding to all the sensors stored by the sensor module is acquired by the data acquisition and the data storage of all the sensors by the sensor module.
In one possible implementation manner, the data processing module comprises an entropy source judging unit, a sampling bit intercepting unit, a data splicing unit, a probability statistics unit and a probability difference value calculating unit;
the entropy source judging unit is used for judging whether the original data is used as an entropy source or not;
the sampling bit intercepting unit is used for arbitrarily selecting a preset number of bits in the original data when the original data is determined to be taken as an entropy source, and intercepting the sampling bits of the original data for a plurality of times based on the preset number of bits to obtain a plurality of data samples;
the data splicing unit is used for carrying out splicing processing on the plurality of data samples to obtain a data sample sequence;
the probability statistics unit is used for counting a first probability of 0 in the data sample sequence and a second probability of 1 in the data sample sequence;
the probability difference value calculation unit is configured to calculate a probability difference value between the first probability and the second probability, and if the probability difference value is not greater than a preset probability difference threshold value, determine that the original data passes the randomness detection, otherwise determine that the original data does not pass the randomness detection.
In one possible implementation, the data processing module further comprises a mathematical operation processing unit, a von neumann data processing unit, and a cryptographic algorithm processing unit;
the mathematical operation processing unit is used for judging whether a mathematical operation function is opened based on the register configuration in the chip sensor network, and if yes, performing mathematical operation processing on the random data sequence to obtain a first data sequence;
the von neumann data processing unit is configured to determine whether a von neumann data processing function is turned on, and if yes, perform von neumann data processing on the first data sequence to obtain a second data sequence;
and the cryptography algorithm processing unit is used for judging whether the cryptography algorithm function is opened, if so, carrying out cryptography algorithm processing on the second data sequence to obtain a third data sequence, and taking the third data sequence as a first true random number.
In one possible implementation, the mathematical operation processing unit includes a first bit data dividing subunit and an exclusive or processing subunit;
the first bit data dividing subunit is configured to divide every two adjacent bit data in the random data sequence to obtain a plurality of first bit data groups;
The exclusive-or processing subunit is configured to perform exclusive-or processing on each first bit data set to obtain an exclusive-or result corresponding to each first bit data set, and integrate all exclusive-or results to obtain a first data sequence.
In one possible implementation, the von neumann data processing unit includes a second bit data dividing subunit, a bit data sorting subunit, a bit data permutation subunit, a classification result generation subunit, and a second data sequence generation subunit;
the second bit data dividing subunit is configured to divide every two adjacent bit data in the first data sequence to obtain a plurality of second bit data groups;
the bit data classifying subunit is configured to classify the plurality of first bit data sets into the same bit data set and different bit data sets based on whether two bit data in the second bit data set are the same;
the bit data arrangement subunit is configured to classify all the different bit data sets into a first arrangement data set and a second arrangement data set based on an arrangement order of two bit data in the different bit data sets;
the classification result generation subunit is configured to output a first classification result corresponding to the second bit data set when the second bit data set is classified as the first permutation data set, and output a second classification result corresponding to the second bit data set when the second bit data set is classified as the second permutation data set;
And the second data sequence generation subunit is used for integrating all the first classification results and all the second classification results to obtain a second data sequence.
The invention provides a true random number generating circuit, which further comprises: a health check module;
the health check module is connected with the true random number output module;
the health checking module is used for checking whether the first true random number accords with a preset true random number standard.
The invention also provides a server comprising a processor, a memory and a computer program stored in the memory and configured to be executed by the processor, the processor implementing the true random number generation method according to any one of the preceding claims when executing the computer program.
Compared with the prior art, the true random number generation method and circuit provided by the embodiment of the invention have the following beneficial effects:
the method comprises the steps of acquiring original data corresponding to all sensors in a chip sensor network, intercepting sampling bits of the original data to obtain a data sample sequence, carrying out randomness detection on the data sample sequence, and obtaining a randomness data sequence after determining that the data sample sequence passes the randomness detection; performing data post-processing on the random data sequence to obtain a first true random number; compared with the prior art, the technical scheme of the invention does not need to adopt a special true random number generating circuit when generating the true random number, thereby reducing the occupation of the chip area and simultaneously reducing the chip cost; compared with the prior art, the technical scheme of the invention has the advantages that the original data corresponding to all sensors in the chip sensor network are acquired, the original data are acquired and randomly screened, the design of a special true random number generation circuit is avoided, the area of a chip is saved, the cost of the chip is reduced, the design difficulty of the chip circuit is also reduced, meanwhile, the randomness of the original data is enhanced based on the data processing module, the true random number meeting the requirements of people is obtained, and the high randomness and the usability of the generated random number are ensured.
Drawings
FIG. 1 is a flow chart of an embodiment of a true random number generation method provided by the present invention;
FIG. 2 is a schematic diagram of an embodiment of a true random number generating circuit according to the present invention;
FIG. 3 is a schematic diagram of sensor sample bit data interception for one embodiment provided by the present invention;
FIG. 4 is a schematic diagram of a data exclusive OR process according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of von Neumann data processing for one embodiment provided by the present invention;
FIG. 6 is a cryptographic algorithm processing schematic of one embodiment provided by the present invention;
fig. 7 is a schematic structural diagram of a true random number generating system according to another embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Embodiment 1, referring to fig. 1, fig. 1 is a schematic flow chart of an embodiment of a true random number generating method provided in the present invention, as shown in fig. 1, the method includes steps 101 to 104, specifically as follows:
Step 101: collecting original data corresponding to all sensors in a chip sensor network, intercepting sampling bits of the original data to obtain a data sample sequence, carrying out randomness detection on the data sample sequence, and obtaining a randomness data sequence after determining that the data sample sequence passes the randomness detection.
In an embodiment, the data processing module is connected to the sensor module, and the data processing module is used for collecting raw data corresponding to all sensors stored in the sensor module in the chip sensor network, where the raw data corresponding to all sensors stored in the sensor module is obtained by performing data collection and data storage on all sensors by the sensor module.
In one embodiment, the all sensors include temperature detection sensors, voltage detection sensors, process detection sensors, and other types of detection sensors.
In an embodiment, the sensor module is connected to the temperature detection sensor, the voltage detection sensor, the process detection sensor, and the other type of detection sensor, respectively.
In an embodiment, based on the data connection relationship between the sensor module and all the sensors, raw data collected by all the sensors are obtained, the obtained raw data are stored in the sensor module, and based on all the raw data, the working state of the chip is monitored.
In an embodiment, the chip sensor network may be a CPU sensor network, and preferably, the chip sensor network may also be other types of chips containing relatively abundant high-precision sensors.
In an embodiment, taking a CPU sensor network as an example, since a central processing unit (central processing unit, CPU) is one of chips and is responsible for executing instructions and processing data, in computer science, the CPU is considered as the heart of the whole computer system, because it is responsible for controlling the operation and decision of the computer, we have very high requirements on the stability and reliability of the CPU in practical application scenarios, therefore, a large number of various high-precision sensors including temperature monitoring sensors, voltage monitoring sensors, process monitoring sensors and the like are generally integrated in the chips, and various physical characteristics of the chips are monitored in real time through the sensor network, so that the safe operation of the chips is ensured; meanwhile, the high-precision sensors are physical processes of the monitoring chip, such as voltage fluctuation of a certain voltage domain of the monitoring chip is measured, and real voltage always fluctuates, so that the measured voltage value (unit volt) is random, the value behind a decimal point of the high-precision sensors is a voltage monitoring sensor with the precision of 0.0001 volt, the value of the fourth digit of the high-precision sensors after the decimal point is relatively random (the larger the N number of the nth digit after the decimal point is, the stronger the randomness is), and therefore the original data collected by the sensors can be used as an entropy source for random number generation.
In an embodiment, after the data processing module collects the original data corresponding to all the sensors in the sensor module, the randomness detection is further performed on the original data, so that the data with better randomness in the original data is screened out.
In an embodiment, before the randomness detection is performed on the raw data, any sensor is further configured based on the data acquisition module, and whether the raw data corresponding to any sensor is used as an entropy source is determined.
In an embodiment, when the original data is randomly detected, whether the original data is used as an entropy source is judged, if yes, a preset number of bits in the original data are selected at will, and based on the preset number of bits, the original data are subjected to multi-sampling bit interception to obtain a data sample sequence; the preset number of bits may be one bit or may be a plurality of bits, as shown in fig. 3, and fig. 3 is a schematic diagram of sensor sampling bit data interception.
In an embodiment, after the data sample sequence is obtained, the bit length of the data sample sequence is also obtained, if the bit length is not smaller than a preset bit length threshold, multiple collection of the original data is completed, otherwise, multiple sampling bit interception is continuously performed on the original data.
In an embodiment, if the original data is not the entropy source, stopping the randomness detection on the original data, and reselecting the original data until the original data is judged to be the entropy source or the original data corresponding to all the sensors is selected.
Specifically, when the original data corresponding to each sensor is subjected to randomness detection, firstly judging whether the original data corresponding to the current sensor is an entropy source or not, if not, stopping the randomness detection of the original data corresponding to the current sensor, and reselecting the original data corresponding to the other sensor to carry out the randomness detection; if the original data corresponding to the current sensor is judged to be an entropy source, the binary bit number corresponding to the original data is obtained, and one bit or a plurality of bits in the binary bit number are selected, if the binary bit number of the voltage value of a certain voltage sensor is 110010100101, one bit or a plurality of bits are selected through register configuration.
Specifically, for a certain bit or a certain number of bits corresponding to a certain selected sensor, the certain bit or the certain number of bits corresponding to the certain selected sensor are stored in a sensor original data storage module in a data processing module, and data corresponding to a certain bit or a certain number of bits in original data corresponding to the same sensor are collected for multiple times and accumulated to obtain a data sample sequence.
In an embodiment, a first probability of 0 appearing in the data sample sequence is counted, a second probability of 1 appearing in the data sample sequence is counted, a probability difference value between the first probability and the second probability is calculated, if the probability difference value is not larger than a preset probability difference threshold value, the original data is determined to pass through the randomness detection, and otherwise, the original data is determined not to pass through the randomness detection.
Specifically, a single-bit frequency detection method is adopted to count a first probability of 0 appearing in the data sample sequence and a second probability of 1 appearing in the data sample sequence, and the first probability and the second probability are used for judging whether the numbers of 0 and 1 appearing in the data sample sequence are similar or not.
In an embodiment, after the data sample sequence is determined to pass through the randomness detection, the data sample sequence is directly used as randomness data corresponding to the original data, and the randomness data corresponding to each original data is obtained; and performing splicing treatment on all the random data to obtain a random data sequence.
Specifically, the original data corresponding to each sensor is subjected to randomness detection, and all the randomness data sequences extracted from the original data corresponding to the sensors meeting the randomness detection are spliced to obtain the randomness data sequences.
Step 102: and carrying out data post-processing on the random data sequence to obtain a pseudo-random number generator seed.
In an embodiment, the random data sequence is subjected to a data post-processing, wherein the data post-processing comprises a data operation processing, a von neumann data processing and a cryptographic algorithm processing.
In an embodiment, based on a register configuration in the chip sensor network, judging whether a mathematical operation function is already turned on, if yes, performing mathematical operation processing on the random data sequence to obtain a first data sequence; judging whether a von neumann data processing function is turned on, if so, performing von neumann data processing on the first data sequence to obtain a second data sequence; judging whether the cryptographic algorithm function is opened, if so, carrying out cryptographic algorithm processing on the second data sequence to obtain a third data sequence, and taking the third data sequence as a first true random number.
In an embodiment, if the mathematical operation function is not turned on based on the register configuration in the chip sensor network, it is directly determined whether a von neumann data processing function is turned on, if the von neumann data processing function is not turned on, it is determined whether a cryptographic algorithm function is turned on, if yes, the cryptographic algorithm processing is performed on the random data sequence to obtain a fourth data sequence, and the fourth data sequence is used as a first true random number; if the von neumann data processing function is turned on, von neumann data processing is performed on the random data sequence to obtain a fifth data sequence, whether a cryptographic algorithm function is turned on is judged, if yes, the cryptographic algorithm processing is performed on the fifth data sequence to obtain a sixth data sequence, and the sixth data sequence is used as a first true random number; similarly, if the cryptographic algorithm function is not turned on, the fifth data sequence is directly used as the first true random number.
In one embodiment, after the first data sequence is obtained; if the von neumann data processing function is not turned on, judging whether the cryptographic algorithm function is turned on, if so, performing cryptographic algorithm processing on the first data sequence to obtain a seventh data sequence, taking the seventh data sequence as a pseudo-random number generator seed, and if not, directly taking the first data sequence as a first true random number.
In one embodiment, the second data sequence is obtained; if the cryptographic algorithm function is judged to be turned on, the second data sequence is used as a first true random number.
In one embodiment, when the first data sequence is obtained by performing mathematical operation on the random data sequence, a plurality of first bit data sets are obtained by dividing every two adjacent bit data in the random data sequence; and performing exclusive-or processing on each first bit data set to obtain exclusive-or results corresponding to each first bit data set, and integrating all exclusive-or results to obtain a first data sequence.
Specifically, dividing each two bits of the random data sequence into a group so as to obtain a plurality of first bit data groups, performing exclusive-or processing on two binary bits in each first bit data group, namely outputting single bit 0 when the input is double bit 00, outputting single bit 0 when the input is double bit 11, outputting single bit 1 when the input is double bit 10, outputting single bit 1 when the input is double bit 01, and obtaining a first data sequence based on the exclusive-or processing, wherein the sequence length of the first data sequence is half of the sequence length of the random data sequence; as shown in fig. 4, fig. 4 is a schematic diagram of a data exclusive or process;
In an embodiment, when the first data sequence is subjected to von neumann data processing to obtain a second data sequence, a plurality of second bit data sets are obtained by dividing every two adjacent bit data in the first data sequence; classifying the plurality of first bit data sets into the same bit data set and different bit data sets based on whether two bit data in the second bit data set are the same; classifying all the different bit data sets into a first arrangement data set and a second arrangement data set based on the arrangement order of two bit data in the different bit data sets; outputting a first classification result corresponding to the second bit data group when the second bit data group is classified as the first arrangement data group, and outputting a second classification result corresponding to the second bit data group when the second bit data group is classified as the second arrangement data group; and integrating all the first classification results and all the second classification results to obtain a second data sequence.
Specifically, dividing each two bits in the first data sequence into a group to obtain a plurality of second bit data groups, carrying out numerical value judgment processing on two binary bits of each second bit data group, classifying the two binary bits into the same bit data group if the two binary bits are the same, and classifying the two binary bits into different bit data groups if the two binary bits are different; for the second bit data group classified as the same bit data group, no data is output, for the second bit data group classified as different bit data groups, the arrangement sequence processing is carried out on two binary bits of each different bit data group, if the arrangement sequence is 01, the second bit data group is classified as a first arrangement data group, and if the arrangement sequence is 10, the second bit data group is classified as a second arrangement data group; it outputs single bit 0 for the second bit data group classified as the first arranged data group, outputs single bit 1 for the second bit data group classified as the second arranged data group, and integrates all output results to obtain a second data sequence, wherein the sequence length of the second data sequence is not more than half of the sequence length of the first data sequence, as shown in fig. 5, and fig. 5 is a von neumann data processing schematic diagram.
In an embodiment, when the second data sequence is processed by a cryptographic algorithm to obtain a third data sequence, hash value calculation is performed on the second data sequence based on a hash algorithm to obtain a hash value of the second data sequence, and the hash value is used as the third data sequence.
Specifically, the second data sequence is used as original data, and based on a common hash algorithm, such as MD5 algorithm, the original data of a long string is compressed to a sequence abstract value with a specific length to obtain a third data sequence; as shown in fig. 6, fig. 6 is a schematic diagram of the cryptographic algorithm process.
In an embodiment, after the first true random number is obtained, a health check module integrated in the data processing module is further used for checking whether the first true random number meets a preset true random number standard, and if yes, the first true random number is used as a finally output true random number.
In one embodiment, in addition to the detection of the first true random number by the health check module, the first true random number may be analyzed by a software tool.
Specifically, when the true random number is analyzed based on a software tool, the true random number is stored in a preset storage unit, the first true random number in the preset storage unit is read through the software tool, the first true random number is compared with the preset standard, a comparison result is output, and whether the first true random number meets the preset standard is determined based on the comparison result.
Preferably, for setting a true random number standard, mainly referring to a national standard GB/T32915-2016 information security technology binary sequence randomness detection method or a NIST SP 800-90B standard, considering hardware implementation complexity, a hardware inspection module is used for realizing test items which are easy to realize such as single bit frequency detection, autocorrelation detection and the like according to standard requirements, for the complex test items, the acquired random number sequence is read by software and tested and evaluated, and configuration parameters such as selection of a sensor sampling value and the like are adjusted according to the evaluated result.
Preferably, after the first true random number is obtained, the first true random number is used as a pseudorandom number generator seed, and the pseudorandom number generator seed is input into a pseudorandom number generator, so that the pseudorandom number generator generates a second true random number.
In an embodiment, after the pseudo random number generator outputs the second true random number, the health checking module also detects the second true random number, and checks whether the second true random number meets a preset true random number standard, if yes, the second true random number is used as a finally output true random number.
In one embodiment, in addition to the detection of the second true random number by the health check module, the second true random number may be analyzed by a software tool.
Specifically, when the true random number is analyzed based on a software tool, the true random number is stored in a preset storage unit, the second true random number in the preset storage unit is read through the software tool, the second true random number is compared with the preset standard, a comparison result is output, and whether the second true random number meets the preset standard is determined based on the comparison result.
Preferably, the preset storage unit includes a register set in a chip, a storage unit in the chip, and an external DDR memory.
In summary, the true random number generating method provided in this embodiment is based on sampling a random physical analog signal by using a sensor existing in a chip, storing different sensors by a chip sensor module to provide an original random number, collecting and randomly screening the original data by a data processing module, avoiding designing a dedicated true random number generating circuit, saving the area of the chip, reducing the cost of the chip and the design difficulty of the chip circuit on the premise of realizing the same function, and enhancing the randomness of the original data based on the data processing module to obtain the true random number meeting the needs of us, thereby ensuring the high randomness and usability of the generated random number.
Embodiment 2, referring to fig. 2, fig. 2 is a schematic structural diagram of an embodiment of a true random number generating circuit provided by the present invention, and as shown in fig. 2, the circuit includes a sensor module 201, a data processing module 202, and a true random number output module 203, specifically as follows:
the sensor module 201 is connected to the data processing module 202, and the data processing module 202 is connected to the true random number output module 203.
The sensor module 201 is configured to connect to a sensor in a chip sensor network.
The data processing module 202 is configured to collect raw data corresponding to all sensors in a chip sensor network, sample bits of the raw data to obtain a data sample sequence, detect randomness of the data sample sequence, obtain a randomness data sequence after determining that the data sample sequence passes the randomness detection, and perform data post-processing on the randomness data sequence to obtain a first true random number.
The true random number output module 203 is configured to output a first true random number.
In one embodiment, the data processing module 202 is further configured to use the first true random number as a pseudorandom number generator seed, and input the pseudorandom number generator seed into the pseudorandom number generator to enable the pseudorandom number generator to generate a second true random number.
In an embodiment, the sensor module 201 is configured to connect to a sensor in a chip sensor network, where the sensor includes a temperature sensor, a voltage sensor, a process sensor, and other types of sensors.
In an embodiment, the sensor module 201 is configured to be connected to the temperature detecting sensor, the voltage detecting sensor, the process detecting sensor, and the other types of detecting sensors, respectively.
In one embodiment, the data processing module 202 includes an entropy source determining unit 2021, a sampling bit clipping unit 2022, a data stitching unit 2023, a probability statistics unit 2024, and a probability difference calculating unit 2025.
In an embodiment, the entropy source determining unit 2021 is configured to determine whether to use the original data as an entropy source.
In an embodiment, the sampling bit clipping unit 2022 is configured to, when determining that the original data is used as an entropy source, arbitrarily select a preset number of bits in the original data, and based on the preset number of bits, perform sampling bit clipping on the original data multiple times to obtain multiple data samples.
In one embodiment, the data stitching unit 2023 is configured to perform stitching on the plurality of data samples to obtain a data sample sequence.
In one embodiment, the probability statistics unit 2024 is configured to count a first probability of occurrence of 0 in the data sample sequence, and count a second probability of occurrence of 1 in the data sample sequence.
In an embodiment, the probability difference calculating unit 2025 is configured to calculate a probability difference between the first probability and the second probability, and determine that the original data passes the randomness detection if the probability difference is not greater than a preset probability difference threshold, or determine that the original data does not pass the randomness detection if the probability difference is not greater than the preset probability difference threshold.
In an embodiment, the data processing module 202 further comprises a mathematical operation processing unit 2026, a von neumann data processing unit 2027, and a cryptographic algorithm processing unit 2028.
In an embodiment, the mathematical operation processing unit 2026 is configured to determine, based on a register configuration in the on-chip sensor network, whether a mathematical operation function is already turned on, and if yes, perform mathematical operation processing on the random data sequence to obtain a first data sequence.
In an embodiment, the von neumann data processing unit 2027 is configured to determine whether the von neumann data processing function is turned on, and if so, perform von neumann data processing on the first data sequence to obtain a second data sequence.
In one embodiment, the cryptographic algorithm processing unit 2028 is configured to determine whether a cryptographic algorithm function is turned on, and if so, perform cryptographic algorithm processing on the second data sequence to obtain a third data sequence, and use the third data sequence as the first true random number.
In one embodiment, the mathematical operation processing unit 2026 includes a first bit data dividing subunit 20261 and an exclusive or processing subunit 20262.
In one embodiment, the first bit data dividing subunit 20261 is configured to divide every two adjacent bit data in the random data sequence to obtain a plurality of first bit data groups.
In an embodiment, the xor processing subunit 20262 is configured to perform xor processing on each first bit data set to obtain an xor result corresponding to each first bit data set, and integrate all the xor results to obtain the first data sequence.
In an embodiment, the von neumann data processing unit 2027 includes a second bit data division subunit 20271, a bit data classification subunit 20272, a bit data permutation subunit 20273, a classification result generation subunit 20274, and a second data sequence generation subunit 20275.
In an embodiment, the second bit data dividing subunit 20271 is configured to divide every two adjacent bit data in the first data sequence to obtain a plurality of second bit data groups.
In an embodiment, the bit data classifying subunit 20272 is configured to classify the plurality of first bit data groups into the same bit data group and different bit data groups based on whether two bit data in the second bit data group are the same.
In an embodiment, the bit data arrangement subunit 20273 is configured to classify all the different bit data groups into the first arranged data group and the second arranged data group based on the arrangement order of the two bit data in the different bit data groups.
In an embodiment, the classification result generating subunit 20274 is configured to output a first classification result corresponding to the second bit data set when the second bit data set is classified as the first arranged data set, and output a second classification result corresponding to the second bit data set when the second bit data set is classified as the second arranged data set.
In an embodiment, the second data sequence generating subunit 20275 is configured to integrate all the first classification results and all the second classification results to obtain the second data sequence.
The true random number generation circuit provided in this embodiment further includes: the health check module 204.
In one embodiment, the health checking module 204 is connected to the true random number output module 203; the health checking module 204 is configured to check whether the first true random number meets a preset true random number standard.
A specific implementation of a true random number generating circuit in this embodiment is illustrated by using a CPU sensor network as a chip sensor network:
a CPU is a type of chip that is responsible for executing instructions and processing data, and in computer science, is considered the heart of a whole computer system because it is responsible for controlling the operations and decisions of a computer. In practical application, the CPU has high stability and reliability, so that a large number of various high-precision sensors including temperature monitoring sensors, voltage monitoring sensors, process monitoring sensors and the like are integrated in a chip, and various physical characteristics of the chip are monitored in real time through the sensor network, so that the safe operation of the chip is ensured.
Because these high-precision sensors are physical processes of the monitoring chip, such as measuring voltage fluctuation of a certain voltage domain of the chip, and the actual voltage always fluctuates, the measured voltage value (unit volt) is random, the value behind the decimal point is a voltage monitoring sensor with precision of 0.0001 volt, and the value of the fourth digit after the decimal point has better randomness (the larger the N number of the nth digit after the decimal point, the stronger the randomness) and can be used as an entropy source for generating true random numbers.
As shown in fig. 7, a schematic diagram of still another structure of a true random number generating circuit according to the present invention is provided, where a sensor module is connected to a left side of the sensor module, such as a temperature monitoring sensor, a voltage monitoring sensor, a process monitoring sensor, and other types of monitoring sensors, and the temperature monitoring sensor, the voltage monitoring sensor, the process detecting sensor, and the other types of sensors are integrated with the sensor module, so that the sensor module can collect data from each connected sensor, and use the collected data for monitoring the working state of a chip.
And as can be seen from fig. 7, the sensor module is further connected with the data processing module, and based on the connection relationship between the sensor module and the data processing module, the original data of each sensor is transmitted to the data processing module for generating true random numbers, and the sensor module and various monitoring sensors are multiplexed to replace a special entropy source circuit.
When the data processing module receives the original data corresponding to all the sensors sent by the sensor module, sampling bits of the original data are intercepted, and primary screening of the original data is realized; in the process, effective data of a sensor to be acquired is set through register configuration, for the sensor m (1 < = m < = N, m is an integer), through randomness monitoring, a certain bit or a plurality of bits in a sampling value of the sensor m are considered to have better randomness, only specific bits of the sensor m can be acquired through configuration selection and sent to a next-stage data processing module for processing, and if any bit of the sampling value of the sensor does not have better randomness, the acquisition of the data of the sensor can be forbidden.
When the original data is monitored randomly, each accessed sensor can be configured: first, whether to use the value of the sensor as an entropy source; secondly, if the entropy source is selected, for the original data corresponding to the sensor, one bit or a plurality of bits are selected according to binary values, for example, if the voltage of a certain voltage sensor is monitored to be a binary bit number 110010100101 (converted into decimal and multiplied by the voltage value with the precision being decimal), then one bit or a plurality of bits are selected through register configuration, and then simple randomness detection is carried out; the randomness detection standard is a binary sequence randomness detection method based on the national standard GB/T32915-2016 information security technology, for a certain bit or a certain bit of a certain selected sensor, the binary sequence randomness detection method is stored into a sensor original data storage module in a data acquisition module, the data are accumulated by acquiring a certain bit or a certain bit of the same sensor value for a plurality of times, when the bit length of the sample sequence reaches a certain value, the random detection standard can count whether the numbers of 0 and 1 of the series of binary sample sequences are similar according to the single-bit frequency detection method in the national standard, and of course, the relevant parameters (the bit length and the significance level of the sample sequence are both defined in the national standard) can be customized through register configuration or the recommended value in the national standard is adopted, so that the follow-up data processing module can not completely accord with the national standard; when the data sample sequence passes the randomness detection, the data sample sequence can be considered to meet the expectations of the user, and can be sent to a data processing module for processing, and the data sample sequence which does not pass the randomness detection is discarded; preferably, the raw data may be randomly detected for any other sensor according to the steps described above, so as to obtain a valid random data sequence.
The data processing module also performs data post-processing on the obtained random data sequence, wherein the data post-processing comprises mathematical operation processing Exclusive-OR, von Neumann data processing Von Neumann and cryptographic algorithm processing Cryptographic algorithm, and the method can compress bits without randomness by processing the original data, so that the randomness of the output bits is enhanced.
The data post-processing process comprises the steps of (1) and (4): step (1), whether an Exclusive-OR function is opened OR not through register configuration, if not, jumping to step (2) for processing, if so, processing the sample sequence through an Exclusive-OR function module, wherein the processing principle is that each two bits of the sample sequence are divided into a group, the two binary bits of each group are subjected to Exclusive-OR processing, a single bit 0 is output when a double bit 00 is input, a single bit 0 is output when a double bit 11 is input, a single bit 1 is output when a double bit 10 is input, a single bit 1 is output when a double bit 01 is input, and the finally output sample sequence has half length of the input.
Step (2), whether the Von Neumann function is opened or not is configured through a register, if not, the processing is carried out in step (3), if so, the sample sequence is processed through the Von Neumann function module, the processing principle is that every two bits of the sample sequence are divided into a group, the numerical value judgment processing is carried out on two binary bits of each group, if the two binary bits are input in a double-bit 00 or 11 mode, no data is output, if the two binary bits are input in a double-bit 01 mode, the single-bit 0 mode is output, if the two binary bits are input in a double-bit 10 mode, the single-bit 1 mode is output, and the finally output sample sequence is only half of the length of the input at most;
Step (3), whether the Cryptographic algorithm function is opened or not through register configuration, if not, jumping to step (4) for processing, and if so, processing the sample sequence through a Cryptographic algorithm function module, wherein some commonly used hash algorithms, such as MD5, can be selected to compress the sample sequence of the long string to a sample sequence abstract value of a specific length;
and (4) judging whether the sample sequence or the sample sequence abstract value meets a certain standard through a health check module integrated in a data processing module, and directly using or serving as a seed of a PRNG pseudo-random number generator after passing the standard, and outputting a random number through a PRNG.
After the above-mentioned problem is processed in the first processing steps (1), (2) and (3), according to step (4), we need to judge whether the random number meets a certain standard through a hardware inspection module integrated in a data processing module to judge that the random number is the true random number meeting the requirement finally output, of course, the generated random number can be analyzed through a software tool, the circuit is finally ensured to be usable, the standard mainly refers to the national standard GB/T32915-2016 information security technology binary sequence randomness detection method or the NIST SP 800-90B standard (compared with the past standard, the NIST SP 800-90B standard makes clear requirements on the generation of random numbers), considering the complexity of hardware implementation, we realize test items which are easier to realize such as single-bit frequency detection, autocorrelation detection and the like according to the standard requirements on the hardware inspection module, for the complex test items, we read the obtained random number sequence through software and test and evaluate, and adjust the configuration parameters such as selection and the like for the sensor sampling value through the evaluated result.
The original random numbers are provided by different sensors in the CPU chip sensor network, the randomness of the original data is enhanced by the data processing module, so that the true random numbers meeting the demands of people can be obtained.
In summary, this embodiment provides a true random number generation circuit, acquire original data through the data acquisition module based on the sensor module, and screen original data, avoided designing dedicated true random number generation circuit, under the prerequisite of realizing the same function, practiced thrift the area of chip, reduced the chip cost, also reduced the design degree of difficulty of chip circuit, simultaneously, strengthen the randomness of original data based on the data processing module, obtain the true random number that accords with our needs, guaranteed the high randomness and the usability of random number that generates.
It will be clear to those skilled in the art that, for convenience and brevity of description, the specific operation of the above-described circuit may refer to the corresponding process in the foregoing method embodiment, which is not described herein in detail.
It should be noted that the above embodiment of the true random number generating circuit is merely illustrative, where the modules described as separate components may or may not be physically separated, and components shown as modules may or may not be physical units, may be located in one place, or may be distributed over multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
On the basis of the embodiment of the true random number generation method, another embodiment of the present invention provides a true random number generation server, which includes a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, where the processor executes the computer program to implement the true random number generation method of any one of the embodiments of the present invention.
Illustratively, in this embodiment the computer program may be partitioned into one or more modules, which are stored in the memory and executed by the processor to perform the present invention. The one or more modules may be a series of computer program instruction segments capable of performing a specified function, the instruction segments describing the execution of the computer program in the true random number generating server.
The true random number generation server can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing devices. The true random number generation server may include, but is not limited to, a processor, a memory.
The processor may be a central processing unit (Central Processing Unit, CPU), other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is a control center of the true random number generation server, and connects various parts of the entire true random number generation server using various interfaces and lines.
The memory may be used to store the computer program and/or module, and the processor may implement various functions of the true random number generation server by running or executing the computer program and/or module stored in the memory and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the cellular phone, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, memory, plug-in hard disk, smart Media Card (SMC), secure Digital (SD) Card, flash Card (Flash Card), at least one disk storage device, flash memory device, or other volatile solid-state storage device.
On the basis of the embodiment of the true random number generation method, another embodiment of the invention provides a storage medium, which comprises a stored computer program, wherein when the computer program runs, a device where the storage medium is controlled to execute the true random number generation method according to any embodiment of the invention.
In this embodiment, the storage medium is a computer-readable storage medium, and the computer program includes computer program code, where the computer program code may be in a source code form, an object code form, an executable file, or some intermediate form, and so on. The computer readable medium may include: any entity or circuitry capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. It should be noted that the computer readable medium contains content that can be appropriately scaled according to the requirements of jurisdictions in which such content is subject to legislation and patent practice, such as in certain jurisdictions in which such content is subject to legislation and patent practice, the computer readable medium does not include electrical carrier signals and telecommunication signals.
In summary, according to the true random number generation method and circuit provided by the invention, through collecting the original data corresponding to all sensors in the chip sensor network, the original data is subjected to randomness detection, and after the original data is determined to pass the randomness detection, sampling bits are intercepted on the original data, so that a randomness data sequence is obtained; performing data post-processing on the random data sequence to obtain a pseudo-random number generator seed; inputting the pseudo-random number generator seed into a pseudo-random number generator so that the pseudo-random number generator outputs a true random number; compared with the prior art, the technical scheme of the invention does not need to adopt a special true random number generating circuit when generating the true random number, reduces the occupation of the chip area and reduces the chip cost.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that modifications and substitutions can be made by those skilled in the art without departing from the technical principles of the present invention, and these modifications and substitutions should also be considered as being within the scope of the present invention.

Claims (13)

1. A true random number generation method, comprising:
collecting original data corresponding to all sensors in a chip sensor network, intercepting sampling bits of the original data to obtain a data sample sequence, carrying out randomness detection on the data sample sequence, and obtaining a randomness data sequence after determining that the data sample sequence passes the randomness detection;
and carrying out data post-processing on the random data sequence to obtain a first true random number.
2. The true random number generation method of claim 1, wherein collecting raw data corresponding to all sensors in a chip sensor network specifically comprises:
acquiring original data corresponding to all sensors stored by a sensor module in a chip sensor network, wherein the original data corresponding to all sensors stored by the sensor module is acquired by the sensor module for data acquisition and data storage of all sensors;
Wherein, all sensors include temperature detection sensor, voltage detection sensor, technology detection sensor and other types of detection sensor, the sensor module respectively with temperature detection sensor, voltage detection sensor, technology detection sensor and other types of detection sensor are connected.
3. The method for generating true random numbers according to claim 1, wherein the step of performing data post-processing on the random data sequence to obtain a first true random number comprises:
judging whether a mathematical operation function is opened or not based on the register configuration in the chip sensor network, and if so, performing mathematical operation on the random data sequence to obtain a first data sequence;
judging whether a von neumann data processing function is turned on, if so, performing von neumann data processing on the first data sequence to obtain a second data sequence;
judging whether the cryptographic algorithm function is opened, if so, carrying out cryptographic algorithm processing on the second data sequence to obtain a third data sequence, and taking the third data sequence as a first true random number.
4. A method for generating true random numbers according to claim 3, wherein the mathematical operation is performed on the random data sequence to obtain a first data sequence, and the method specifically comprises:
dividing every two adjacent bit data in the random data sequence to obtain a plurality of first bit data groups;
and performing exclusive-or processing on each first bit data set to obtain exclusive-or results corresponding to each first bit data set, and integrating all exclusive-or results to obtain a first data sequence.
5. A method of true random number generation according to claim 3, wherein the first data sequence is von neumann data processed to obtain a second data sequence, comprising:
dividing every two adjacent bit data in the first data sequence to obtain a plurality of second bit data groups;
classifying the plurality of first bit data sets into the same bit data set and different bit data sets based on whether two bit data in the second bit data set are the same;
classifying all the different bit data sets into a first arrangement data set and a second arrangement data set based on the arrangement order of two bit data in the different bit data sets;
Outputting a first classification result corresponding to the second bit data group when the second bit data group is classified as the first arrangement data group, and outputting a second classification result corresponding to the second bit data group when the second bit data group is classified as the second arrangement data group;
and integrating all the first classification results and all the second classification results to obtain a second data sequence.
6. A true random number generation circuit, comprising: the device comprises a sensor module, a data processing module and a true random number output module;
the sensor module is connected with the data processing module, and the data processing module is connected with the true random number output module;
the sensor module is used for connecting with a sensor in the chip sensor network;
the data processing module is used for collecting original data corresponding to all sensors in a chip sensor network, intercepting sampling bits of the original data to obtain a data sample sequence, carrying out randomness detection on the data sample sequence, obtaining a randomness data sequence after determining that the data sample sequence passes the randomness detection, and carrying out data post-processing on the randomness data sequence to obtain a first true random number;
The true random number output module is used for outputting a first true random number.
7. The true random number generating circuit of claim 6, wherein the data processing module is further configured to seed the first true random number as a pseudorandom number generator and input the pseudorandom number generator seed into the pseudorandom number generator to cause the pseudorandom number generator to generate a second true random number.
8. The true random number generating circuit according to claim 6, wherein the data processing module comprises an entropy source judging unit, a sampling bit intercepting unit, a data splicing unit, a probability statistics unit and a probability difference value calculating unit;
the entropy source judging unit is used for judging whether the original data is used as an entropy source or not;
the sampling bit intercepting unit is used for arbitrarily selecting a preset number of bits in the original data when the original data is determined to be taken as an entropy source, and intercepting the sampling bits of the original data for a plurality of times based on the preset number of bits to obtain a plurality of data samples;
the data splicing unit is used for carrying out splicing processing on the plurality of data samples to obtain a data sample sequence;
The probability statistics unit is used for counting a first probability of 0 in the data sample sequence and a second probability of 1 in the data sample sequence;
the probability difference value calculation unit is configured to calculate a probability difference value between the first probability and the second probability, and if the probability difference value is not greater than a preset probability difference threshold value, determine that the original data passes the randomness detection, otherwise determine that the original data does not pass the randomness detection.
9. The true random number generating circuit of claim 6, wherein the data processing module further comprises a mathematical operation processing unit, a von neumann data processing unit, and a cryptographic algorithm processing unit;
the mathematical operation processing unit is used for judging whether a mathematical operation function is opened based on the register configuration in the chip sensor network, and if yes, performing mathematical operation processing on the random data sequence to obtain a first data sequence;
the von neumann data processing unit is configured to determine whether a von neumann data processing function is turned on, and if yes, perform von neumann data processing on the first data sequence to obtain a second data sequence;
And the cryptography algorithm processing unit is used for judging whether the cryptography algorithm function is opened, if so, carrying out cryptography algorithm processing on the second data sequence to obtain a third data sequence, and taking the third data sequence as a first true random number.
10. The true random number generating circuit of claim 9, wherein said mathematical operation processing unit includes a first bit data dividing subunit and an exclusive or processing subunit;
the first bit data dividing subunit is configured to divide every two adjacent bit data in the random data sequence to obtain a plurality of first bit data groups;
the exclusive-or processing subunit is configured to perform exclusive-or processing on each first bit data set to obtain an exclusive-or result corresponding to each first bit data set, and integrate all exclusive-or results to obtain a first data sequence.
11. The true random number generating circuit of claim 9, wherein the von neumann data processing unit includes a second bit data division subunit, a bit data classification subunit, a bit data permutation subunit, a classification result generation subunit, and a second data sequence generation subunit;
The second bit data dividing subunit is configured to divide every two adjacent bit data in the first data sequence to obtain a plurality of second bit data groups;
the bit data classifying subunit is configured to classify the plurality of first bit data sets into the same bit data set and different bit data sets based on whether two bit data in the second bit data set are the same;
the bit data arrangement subunit is configured to classify all the different bit data sets into a first arrangement data set and a second arrangement data set based on an arrangement order of two bit data in the different bit data sets;
the classification result generation subunit is configured to output a first classification result corresponding to the second bit data set when the second bit data set is classified as the first permutation data set, and output a second classification result corresponding to the second bit data set when the second bit data set is classified as the second permutation data set;
and the second data sequence generation subunit is used for integrating all the first classification results and all the second classification results to obtain a second data sequence.
12. The true random number generating circuit of claim 6, further comprising: a health check module;
the health check module is connected with the true random number output module;
the health checking module is used for checking whether the first true random number accords with a preset true random number standard.
13. A server comprising a processor, a memory and a computer program stored in the memory and configured to be executed by the processor, the processor implementing the true random number generation method according to any one of claims 1 to 5 when the computer program is executed.
CN202311377754.4A 2023-10-23 2023-10-23 True random number generation method and circuit Pending CN117472327A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311377754.4A CN117472327A (en) 2023-10-23 2023-10-23 True random number generation method and circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311377754.4A CN117472327A (en) 2023-10-23 2023-10-23 True random number generation method and circuit

Publications (1)

Publication Number Publication Date
CN117472327A true CN117472327A (en) 2024-01-30

Family

ID=89624822

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311377754.4A Pending CN117472327A (en) 2023-10-23 2023-10-23 True random number generation method and circuit

Country Status (1)

Country Link
CN (1) CN117472327A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1199892A (en) * 1997-05-20 1998-11-25 安尼株式会社 Encryption communication system for generating passwords on basis of start information on both parties of communication
CN104133658A (en) * 2014-07-29 2014-11-05 江苏宏云技术有限公司 On-chip true random number generator
CN106027238A (en) * 2016-06-30 2016-10-12 中国电子科技集团公司第五十四研究所 True random number generator applicable to wireless communication system
CN112580077A (en) * 2020-12-21 2021-03-30 歌尔光学科技有限公司 Information processing method, device, equipment and storage medium
CN116467677A (en) * 2023-04-14 2023-07-21 微位(深圳)网络科技有限公司 Random number entropy source quality measurement method and device, electronic equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1199892A (en) * 1997-05-20 1998-11-25 安尼株式会社 Encryption communication system for generating passwords on basis of start information on both parties of communication
CN104133658A (en) * 2014-07-29 2014-11-05 江苏宏云技术有限公司 On-chip true random number generator
CN106027238A (en) * 2016-06-30 2016-10-12 中国电子科技集团公司第五十四研究所 True random number generator applicable to wireless communication system
CN112580077A (en) * 2020-12-21 2021-03-30 歌尔光学科技有限公司 Information processing method, device, equipment and storage medium
CN116467677A (en) * 2023-04-14 2023-07-21 微位(深圳)网络科技有限公司 Random number entropy source quality measurement method and device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
Soto Statistical testing of random number generators
CN100576174C (en) The possible prime number that the check password is used
Moini et al. Power side-channel attacks on BNN accelerators in remote FPGAs
CN100480990C (en) Monobit-run frequency on-line randomness test
CN104751055A (en) Method, device and system for detecting distributed malicious codes on basis of textures
CN108304322B (en) Pressure testing method and terminal equipment
CN113052577A (en) Method and system for estimating category of virtual address of block chain digital currency
CN103282950A (en) Arithmetical device, arithmetical device elliptical scalar multiplication method and elliptical scalar multiplication program, arithmetical device multiplicative operation method and multiplicative operation program, as well as arithmetical device zero determination method and zero determination program
JP5831203B2 (en) Individual information generation apparatus, encryption apparatus, authentication system, and individual information generation method
US9836280B2 (en) Arrangement and method for checking the entropy of a random number sequence
Sönmez Turan et al. On independence and sensitivity of statistical randomness tests
CN104778029A (en) Method for generating an output of a random source of a random generator
US7853010B2 (en) Testing of an algorithm executed by an integrated circuit
CN105678083A (en) Rapid detection method capable of performing single-bit frequency detection and frequency detection within block
Vasicek et al. Evaluation of a new platform for image filter evolution
CN115686437A (en) Random number generation method and device, computer equipment and storage medium
CN117472327A (en) True random number generation method and circuit
Park et al. Analysis of entropy estimator of true random number generation using beta source
CN106936561B (en) Side channel attack protection capability assessment method and system
CN113632063A (en) Device and method for testing sequences generated by a random number generator
CN100480989C (en) Gap average on-line randomness test
Vaskova et al. Accelerating secure circuit design with hardware implementation of diehard battery of tests of randomness
Luengo et al. Further analysis of the statistical independence of the NIST SP 800-22 randomness tests
Harrison et al. Experimental validation of a chaotic jerk circuit based true random number generator
CN109255771B (en) Image filtering method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination