CN110045946B - Random number generator, self-checking module and self-checking method of random number generator - Google Patents
Random number generator, self-checking module and self-checking method of random number generator Download PDFInfo
- Publication number
- CN110045946B CN110045946B CN201910318519.7A CN201910318519A CN110045946B CN 110045946 B CN110045946 B CN 110045946B CN 201910318519 A CN201910318519 A CN 201910318519A CN 110045946 B CN110045946 B CN 110045946B
- Authority
- CN
- China
- Prior art keywords
- random number
- number generator
- monitoring
- random
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title abstract description 28
- 238000012544 monitoring process Methods 0.000 claims abstract description 150
- 238000012805 post-processing Methods 0.000 claims abstract description 26
- 238000012545 processing Methods 0.000 claims abstract description 5
- 230000000739 chaotic effect Effects 0.000 claims description 25
- 230000002159 abnormal effect Effects 0.000 claims description 9
- 239000011159 matrix material Substances 0.000 claims description 5
- 238000010998 test method Methods 0.000 claims description 3
- 238000012360 testing method Methods 0.000 claims description 2
- 238000001514 detection method Methods 0.000 claims 2
- 238000010586 diagram Methods 0.000 description 4
- 238000007689 inspection Methods 0.000 description 4
- 230000005856 abnormality Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000005236 sound signal Effects 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
- G06F7/588—Random number generators, i.e. based on natural stochastic processes
Abstract
The invention relates to a random number generator, a self-checking module and a self-checking method of the random number generator. The random number generator comprises a random source generating circuit, a post-processing circuit and a random number hardware self-checking module; the random source generating circuit is used for generating a plurality of paths of initial random numbers, combining the plurality of paths of initial random numbers into a preliminary random number sequence and outputting the preliminary random number sequence to the post-processing circuit; the post-processing circuit is used for carrying out equalization processing on the input preliminary random number sequence and outputting a final random number sequence; the random number hardware self-checking module corresponds to the random number channels in the random number generator one by one and is used for monitoring whether the random number sequence in each random number channel meets the set conditions; the random number channel includes: the output channels of the multiple paths of initial random numbers, the output channel of the random source generating circuit and the output channel of the post-processing circuit. The embodiment of the invention solves the problem that the monitoring result given by the traditional software monitoring mode has hysteresis, and simplifies the requirement on the monitoring environment.
Description
Technical Field
The invention relates to the technical field of electronic circuits, in particular to a random number generator, a self-checking module and a self-checking method of the random number generator.
Background
With the increasing support of the country to the information security industry, the security of the security chip needs to be protected in a grade. Random number generators are also becoming more and more critical as an integral part of security chips. The random number generator is the basis of encryption application and can be used for generating encryption keys with specified security requirements, resisting side channel attacks, producing initial vectors, randomly filling bits and other attacks.
The randomness of the output sequence is an important measure of the security index of the random number generator. A qualified random sequence should satisfy the following properties: can be monitored by correct randomness, is unpredictable, and cannot be reproduced. Most of the existing security monitoring methods for the random number generator adopt a software mode, collect a certain amount of random data sequences output by the random number generator according to the requirements of a tool, then start a software monitoring tool, start online self-checking based on the collected random data sequences, and finally give out the monitoring results of the random number generator. However, the random number generator may itself be abnormal or attacked from outside at any time during the operation process, so that the monitoring result given by the existing monitoring mode often has hysteresis.
Disclosure of Invention
Therefore, it is necessary to provide a random number generator, a self-checking module, and a self-checking method of the random number generator, aiming at the problem that the monitoring result given by the existing monitoring method often has hysteresis.
On one hand, the embodiment of the invention provides a random number generator, which comprises a random source generating circuit, a post-processing circuit and a random number hardware self-checking module;
the random source generating circuit is used for generating a plurality of paths of initial random numbers, combining the plurality of paths of initial random numbers into a preliminary random number sequence, and outputting the preliminary random number sequence to the post-processing circuit;
the post-processing circuit is used for carrying out equalization processing on the input preliminary random number sequence and outputting a final random number sequence;
the random number hardware self-checking module corresponds to random number channels in the random number generator one by one and is used for monitoring whether random number sequences in the random number channels meet set conditions or not;
wherein the random number channel comprises: the output channels of the plurality of paths of initial random numbers, the output channel of the random source generating circuit and the output channel of the post-processing circuit; the setting conditions include: can be monitored by correct randomness, is unpredictable, and cannot be reproduced.
In one embodiment, the random source generating circuit includes: the chaotic power system comprises a plurality of chaotic power systems, a plurality of exclusive-OR chains and a first exclusive-OR logic circuit;
the output ends of the chaotic power systems are connected with the input end of an exclusive or chain; the output ends of the plurality of XOR chains are connected with the input end of the first XOR logic circuit; the output end of the first exclusive-or logic circuit is connected with the output end of the random source generating circuit;
the output channels of the plurality of initial random numbers comprise: the output channels of the chaotic power system and the output channels of the XOR chains.
In one embodiment, the post-processing circuit comprises: a second exclusive-or logic circuit and a plurality of D flip-flops; the plurality of D triggers are cascaded, and the input end of the D trigger positioned at the head is connected with the input end of the post-processing circuit; the output ends of the plurality of D flip-flop stages are also respectively connected with the input end of the second exclusive-OR logic circuit; and the output end of the second exclusive-OR logic circuit is connected with the output end of the random number generator.
In one embodiment, in the random source generating circuit, each two chaotic power systems are connected with the input end of an exclusive-or chain.
In one embodiment, four xor chains are included in the random source generation circuit, and outputs of the four xor chains are all connected to the input of the first xor logic circuit.
In one embodiment, the post-processing circuit includes 128D flip-flops, and the 128D flip-flops are connected in cascade.
In one embodiment, the random number hardware self-checking module comprises a startup monitoring module and an online monitoring module;
the startup monitoring module is operated when the random number generator is just powered on or the random number generator turns from off to enable, and is used for monitoring whether a random number sequence output by a corresponding random number channel meets the set condition;
when the random number generator normally operates, the online monitoring module operates, and the startup monitoring module stops operating; the online monitoring module is used for monitoring whether a random number sequence output by a corresponding random number channel meets the set condition; and the random number generator enters a normal operation stage when the monitoring of the startup monitoring module passes.
In one embodiment, the startup monitoring module comprises a monitoring module based on poker monitoring principle;
the online monitoring module comprises a monitoring module based on a single-bit frequency monitoring principle, a total run number monitoring principle or a matrix rank monitoring principle.
On the other hand, the random number hardware self-checking module of the random number generator is provided, and comprises a startup monitoring module and an online monitoring module;
the startup monitoring module is operated when the random number generator is just powered on or the random number generator is switched from off to enabled, and is used for monitoring whether a random number sequence output by a random number channel connected with the random number hardware self-checking module meets the set condition or not;
when the random number generator normally operates, the online monitoring module operates, and the startup monitoring module stops operating; the online monitoring module is used for monitoring the data output by the corresponding random number channel.
In another aspect, a self-checking method for a random number generator is provided, where the random number generator is as described in any of the above embodiments, and the self-checking method includes:
when the random number generator is powered on or turns to an enabling state from a closing state, a plurality of random number hardware self-checking modules are started; carrying out first-stage monitoring on data output by a plurality of random number channels in the random number generator through a plurality of random number hardware self-checking modules;
if the first-stage monitoring results of each random number channel in the random number generator pass, the random number generator enters a normal operation stage; otherwise, outputting an abnormal prompt signal through a corresponding random number hardware self-checking module;
in the normal operation stage of the random number generator, performing second-stage monitoring on data output by a plurality of random number channels in the random number generator through the plurality of random number hardware self-checking modules; if the second-stage monitoring result of any random number channel in the random number generator does not pass, outputting an abnormal prompt signal through a random number hardware self-checking module corresponding to any random number channel;
the first-stage monitoring and the second-stage monitoring are used for monitoring whether the random number sequence in the random number channel meets a set condition: can be monitored by correct randomness, is unpredictable, and cannot be reproduced.
One of the above technical solutions has the following advantages or beneficial effects: a random number hardware self-checking module is additionally arranged in the random number generator so as to carry out two hardware automatic monitoring of startup monitoring and online monitoring on the randomness of a data source in the random number generator; and the method is divided into a power-on initial stage and real-time monitoring in the working process, and different stages of different monitoring are carried out on the random number generator. Hardware self-inspection is carried out on the random number generator, so that a software monitoring platform required in a software monitoring mode is omitted; and the real-time monitoring function of the random number generator in the using process is added, so that the random number generator can be ensured to output a normal random number sequence, the safety of a chip to which the random number generator belongs is improved, and the requirement of monitoring environment is simplified.
Drawings
FIG. 1 is a schematic block diagram of a random number generator in one embodiment;
FIG. 2 is a schematic block diagram of a random number generator in another embodiment;
FIG. 3 is a schematic block diagram of a random number hardware self-test circuit in one embodiment;
FIG. 4 is a schematic flow chart diagram of a self-test method of a random number generator of an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The security monitoring method of the random number generator can be applied to the application environment shown in fig. 1. The random number generator includes: the random number self-checking circuit comprises a random source generating circuit, a post-processing circuit and a random number hardware self-checking module. Each part is mainly responsible for: the random source generating circuit is used for generating a plurality of paths of initial random numbers, combining the plurality of paths of initial random numbers into a preliminary random number sequence and outputting the preliminary random number sequence to the post-processing circuit; the post-processing circuit is used for carrying out equalization processing on the input preliminary random number sequence and outputting a final random number sequence; the random number hardware self-checking module corresponds to the random number channels in the random number generator one by one and is used for monitoring whether the random number sequence in each random number channel meets set conditions.
In the embodiment of the invention, the random number channel not only comprises a final random number output channel of the random number generator (namely an output channel of the post-processing circuit), but also comprises a plurality of initial random number output channels; therefore, in the random number generator, there are a plurality of random number channels, and correspondingly, there are a plurality of random number hardware self-checking modules, and the random number hardware self-checking modules correspond to the random number channels one to one. It can be understood that, in the embodiment of the present invention, in the random number generator, the random number hardware self-checking module exists in a hardware manner, and in the security monitoring process of the random number generator, a corresponding software monitoring platform does not need to be additionally arranged.
Referring to fig. 1, in some embodiments, the random source generation circuit may further include: the chaotic power system comprises a plurality of chaotic power systems, a plurality of exclusive-OR chains and a first exclusive-OR logic circuit. The output ends of the chaotic power systems are connected with the input end of an exclusive or chain; the output ends of the plurality of XOR chains are connected with the input end of the first XOR logic circuit; the output end of the first exclusive-OR logic circuit is connected with the output end of the random source generating circuit. Correspondingly, the output channels of the multiple initial random numbers may specifically include: the output channels of the chaotic power system and the output channels of the XOR chains.
As further shown with reference to fig. 1, in some embodiments, the post-processing circuitry may further include: a second exclusive-or logic circuit and a plurality of D flip-flops; the plurality of D triggers are cascaded, and the input end of the D trigger positioned at the head is connected with the input end of the post-processing circuit; the output ends of the plurality of D flip-flop stages are also respectively connected with the input end of the second exclusive-OR logic circuit; and the output end of the second exclusive-or logic circuit is connected with the output end of the random number generator and is used for outputting a random number sequence.
Referring to fig. 2, in some embodiments, the post-processing circuit includes 128D flip-flops (i.e., DFFs) that are connected in cascade, so that the resulting random number can meet the requirements of the national code agency.
Further, the following is a description of the parts of the random number generator:
the chaotic power systems are used as random sources, and each chaotic power system is used for generating a path of initial random numbers;
and the XOR chain is used for merging the initial random numbers generated by the plurality of chaotic power systems connected with the XOR chain to obtain a path of initial random numbers.
Generally, the power factor of the chaotic power system is 1.54, which is far smaller than an ideal power factor 2 of the bernoulli shift mapping, so that the information quantity is lost, and the initial random numbers generated by a plurality of chaotic power systems are combined through an exclusive-or chain, so that the information quantity of an output path of random numbers is improved, and meanwhile, the correlation between adjacent positions in the initial random number data generated by the chaotic power systems is removed. In some embodiments, referring to fig. 2, in the random source generating circuit, two chaotic power systems with the same mechanism are connected to an xor chain, and initial random numbers generated by the two chaotic power systems are processed through the xor chain to obtain a path of preliminary random numbers.
The first exclusive-OR logic circuit is used for exclusive-OR-ing a plurality of paths of preliminary random numbers output by the random source generating circuit into one path; and also for removing correlation between adjacent bits in the preliminary random number sequence output by the random source generation circuit.
The multistage D trigger and the second exclusive-OR logic circuit are used for ensuring the distribution uniformity of 0 and 1 in the final random number sequence output by the random number generator, namely ensuring the balanced distribution of the output final random numbers and simultaneously achieving the purpose of removing the correlation between adjacent bits in the random number sequence output by the multistage D trigger.
In some embodiments, referring to fig. 2, in the random source generation circuit, two chaotic power systems with the same mechanism are connected to one xor chain, and 4 xor chains are provided, so that in a corresponding random number generator, there are 14 random number channels (i.e. data sources to be monitored) and the random number channels are classified into 4 types:
the first type is that the output of 8 chaotic power systems is totally 8 paths;
in the second category, the number of the initial random numbers obtained after data processing of every two chaotic power systems is 1-4, and 4 paths are counted;
in the third category, after 4 paths of data are merged into one path through a first exclusive OR logic circuit, the initial random number before entering a post DFF module is counted into 1 path;
and in the fourth type, the final true random number sequence output by the random number generator totals 1 path.
Compared with a common random number generator, the random number generator shown in fig. 2 is additionally provided with a post-processing circuit, four paths of preliminary random numbers are combined into one path of data, the distribution uniformity of 0 and 1 in a random number sequence is guaranteed through a multi-stage D trigger, and finally the four paths of preliminary random numbers are combined into one path through a second exclusive-or logic circuit to obtain the final random number output.
In the embodiment of the invention, under a normal condition, each path of data source to be monitored meets the following conditions: can be monitored by correct randomness, is unpredictable, and cannot be reproduced.
In addition, in the embodiment of the present invention, the random number generator is further provided with a plurality of random number hardware self-checking modules, and the random number hardware self-checking modules correspond to the data sources to be monitored one by one and are respectively used for monitoring whether each path of data source to be monitored meets the set requirement. The data source to be monitored not only comprises the final random number sequence, but also comprises a plurality of intermediate data sources in the random number generator, so that the instantaneity of monitoring is improved.
Referring to fig. 3, in an embodiment, the random number hardware self-inspection module includes a startup monitoring module and an online monitoring module, when the random number generator is just powered on or the random number generator turns from off to enable, the startup monitoring modules of the multiple random number hardware self-inspection modules respectively monitor the multiple paths of data sources to be monitored simultaneously, and only after startup monitoring of the multiple paths of data sources to be monitored passes, a final random number sequence generated by the random number generator is allowed. After the random number generator is monitored by the startup, in the normal working process, the online monitoring modules of the random number hardware self-checking modules are further used for monitoring all the paths of data sources to be monitored simultaneously, and once a certain path of data source to be monitored is monitored to be not meeting set conditions, abnormal monitoring results of the random number generator are given.
Specifically, the startup monitoring module may specifically include a monitoring module based on the poker monitoring principle; the online monitoring module may specifically include a monitoring module based on a single-bit frequency monitoring principle, a run total monitoring principle, or a matrix rank monitoring principle. The specific monitoring modes of poker monitoring, single-bit frequency monitoring, total run number monitoring or matrix rank monitoring of the random number sequence can be carried out according to recorded related monitoring modes by combining with actual scene requirements, and the monitoring modes are not limited.
Compared with the traditional software monitoring method, the monitoring method provided by the embodiment of the invention can eliminate the hysteresis of the monitoring result, is convenient for discovering the abnormity of the random number generator in time, and simplifies the requirement of monitoring environment.
In one embodiment, as shown in FIG. 4, a method for security monitoring of a random number generator is provided, which is illustrated by way of example as applied to the random number generator of FIG. 1, and comprises the steps of:
s110, when the random number generator is monitored to be electrified or switched from the off state to the enabled state, a random number hardware self-checking module in the random number generator is started. And carrying out first-stage monitoring on data output by a plurality of random number channels in the random number generator through a plurality of random number hardware self-checking modules.
S120, after each random number hardware self-checking module is started, firstly, a startup monitoring module is operated; and monitoring each path of data source to be monitored in the random number generator through the startup monitoring module.
S130, if the monitoring results of the startup monitoring modules of all the random number hardware self-checking modules are passed, namely each path of data source to be monitored in the random number generator meets the set conditions, the random number generator enters a normal operation stage and enters the step S140, and otherwise, the step S160 is entered.
In some embodiments, the startup monitoring module may monitor each path of data source to be monitored by using a poker monitoring principle, and according to actual conditions, the startup monitoring module may also monitor each path of data source to be monitored by using other monitoring principles which need to meet a random number monitoring standard promulgated by the national crypto authority.
S140, in the normal operation stage of the random number generator, an online monitoring module in each random number hardware self-checking module operates, and a startup monitoring module stops monitoring; and monitoring each path of data source to be monitored in the random number generator through the online monitoring modules of all the random number hardware self-checking modules.
In the embodiment of the invention, the data output by a plurality of random number channels in the random number generator is monitored in the second stage through the startup monitoring module of the plurality of random number hardware self-checking modules.
S150, if the online monitoring result of any random number channel in the random number generator does not pass, outputting an abnormal prompt signal through a random number hardware self-checking module corresponding to any random number channel.
In the normal operation stage of the random number generator, if a certain online monitoring module monitors that the corresponding data source to be monitored does not accord with the set condition, outputting a prompt signal of the abnormality of the corresponding data source to be monitored through a random number hardware self-checking module where the online monitoring module is located.
In some embodiments, the online monitoring module may monitor each path of data source to be monitored by using a single-bit frequency monitoring principle, a total run number monitoring principle, or a matrix rank monitoring principle, and according to an actual situation, the online monitoring module may also monitor each path of data source to be monitored by using another monitoring principle that needs to meet a random number monitoring standard issued by the national crypto-administration.
And S160, if the startup monitoring result of any random number channel in the random number generator does not pass through, outputting an abnormal prompt signal through a random number hardware self-checking module corresponding to any random number channel.
The abnormal prompt signal output by the random number hardware self-checking module can be a sound signal or an indicator light signal.
According to the safety monitoring method of the random number generator, the random number hardware self-checking module is additionally arranged in each random number channel in the random number generator, so that hardware automatic monitoring of two stages of startup monitoring and online monitoring is performed on the randomness of data sources of a plurality of random number channels in the random number generator; and the method is divided into a power-on initial stage and real-time monitoring in the working process, and different stages of different monitoring are carried out on the random number generator. Hardware self-inspection is carried out on the random number generator, so that a software monitoring platform required in a software monitoring mode is omitted; and the real-time monitoring function of the random number generator in the using process is added, so that the random number generator can be ensured to output a normal random number sequence, and the safety of the chip to which the random number generator belongs is improved.
It should be understood that for the foregoing method embodiments, although the steps in the flowcharts are shown in order indicated by the arrows, the steps are not necessarily performed in order indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a portion of the steps in the flow charts of the method embodiments may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least a portion of the sub-steps or stages of other steps.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
The terms "comprises" and "comprising," as well as any variations thereof, of the embodiments herein are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or modules is not limited to the listed steps or modules but may alternatively include other steps or modules not expressly listed or inherent to such process, method, article, or apparatus.
Reference herein to "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
References to "first \ second" herein are merely to distinguish between similar objects and do not denote a particular ordering with respect to the objects, it being understood that "first \ second" may, where permissible, be interchanged with a particular order or sequence. It should be understood that "first \ second" distinct objects may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced in sequences other than those illustrated or described herein.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A random number generator, comprising: the random number self-checking circuit comprises a random source generating circuit, a post-processing circuit and a random number hardware self-checking module;
the random source generating circuit is used for generating a plurality of paths of initial random numbers, combining the plurality of paths of initial random numbers into a preliminary random number sequence and outputting the preliminary random number sequence to the post-processing circuit;
the post-processing circuit is used for carrying out equalization processing on one path of input preliminary random number sequence and outputting one path of final random number sequence;
the random number hardware self-checking module corresponds to random number channels in the random number generator one by one and is used for monitoring whether random number sequences in the corresponding random number channels meet set conditions or not; the random number hardware self-checking module is used for carrying out first-stage detection on data output by a plurality of random number channels in the random number generator when the random number generator is powered on or turns from a closed state to an enabled state; the random number hardware self-checking module is also used for carrying out second-stage detection on data output by a plurality of random number channels in the random number generator in the normal operation stage of the random number generator;
wherein the random number channel comprises: the output channels of the plurality of paths of initial random numbers, the output channel of the random source generating circuit and the output channel of the post-processing circuit; the setting conditions include: can be monitored by correct randomness, is unpredictable, and cannot be reproduced.
2. The random number generator of claim 1, wherein the random source generation circuit comprises: the chaotic power system comprises a plurality of chaotic power systems, a plurality of exclusive-OR chains and a first exclusive-OR logic circuit;
the output ends of the chaotic power systems are connected with the input end of an exclusive or chain; the output ends of the plurality of XOR chains are connected with the input end of the first XOR logic circuit; the output end of the first exclusive-or logic circuit is connected with the output end of the random source generating circuit;
the output channels of the plurality of initial random numbers comprise: the output channels of the chaotic power system and the output channels of the XOR chains.
3. The random number generator of claim 1, wherein the post-processing circuit comprises: a second exclusive-or logic circuit and a plurality of D flip-flops; the plurality of D triggers are cascaded, and the input end of the D trigger positioned at the head is connected with the input end of the post-processing circuit; the output ends of the plurality of D flip-flop stages are also respectively connected with the input end of the second exclusive-OR logic circuit; and the output end of the second exclusive-OR logic circuit is connected with the output end of the random number generator.
4. A random number generator as recited in claim 2, wherein the random source generation circuit has an input of an exclusive or chain connected to each two chaotic power systems.
5. The random number generator of claim 2, wherein said random source generation circuit comprises four exclusive-or chains, wherein outputs of said four exclusive-or chains are each connected to an input of said first exclusive-or logic circuit.
6. A random number generator as recited in claim 3, wherein said post-processing circuitry comprises 128D flip-flops, said 128D flip-flops being connected in cascade.
7. A random number generator as recited in any of claims 1-6, wherein said random number hardware self-test module comprises a startup monitoring module and an online monitoring module;
the startup monitoring module is operated when the random number generator is just powered on or the random number generator turns from off to enable, and is used for monitoring whether a random number sequence output by a corresponding random number channel meets the set condition;
when the random number generator normally operates, the online monitoring module operates, and the startup monitoring module stops operating; the online monitoring module is used for monitoring whether a random number sequence output by a corresponding random number channel meets the set condition;
and the random number generator enters a normal operation stage when the monitoring of the startup monitoring module passes.
8. The random number generator of claim 7,
the startup monitoring module comprises a monitoring module based on a poker monitoring principle;
the online monitoring module comprises a monitoring module based on a single-bit frequency monitoring principle, a total run number monitoring principle or a matrix rank monitoring principle.
9. A random number hardware self-checking module of a random number generator is characterized by comprising a startup monitoring module and an online monitoring module;
the startup monitoring module is operated when the random number generator is just powered on or the random number generator is switched from off to enabled, and is used for monitoring whether a random number sequence output by a random number channel connected with the random number hardware self-checking module meets a set condition or not; the setting conditions include: being able to be monitored by correct randomness, being unpredictable, and being unable to be reproduced;
when the random number generator normally operates, the online monitoring module operates, and the startup monitoring module stops operating; the online monitoring module is used for monitoring data output by the corresponding random number channel.
10. A self-test method for a random number generator, the random number generator being a random number generator according to any one of claims 1 to 8, the self-test method comprising:
when the random number generator is powered on or turns to an enabling state from a closing state, a plurality of random number hardware self-checking modules are started; carrying out first-stage monitoring on data output by a plurality of random number channels in the random number generator through a plurality of random number hardware self-checking modules;
if the first-stage monitoring results of each random number channel in the random number generator pass, the random number generator enters a normal operation stage; otherwise, outputting an abnormal prompt signal through a corresponding random number hardware self-checking module;
in the normal operation stage of the random number generator, performing second-stage monitoring on data output by a plurality of random number channels in the random number generator through the plurality of random number hardware self-checking modules; if the second-stage monitoring result of any random number channel in the random number generator does not pass, outputting an abnormal prompt signal through a random number hardware self-checking module corresponding to any random number channel;
the first-stage monitoring and the second-stage monitoring are used for monitoring whether the random number sequence in the random number channel meets a set condition: can be monitored by correct randomness, is unpredictable, and cannot be reproduced.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910318519.7A CN110045946B (en) | 2019-04-19 | 2019-04-19 | Random number generator, self-checking module and self-checking method of random number generator |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910318519.7A CN110045946B (en) | 2019-04-19 | 2019-04-19 | Random number generator, self-checking module and self-checking method of random number generator |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110045946A CN110045946A (en) | 2019-07-23 |
| CN110045946B true CN110045946B (en) | 2020-11-17 |
Family
ID=67277945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910318519.7A Active CN110045946B (en) | 2019-04-19 | 2019-04-19 | Random number generator, self-checking module and self-checking method of random number generator |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110045946B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103716149A (en) * | 2014-01-15 | 2014-04-09 | 东南大学 | High-speed random number generating system based on chaos network |
| CN105159653A (en) * | 2015-08-18 | 2015-12-16 | 珠海市一微半导体有限公司 | Random number post-processing circuit and method |
| CN106293617A (en) * | 2016-08-12 | 2017-01-04 | 上海坚芯电子科技有限公司 | Real random number generator |
| CN108563422A (en) * | 2018-04-17 | 2018-09-21 | 清华大学 | Randomizer and random number generation method |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090125562A1 (en) * | 2007-11-08 | 2009-05-14 | International Business Machines Corporation | Methods and systems involving checking memory integrity |
| US8800052B2 (en) * | 2012-06-29 | 2014-08-05 | Intel Corporation | Timer for hardware protection of virtual machine monitor runtime integrity watcher |
| CN210222735U (en) * | 2019-04-19 | 2020-03-31 | 中国南方电网有限责任公司 | Random number generator |
-
2019
- 2019-04-19 CN CN201910318519.7A patent/CN110045946B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103716149A (en) * | 2014-01-15 | 2014-04-09 | 东南大学 | High-speed random number generating system based on chaos network |
| CN105159653A (en) * | 2015-08-18 | 2015-12-16 | 珠海市一微半导体有限公司 | Random number post-processing circuit and method |
| CN106293617A (en) * | 2016-08-12 | 2017-01-04 | 上海坚芯电子科技有限公司 | Real random number generator |
| CN108563422A (en) * | 2018-04-17 | 2018-09-21 | 清华大学 | Randomizer and random number generation method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110045946A (en) | 2019-07-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10439797B2 (en) | Methods and devices against a side-channel analysis | |
| Bhasin et al. | Attacking and defending masked polynomial comparison for lattice-based cryptography | |
| EP3220304B1 (en) | Method of testing the resistance of a circuit to a side channel analysis | |
| US10121011B2 (en) | Apparatus, method and article of manufacture for partially resisting hardware trojan induced data leakage in sequential logics | |
| Jorstad et al. | Cryptographic algorithm metrics | |
| Yasin et al. | Security analysis of logic encryption against the most effective side-channel attack: DPA | |
| CN103312501B (en) | Apparatus and method for producing a message authentication code | |
| CN104079304B (en) | For handling the device and method of data | |
| CN210222735U (en) | Random number generator | |
| RU2603550C2 (en) | Data processing device, data processing method, and program | |
| US11036891B2 (en) | Testing resistance of a circuit to a side channel analysis | |
| JP2013131868A (en) | Temperature sensor, encryption device, encryption method, and individual information generation device | |
| JP2014075082A (en) | Random number generator and random number generation method | |
| Mukhopadhyay et al. | CryptoScan: A secured scan chain architecture | |
| D'Anvers et al. | Higher-order masked ciphertext comparison for lattice-based cryptography | |
| CN109842488A (en) | For the key generation component in phy chip | |
| Elaabid et al. | Practical improvements of profiled side-channel attacks on a hardware crypto-accelerator | |
| US20110176674A1 (en) | Countermeasure method and device for protecting data circulating in an electronic component | |
| Di Natale et al. | Self-test techniques for crypto-devices | |
| Yu et al. | Can deep learning break a true random number generator? | |
| CN110045946B (en) | Random number generator, self-checking module and self-checking method of random number generator | |
| CN1996830B (en) | Integrated circuit including aes core and wrapper for validating of aes core | |
| KR101997005B1 (en) | Method of protecting electronic circuit against eavesdropping by power analysis and electronic circuit using the same | |
| US6919794B2 (en) | Circuit for controlling the random character of a random number generator | |
| CN115333824A (en) | Encryption method, device, equipment and storage medium for resisting error injection attack |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 510000 Guangdong city of Guangzhou province Luogang District Science City Kexiang Road No. 11 Applicant after: CHINA SOUTHERN POWER GRID Co.,Ltd. Applicant after: Southern Power Grid Digital Grid Research Institute Co.,Ltd. Address before: 510000 Guangdong city of Guangzhou province Luogang District Science City Kexiang Road No. 11 Applicant before: CHINA SOUTHERN POWER GRID Co.,Ltd. Applicant before: DINGXIN INFORMATION TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee after: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region after: Zhong Guo Patentee after: Southern Power Grid Digital Grid Research Institute Co.,Ltd. Address before: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee before: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region before: Zhong Guo Patentee before: Southern Power Grid Digital Grid Research Institute Co.,Ltd. |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20240320 Address after: 518101, 3rd Floor, Building 40, Baotian Industrial Zone, Chentian Community, Xixiang Street, Bao'an District, Shenzhen City, Guangdong Province Patentee after: China Southern Power Grid Digital Platform Technology (Guangdong) Co.,Ltd. Country or region after: Zhong Guo Address before: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee before: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region before: Zhong Guo Patentee before: Southern Power Grid Digital Grid Research Institute Co.,Ltd. |