GB2465419A - Pseudo random number generator architecture using pipelined processing blocks - Google Patents

Pseudo random number generator architecture using pipelined processing blocks Download PDF

Info

Publication number
GB2465419A
GB2465419A GB0821230A GB0821230A GB2465419A GB 2465419 A GB2465419 A GB 2465419A GB 0821230 A GB0821230 A GB 0821230A GB 0821230 A GB0821230 A GB 0821230A GB 2465419 A GB2465419 A GB 2465419A
Authority
GB
United Kingdom
Prior art keywords
input
output
random
block
pipelined
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB0821230A
Other versions
GB2465419B (en
GB0821230D0 (en
Inventor
Simon Banks
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SIMBA HPC Ltd
Original Assignee
SIMBA HPC Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SIMBA HPC Ltd filed Critical SIMBA HPC Ltd
Priority to GB0821230.0A priority Critical patent/GB2465419B/en
Publication of GB0821230D0 publication Critical patent/GB0821230D0/en
Publication of GB2465419A publication Critical patent/GB2465419A/en
Application granted granted Critical
Publication of GB2465419B publication Critical patent/GB2465419B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators
    • G06F7/584Pseudo-random number generators using finite field arithmetic, e.g. using a linear feedback shift register
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators
    • G06F7/586Pseudo-random number generators using an integer algorithm, e.g. using linear congruential method
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator

Abstract

The invention relates to hardware architectures for random number generators. We describe a random number generator hardware architecture, comprising: at least one random seed input for providing a plurality of random seeds; a select block having first and second inputs and an output, said first input being coupled to said random seed input; a pipelined data processing block having an input coupled to said select block output and having a feedback path in which a feedback output from said pipelined data processing block is fed back to said second input of said select block, and having a random data output; and a control unit to control said select block to couple said first input of said select block to said select block output to load said plurality of random seeds into successive pipeline stages of said pipelined data processing block, and to then couple said second input of said select block to said select block output to feedback data output from said pipelined data processing block to said input of said pipelined data processing block.

Description

Random Number Generator Circuits
FIELD OF THE INVENTION
This invention relates to hardware architectures for random number generators.
BACKGROUND TO THE INVENTION
Many problems employ Monte Carlo techniques for their solution. However this can require substantial computing power -for example a distributed grid of many processors -and there is therefore a need for improved computing hardware for these and related problems. One particular issue for these and other problems is random number generation.
SUMMARY OF THE INVENTION
According to a first aspect of the invention there is therefore provided a random number generator hardware architecture, comprising: at least one random seed input for providing a plurality of random seeds; a select block having first and second inputs and an output, said first input being coupled to said random seed input; a pipelined data processing block having an input coupled to said select block output and having a feedback path in which a feedback output from said pipelined data processing block is fed back to said second input of said select block, and having a random data output; and a control unit to control said select block to couple said first input of said select block to said select block output to load said plurality of random seeds into successive pipeline stages of said pipelined data processing block, and to then couple said second input of said select block to said select block output to feedback data output from said pipelined data processing block to said input of said pipelined data processing block.
In embodiments a number of said random seeds loaded into said pipelined data block is less, for example one less, than a number of pipeline stages between said input of said pipelined data processing block and said feedback output of said pipelined data processing block. The random numbers are provided using data from said random data output, for example using a plurality of sets of said processing and select blocks, and a data combiner coupled to each respective random data output to provide a random number output.
A random seed store storing a plurality of random seeds may be coupled to the random seed input. However in some preferred embodiments the seed(s) are provided to the hardware architecture by a host processor; the random number generator hardware may thus effectively act as a co-processor.
In some preferred embodiments the processing block comprises a multiplier configured to overflow by wrapping around (it simply overflows and, in embodiments, the overflow is ignored).
The invention also provides a method of implementing a random number generator using pipelined hardware, the method comprising loading said pipelined hardware with a plurality of different random number seeds such that different stages of said pipelined hardware implement random number generation using different said seeds.
In embodiments of the method the pipelined hardware has feedback and pipeline stages of said hardware are utilised such that each pipeline stage defines one or more random numbers of a sequence of said random numbers. Preferably the method comprises seeding each pipeline stage of said hardware with a different seed and then feeding back an output of said hardware to an input of said hardware.
Thus in a further related aspect the invention provides a random number generator using pipelined hardware, the random number generator comprising means for loading said pipelined hardware with a plurality of different random number seeds such that different stages of said pipelined hardware implement random number generation using different said seeds.
The invention further provides hardware architecture configured to implement a Mersenne Twister pseudo random number generator, the architecture comprising: a dual-ported memory having two address bus inputs, a data bus input and two data bus outputs; a first logic block having an input coupled to a first of said data bus outputs and having an output coupled to said data bus input of said dual-ported memory; a second logic block having a first input coupled to said output of said first logic block, a second input coupled to a second of said data bus outputs and having an output to provide a pseudo-random number; and a controller having a clock input and first and second control outputs to drive said address bus inputs of the dual-ported memory, wherein said controller is configured to control said dual-ported memory as a dual-ported circular buffer.
In some preferred embodiments the first and second logic blocks comprise pipelined logic blocks.
The invention also provides a method of implementing a Mersenne Twister pseudo random number generator in hardware, and corresponding hardware, the method/hardware using a dual-ported circular buffer with first and second data bus outputs to provide data to respective first and second chained logic block and feeding back an output from said chained logic blocks to a write input of said dual-ported circular buffer.
BRIEF DESCRIPTION OF THE DRAWINGS
These and other aspects of the invention will now be further described, by way of example only, with reference to the accompanying figures in which: Figure 1 shows an example of random number generation based on a shift register (prior art); Figure 2 shows an example of random number generation based on a generalised
feedback shift register (prior art);
Figure 3 shows an example of random number generation based on a twisted
generalised feedback shift register (prior art);
Figure 4 shows a pipelined multiplier (upper) and adder (lower) processing units; Figure 5 shows initialisation of a VSLCG processor with L different seeds; Figure 6 shows a complete FPGA architecture for Ran; Figure 7 shows an architecture for a VSLCG; Figure 8 shows an architecture for VSLCG with c feed forward; Figure 9 shows architecture for VMCG; and Figure 10 shows a processor for Generalised Feedback Shift Register PRNGs.
DETAILED DESCIUPTION OF EMBODIMENTS
Two processors, which are particularly suited to FPGA, ASIC and VLSI implementation, for two classes of Pseudo Random Number Generator (PRNG) are presented. The first processor is suitable for implementing Congruential Generators including Simple Linear Congruential Generators (SLCGs), and Multiplicative Congruential Generators (MCGs). A modification to the Congruential Generator, the Vectorised Congruential Generator, is presented that facilitates an efficient hardware implementation. The second processor is suitable for implementing Generalised Feedback Shift Register (GFSR) based PRNGs such as the Mersenne Twister.
Applications of the processors include, but are not limited to, Cryptography and Monte Carlo simulation.
For cryptographic applications, additional processing in the form of hash functions such as MD5 [N. W. Group. The md5 messagedigest algorithm. Technical report, MIT Laboratory for Computer Science and RSA Data Security, Inc., 1992] is commonly used to make derivation of the random seed from the generated pseudo random sequence more difficult. Monte Carlo methods are applied to many areas including, but not limited to, quantitative finance [P. Jaeckel. Monte Carlo Methods in Finance.
Wiley, 2002], computational physics [S. Ulam, R. Richtmyer, and J. von Neumann.
Statistical methods in neutron diffusion. Los Alamos ScientUlc Laboratory report LAMS55J, 1947], molecular modelling [B. Christopher, W. Peter, and L. Jennifer.
Monte Carlo simulations of receptor dynamics: Insights into cell signaling. Journal of Molecular Histology, 35(7):667-677, September 2004] and bioinformatics.
When implemented in programmable logic such as an FPGA device, or directly in silicon such an ASIC device, the processors lead to physically smaller and more power efficient solutions than is generally achievable using the more common software based approach. Hardware based PRNG processors therefore find application in situations where high processing speed is required, or where the available power and space resources are limited. Such situations include embedded systems and High Performance Computing systems.
The standard techniques of SLGC, MCG and GFSR are described in section 1. The new vectorised modifications to SLGC and MCG are also presented in section 1. Three PRNG algorithms from the literature are described in section 2 by way of example. The processors presented in section 3 are suitable for implementing other PRNG algorithms in addition to those given as examples. The first example, Ran, proposed in the textbook Numerical Recipes [W. H. Press, S. A. Teukolsky, W. T. Vetterling, and B. P.Flannery.
Numerical Recipes. Cambridge University Press, third edition, 2007], is a Combined Generator utilising a number of techniques including SLCG. The second, proposed by Park and Miller in 1988[P. S. K and M. K. W. Random number generators: Good ones are hard to find. Communications oftheACIVJ 31:1192-1201, 1988.], utilises the MCG approach. The third example, the Mersenne Twister [M. Matsumoto and T. Nishimura.
Mersenne twister: A 623.dimensionally equidistributed uniform pseudo.random number generator. ACM Transactions on Modeling and Computer Simulation, 8:3-30, January 1998], utilises GFSRs.
The processors for implementing the PRNGs are then presented in section 3.
1. Techniciues for generating Pseudo Random Numbers 1.1 Simple Linear Congruential Generators The Simple Linear Congruential Generator (SLCG) was proposed by Lehmer in 1951 [D. H. Lebmer. Mathematical methods in large-scale computing units. In proceedings of the Second Symposium on Large Scale Digital Computing Machinery, page 141146, Cambridge, Massachusetts, 1951. Harvard University Press]. The general form of the linear congruential generator is given by equation 1 where the random sequence is given by x, 0 �= x. �= m, a is the "multiplier", c the "increment" and m the "modulus" of the generator.
x,1 =(ax1+c)modm (1) Several examples of generators using SLCG exist in the literature, one of which is described in section 1 of this document.
1.2 Multiplicative Congruential Generators Multiplicative Congruential Generator (MCG) PRNGs are a simplification of the SLCG PRNGs where c = 0 in equation 1. Several examples of generators using MCG exist, two of which are described in section 2 of this document. For clarity, the generator equation for a MCG is shown in equation 2.
= (ax1) mod m (2) 1.3 Vectorised Simple Linear Congruential Generator PR]"/Gs Here we present the mathematical basis of the Vectorised Simple Linear Congruential Generator (VSLCG), a modification to the SLCG that lends itself well to hardware based implementations. The VSLCG is governed by equation 3 where L is the vector length and 1 �= n �= L. X(11) = (ax(1fl) + c) mod m (3) In contrast to the SLCG, which uses one seed, the VSLCG uses L different seeds which initialise each of the L "virtual" PRNGs in the vectorised generator. In designing a VSLCG generator, consideration needs to be given to the choice of random seeds in addition to the choice of a and c such that the generator produces a valid pseudo random sequence.
1.4 Generalised Feedback ShUt Registers Tausworthe, in 1965, proposed a pseudo random number generator based on a feedback shift register [T. R. C. Random numbers generated by linear recurrence modulo two.
Mathematics of computation, 19:201-209,1965].
A schematic example of such a generator is shown in figure 1. However, other configurations are commonly used. In its basic form, each location contains one bit meaning the generator operates with modulo 2 arithmetic. This brings a number of limitations: for example, to produce a DTV bit number, where DW > 1, DW iterations of the shift register are required meaning for a single generator numbers are produced at a rate fe/k / DW, significantly lower than the clock rate f,k. Despite this limitation, the feedback shift register architecture is commonly used as a means of generating random numbers, especially for hardware based implementations.
The Generalised Feedback Shift Register (GFSR), suggested by Lewis and Payne in 1973 [L. T. G. and P. W. H. Generalized feedback shift register pseudorandom number algorithm. Journal of the ACM, 20:456-468, 1973], expands on the original Tausworthe generator by using arithmetic with modulo greater than 2, that is using DW bits where DW �= 1 in each location of the shift register. The GFSR architecture therefore addresses the problem of the feedback shift register producing only one bit per clock cycle. The adapted architecture is shown in figure 2.
Twisted Generalized Feedback Shift Register (TGFSR) processors are a further enhancement to the GFSR, overcoming a number of problems with the standard two tap GFSR techniques by "twisting" the bit pattern in the feedback loop. The Mersenne Twister, described in section 2.3, is an example of a TGFSR generator. The architecture for the TGFSR is shown in figure 3 where block T represents the logic to perform the "twisting".
2. Example Algorithms 2.1 (Vectorised) Ran generator Numerical Recipes [W. H. Press, S. A. Teukolsky, W. T. Vetterling, and B. P. Flannery. Numerical Recipes. Cambridge University Press, third edition, 2007] detail a number of generators including Ran. Ran is classified as a Combined Generator because it combines a number of PRNG techniques including SLCG and MCG. Ran is described in Algorithm 1.
Algorithm I Pseudo code for Ran int64 u = initu; int64 v = initv; irit64 w initw; intG4 ci 2062933555777941757, c2 7046029254386353087; int64 c3 = 4294957665; function ran () U u * ci + c2; v = v XOR (v > 17); // v = v XOR (v 31); // logic block Ip1U v -v XOP. (v > 8); // I w = c3* (w AND Oxffffffff) // multiplier � (w >> 32) // logic block 1p2' x = U XOR (u < 21); 1/ I x = x XOR (x >> 35); // logic block flp3 x=xXOR (x4); // return (x + v) XOR w;// I Pseudo code for the new Vectorised Ran generator is shown in algorithm 2. The vectorised form is arrived at by noticing that line 5 of algorithm 2 fon-ns a SLCG (see section 1) and that lines 9-10 form a MCG (see section 1.2). Note that the Vectorised Ran generator is equivalent to Ran if L = 1.
Algorithm 2 Pseudo code for Vectorised Ran, pipeline length L = 5 intG4 ci = 2862933555777941757, c2 = 7046029254386353087; intG4 c3 4294957665; L 5; cnt 0; 1/ initialise for (cnt 0 to L-1) u [cnt] = initu (cnt] v(cnt] = initv(cnt] w[cnt] initw(cnt] function VeetorisedRan() u[cnt] ufcnt] * ci + c2; v[cnt] v[cnt] XOR (v[cnt] >> 17); // I v[cnt] = v[cnt] XOR (v[cnt] < 31); 7/ v[ant] v[dnt] XOR (v[cnt] >> 8); 7/ w[cnt] c3* (w[cnt) AND Oxffffffff) 7/ multiplier + (.Y[cnt] >> 32) ; 7/ "p2" x = u[cnt] XOP. Cu << 21); 7/ I x = x XOR Cx >> 35); 7/ j "p3" x=xXOR(x<<4); I/I Cx + v[cnt]) XOR w[crit] ;// I cnt = (cnt + 1) mod L; return x 2.2 (Vectorised) Minimal Standard generator Park and Miller [P. S. K and M. K. W. Random number generators: Good ones are hard to find Communications oftheACM,31:1192-1201, 1988.] in 1988, proposed a "Minimal Standard" PRNG based on the MCG technique described in section 2.2. The generator is based on equation 1 with c = 0, a = 75 = 16807 and m = 2' -1 = 2147483647. Substituting these values into equation 1, the generation of samples is then governed by equation 4.
x11 = (75 x,)rnod 2' -1 (4) Pseudo code for Park and Miller's "Minimal Standard" PRNG is shown in algorithm 3.
Algorithm 3 Pseudo code for Minimal Standard a = 1G807; m 2147483G47; x = seed; function ran() x = x * a) mod m; return x; The new Vectorised Minimal Standard generator is governed by equation 5 where L is the total vector length and 1 < n �= L. X(i+ln) = (75x(,,))mod231 -1 (5) Pseudo code for the Vectorised Minimal Standard generator is given in algorithm 4.
Note that the Vectorised Minimal Standard generator is equivalent to the Minimal Standard Generator if L = 1.
Algorithm 4 Pseudo code for Vectorised Minimal Standard, pipeline length L 5 a 1GO7; m 21474O347; L 5 cnt = 0; // Initialise seeds for (ant = 0 to L-l) x[cnt] = seed[cnt] function VectorisedMinimaiStanclard 0 x[cnt] = (x[cnt] * a) mod in; ret = x[cnt] ant = (ant + 1) mod L return ret; 2.3. Mersenne Twister Mersenne Twister (MT) is an adaptation of previously published Twisted Generalized Feedback Shift Register (TGFSR) generators [M. Matsumoto and Y. Kurita. Twisted gfsr generators. ACM Trans. Model. Comput. Simul., 2(3): 179-194, 1992] [M.
Matsumoto and Y. Kurita. Twisted gfsr generators ii. ACM Trans. Model. Comput.
Simul., 4(3):254-26] such that the period is a Mersenne prime, that is, a prime number that satisfies 2' -1 where n is an integer. MT was proposed in 1998 by Matsuinoto and Nishimura [M. Matsumoto and T. Nishimura. Mersenne twister: A623-dimensionally equidistributed uniform pseudo-random number generator. ACM Transactions on Modeling and Computer Simulation, 8:3-30, January 1998], with a correction published in 2002 by Matsumoto [Home page of makoto matsumoto.
http://www.math.sci.hiroshima-u.ac.jp/ m-mat/eindex.html]. Reference C code for the MT, along with a wealth of additional information relating to random numbers is available from Matsumoto's web site at Hiroshima University [Home page of makoto matsumoto. http://www.math.sci.hiroshima-u.ac.jp/ m-mat/eindex.html] MT is summarised in Algorithm 5. The parameters w, N, M, r, A, u, s, B, t, C and 1 allow the algorithm to be adapted for different periods. The original publication [M. Matsumoto and T. Nishimura. Mersenne twister: A 623-dimensionally equidistributed uniform pseudo-random number generator. ACM Transactions on Modeling and Computer Simulation, 8:3-30, January 1998.] describes how to set these parameters, and provide sets that give good results for periods of 219937 -1 (named MT19937) and 211213 -1 (named MT1 1213), which use shift registers of length n = 624 and n = 351 respectively. In a hardware implementation, it is therefore possible to trade off memory for a shorter period. The computation is performed using bit shift, OR and XOR operations on values read from a feedback shift register formed using array rnt[] of length N. Algorithm 5 Pseudo code for Mersenne Twister 19937 N = 397; N 624; A = Ox99O8BODF; B = Ox9D2C5G8O; C = OxEFCG0000; r = 31; u 11; s = 7; t 15; 1 18; array mt [N]; 7/ preset array for shift register mti = N � 1; 7/ initial value for counter MU = Ox80000000UL 7/ most significant w-r bits ML Ox7fffffffUL // least significant r bits function genrand_int 32 (void) unsigned integsr y; array magO1[2](O,A}; if (mti >= N) { 1/ logic block rigiD for (kk=O to N-N-i) y = (mt [kk] AND MU) OR (tnt [kk�i] AND ML); tnt [kk] = tnt [kk�M] XOR (y>>l) XOR macjUl [y AND 1]; for (kk = N-M to N-2) ( y (tnt [kk] AND MU) OR (tnt [kk+i] AND ML) tnt [kk] tnt [kk+ (M-N)] XOR (y>>l) XOR magOl [y & 1]; y = (mt[N-lJ AND MU)OR (mt[O] AND ML); tnt [N-i] tnt [N-i] XOR (y>>i) XOR magOl [y AND 1]; mti = 0; y = tnt [mti] nti mti + 1; y = y XOR (y >> u); 7/ Tempering y = y XOR (y cc s) AND B; 7/ logic block "p2t y = y XOR (y cc t) AND C; 1/ y = y XOR (y >> 1); // return (y); 3. Processors 3.1 Vectorised SLCG Processors Hardware designs generally aim to achieve a good speed:area ratio, the higher the ratio the better. For hardware based multiplication and addition operations, such as those required in SLCG algorithms, the best speed:area ratio is usually achieved using pipelined arithmetic units.
For this reason, SLCG and MLG generators cannot generally be implemented efficiently in hardware. The reason becomes clear by inspection of the generator equation 3 which requires the output to be immediately fed back into the input. In the pseudo code, this leads to, for example, x being on both sides of the generator equation.
In a strict implementation of the Ran and Minimal Standard algorithms, poor hardware utilisation results because a valid sample can only be obtained every L clock cycles, where L is the total latency of the multiplier-adder pipeline. The resource utilisation of the arithmetic units is therefore 1 / L for the non vectorised case.
The new Vectorised processors presented here are able to produce an output sample on every clock cycle, meaning 100% resource usage is obtained. Although the Vectorised algorithms are not identical to the standard versions, the output is still a valid pseudo random sequence. However, the exact numbers in the data sequences will differ between the standard and vectorised versions.
Figure 4 shows functionally equivalent logic for the pipelined multiplication and addition units used in the vectorised processors. For clarity, the presence of the pipeline stage is represented with a "" symbol in the basic arithmetic symbol on subsequent diagrams.
The output of the vectorised processors is: X(11), X(12) .X(lL), X(21) *X(2L)... (6) where X(j7) represents the i th sample from the virtual random number generator n, 1 �= n �= L. Each pipeline stage is seeded with a different seed during the reset process, each seed corresponding to one of the L virtual random number generators.
Multiplexers, shown in figure 5, facilitate loading initial values. The initialisation of the processor is also shown in figure 5.
3.2. Processor for (Vectorised) Simple Linear Congruential Generator Figure 7 shows the processor for the Vectorised Simple Linear Congruential Generator.
Figure 8 shows a variation of the processor which facilitates feeding forward a variable value of c. The Combined Generator Ran, described in algorithm 1, can be implemented using a combination of the processors shown in figures 7 and 8 along with some additional logic. The full hardware architecture for Ran is shown in figure 6. The processor is able to implement non vectorised, that is SLCG generators, at processing rate of one sample every L clock cycles.
3.3 Processor for (Vectorised) Multiplicative Congruential Generator The processor for Vectorised Multiplicative Congruential Generators (VMCG) is shown in figure 9. The processor is able to implement non vectorised, that is MCG generators, at processing rate of one sample every L clock cycles.
3.4 Processor for Generalised Feedback Shift Register PRNGs Figure 10 shows the processor for Generalised Feedback Shift Register PRNGs. The address generator CONT together with the dual port RAM RAM form the tapped feedback shift register. The two RAM outputs doa and dob supply the logic blocks p1 and p2, which perform logic operations specific to the algorithm. For Mersenne Twister, these are indicated in algorithm 3 as p1 and p2 respectively. The dual port RAN'! provides a read-before-write facility on port a to prevent contention between dia and doa.
One DW bit random number is generated per clock cycle, and the startup latency is equal the number of pipeline stages in p2.
No doubt many other effective alternatives will occur to the skilled person. It will be understood that the invention is not limited to the described embodiments and encompasses modifications apparent to those skilled in the art lying within the spirit and scope of the claims appended hereto.
Glossary AS C Application Specific Integrated Circuits
FPGA Field Programmable Gate Anay
GFSR Generalised Feedback Shift Register MCG Multiplicative Congruential Generator MD5 Message-Digest algorithm 5 MT Mersenne Twister SLCG Simple Linear Congruential Generator TGFSR Twisted Generalised Feedback Shift Register VLSI Very Large Scale Integration VMCG Vectorised Multiplicative Congruential Generator VSLCG Vectorised Simple Linear Congruential Generator

Claims (15)

  1. CLAIMS: 1. A random number generator hardware architecture, comprising: at least one random seed input for providing a plurality of random seeds; a select block having first and second inputs and an output, said first input being coupled to said random seed input; a pipelined data processing block having an input coupled to said select block output and having a feedback path in which a feedback output from said pipelined data processing block is fed back to said second input of said select block, and having a random data output; and a control unit to control said select block to couple said first input of said select block to said select block output to load said plurality of random seeds into successive pipeline stages of said pipelined data processing block, and to then couple said second input of said select block to said select block output to feedback data output from said pipelined data processing block to said input of said pipelined data processing block.
  2. 2. An architecture as claimed in claim 1 wherein a number of said random seeds loaded into said pipelined data block is less than a number of pipeline stages between said input of said pipelined data processing block and said feedback output of said pipelined data processing block.
  3. 3. An architecture as claimed is claim 2 wherein a number of said random seeds loaded into said pipelined data block is one less than a number of pipeline stages between said input to said feedback output of said pipeline data processing block.
  4. 4. An architecture as claimed in claim 1, 2 or 3 wherein random numbers are provided by data from said random data output.
  5. 5. An architecture as claimed in claim 1, 2, 3 or 4 comprising a plurality of sets of said processing and select blocks, and a data combiner coupled to each respective random data output to provide a random number output.
  6. 6. An architecture as claimed in any preceding claim further comprising a random seed store coupled to said random seed input and storing said plurality of random seeds.
  7. 7. An architecture as claimed in any preceding claim wherein said processing block comprises a multiplier configured to overflow by wrapping around.
  8. 8. A method of implementing a random number generator using pipelined hardware, the method comprising loading said pipelined hardware with a plurality of different random number seeds such that different stages of said pipelined hardware implement random number generation using different said seeds.
  9. 9. A method as claimed in claim 8 wherein said pipelined hardware has feedback and wherein pipeline stages of said hardware are utilised such that each pipeline stage defines one or more random numbers of a sequence of said random numbers.
  10. 10. A method as claimed in claim 8 or 9 comprising seeding each pipeline stage of said hardware with a different seed and then feeding back an output of said hardware to an input of said hardware.
  11. 11. A random number generator using pipelined hardware, the random number generator comprising means for loading said pipelined hardware with a plurality of different random number seeds such that different stages of said pipelined hardware implement random number generation using different said seeds.
  12. 12. A hardware architecture configured to implement a Mersenne Twister pseudo random number generator, the architecture comprising: a dual-ported memory having two address bus inputs, a data bus input and two data bus outputs; a first logic block having an input coupled to a first of said data bus outputs and having an output coupled to said data bus input of said dual-ported memory; a second logic block having a first input coupled to said output of said first logic block, a second input coupled to a second of said data bus outputs and having an output to provide a pseudo-random number; and a controller having a clock input and first and second control outputs to drive said address bus inputs of the dual-ported memory, wherein said controller is configured to control said dual-ported memory as a dual-ported circular buffer.
  13. 13. A hardware architecture as claimed in claim 12 wherein said first and second logic blocks comprise pipelined logic blocks.
  14. 14. A method of implementing a Mersenne Twister pseudo random number generator in hardware, the method using a dual-ported circular buffer with first and second data bus outputs to provide data to respective first and second chained logic block and feeding back an output from said chained logic blocks to a write input of said dual-ported circular buffer.
  15. 15. A Mersenne Twister pseudo random number generator, the pseudo random number generator comprising a dual-ported circular buffer with first and second data bus outputs to provide data to respective first and second chained logic block, and an output from said chained logic blocks fed back to a write input of said dual-ported circular buffer.
GB0821230.0A 2008-11-20 2008-11-20 Random number generator circuits Active GB2465419B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0821230.0A GB2465419B (en) 2008-11-20 2008-11-20 Random number generator circuits

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0821230.0A GB2465419B (en) 2008-11-20 2008-11-20 Random number generator circuits

Publications (3)

Publication Number Publication Date
GB0821230D0 GB0821230D0 (en) 2008-12-31
GB2465419A true GB2465419A (en) 2010-05-26
GB2465419B GB2465419B (en) 2013-12-11

Family

ID=40230572

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0821230.0A Active GB2465419B (en) 2008-11-20 2008-11-20 Random number generator circuits

Country Status (1)

Country Link
GB (1) GB2465419B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3217662A4 (en) * 2014-11-27 2017-11-29 Huawei Technologies Co., Ltd. Rate matching method and apparatus for polar code, and wireless communication device
WO2022253287A1 (en) * 2021-06-04 2022-12-08 寒武纪(西安)集成电路有限公司 Method for generating random number, and related product thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5983252A (en) * 1997-01-17 1999-11-09 Picturetel Corporation Pseudo-random number generator capable of efficiently exploiting processors having instruction-level parallelism and the use thereof for encryption
US20040064491A1 (en) * 2002-09-30 2004-04-01 Rarick Leonard D. Continuous random number generation method and apparatus
WO2009074889A1 (en) * 2007-12-12 2009-06-18 Nds Limited Bit generator

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5983252A (en) * 1997-01-17 1999-11-09 Picturetel Corporation Pseudo-random number generator capable of efficiently exploiting processors having instruction-level parallelism and the use thereof for encryption
US20040064491A1 (en) * 2002-09-30 2004-04-01 Rarick Leonard D. Continuous random number generation method and apparatus
WO2009074889A1 (en) * 2007-12-12 2009-06-18 Nds Limited Bit generator

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3217662A4 (en) * 2014-11-27 2017-11-29 Huawei Technologies Co., Ltd. Rate matching method and apparatus for polar code, and wireless communication device
RU2663351C1 (en) * 2014-11-27 2018-08-03 Хуавэй Текнолоджиз Ко., Лтд. Polar code rate matching method and device and wireless communication device
US10374754B2 (en) 2014-11-27 2019-08-06 Huawei Technologies Co., Ltd. Polar code rate matching method and apparatus, and wireless communications device
WO2022253287A1 (en) * 2021-06-04 2022-12-08 寒武纪(西安)集成电路有限公司 Method for generating random number, and related product thereof

Also Published As

Publication number Publication date
GB2465419B (en) 2013-12-11
GB0821230D0 (en) 2008-12-31

Similar Documents

Publication Publication Date Title
Ansari et al. High-performance architecture of elliptic curve scalar multiplication
Tian et al. Mersenne twister random number generation on FPGA, CPU and GPU
Wang et al. FPGA implementation of a large-number multiplier for fully homomorphic encryption
Wang et al. VLSI design of a large-number multiplier for fully homomorphic encryption
Huang et al. A novel and efficient design for an RSA cryptosystem with a very large key size
Bauke et al. Random numbers for large-scale distributed Monte Carlo simulations
Cao et al. Accelerating fully homomorphic encryption over the integers with super-size hardware multiplier and modular reduction
Nandapalan et al. High-performance pseudo-random number generation on graphics processing units
Fan et al. Parallelization of RSA algorithm based on compute unified device architecture
Shivdikar et al. Accelerating polynomial multiplication for homomorphic encryption on GPUs
GB2580150A (en) Pseudo-random number generator
Gonzalez-Diaz et al. A pseudorandom number generator based on time-variant recursion of accumulators
Livesay et al. Accelerating finite field arithmetic for homomorphic encryption on GPUs
Nedjah et al. Massively parallel modular exponentiation method and its implementation in software and hardware for high-performance cryptographic systems
GB2465419A (en) Pseudo random number generator architecture using pipelined processing blocks
Batina et al. Montgomery in practice: How to do it more efficiently in hardware
Dalal et al. A hardware framework for the fast generation of multiple long-period random number streams
Hani et al. FPGA implementation of RSA public-key cryptographic coprocessor
Banks et al. FPGA implementation of pseudo random number generators for Monte Carlo methods in quantitative finance
KR20050057010A (en) Method and apparatus for processing arbitrary key bit length encryption operations with similar efficiencies
L’Ecuyer et al. Random numbers for parallel computers: requirements and methods
L'Écuyer et al. Random numbers for parallel computers: Requirements and methods, with emphasis on gpus
Mocanu et al. Global feedback self-programmable cellular automaton random number generator
EP4295224A1 (en) High clock-efficiency random number generation system and method
Brent Fast and reliable random number generators for scientific computing