WO2018122240A1 - Procédé de génération de nombres aléatoires matérielle résistant à l'environnement - Google Patents

Procédé de génération de nombres aléatoires matérielle résistant à l'environnement Download PDF

Info

Publication number
WO2018122240A1
WO2018122240A1 PCT/EP2017/084611 EP2017084611W WO2018122240A1 WO 2018122240 A1 WO2018122240 A1 WO 2018122240A1 EP 2017084611 W EP2017084611 W EP 2017084611W WO 2018122240 A1 WO2018122240 A1 WO 2018122240A1
Authority
WO
WIPO (PCT)
Prior art keywords
analog
noise
signals
noise source
digital
Prior art date
Application number
PCT/EP2017/084611
Other languages
English (en)
Inventor
Jorge Guajardo Merchan
Paulius Duplys
Christopher Huth
Original Assignee
Robert Bosch Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Robert Bosch Gmbh filed Critical Robert Bosch Gmbh
Priority to KR1020197018498A priority Critical patent/KR20190097075A/ko
Priority to CN201780081533.9A priority patent/CN110100234A/zh
Priority to EP17823168.4A priority patent/EP3563229A1/fr
Publication of WO2018122240A1 publication Critical patent/WO2018122240A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes

Definitions

  • the present invention relates to random number generators (RNG) and more particularly to a system and method for implementing a true random number generator (TRNG).
  • RNG random number generators
  • TRNG true random number generator
  • This random number can be used in electronics and computing applications and aspects can be applied in probability, statistics, or numerical analysis.
  • Example applications can include generation of data-encryption keys, simulation and modeling, random sample selection from large data sets, or gaming applications.
  • the simulation can be wireless channel simulation (e.g., the random number is used for multiple iterations of a simulated loop) and/or simulation of white noise on a modeled electronic circuit or photonic system.
  • Random numbers are created by a random number generator.
  • a True Random Number Generator TRNG
  • PRNG Pseudo Random Number Generator
  • a PRNG is an algorithm that given some "seed” will produce a deterministic sequence of pseudo random numbers and is also known as a Deterministic Random Bit Generator (DRBG).
  • DRBG Deterministic Random Bit Generator
  • the PRNG generates random numbers using a deterministic process (that is, predictable given knowledge of the process) to generate a series of outputs derived from an initial seed state. That initial seed state is best if provided from a true random number generator.
  • Most "random" number sources used in systems today are built in software and are based upon a pseudo-random generator.
  • PRNGs have historically been faster than TRNGs but PRNGs cannot generate a true random number because PRNGs employ deterministic algorithms. Thus, if the seed can be determined, the supposedly random numbers can be deterministically known
  • Entropy is in general a measure of disorder in a physical system. In this specification, entropy refers to a measure of how unpredictable the measured properties of the entropy source are.
  • a TRNG can only be built using a HW-based "entropy source” and can produce a nondeterministic sequence of truly random numbers.
  • the TRNG is often used to "seed" software PRNGs and is also known as a Nondeterministic Random Bit Generator (NRBG).
  • NRBG Nondeterministic Random Bit Generator
  • the TRNG generates random numbers from a physical non-deterministic entropy source, such as white noise generated by a resistor, diode, or other electronic device, the time between radioactive particle decay, or other signal source that is essentially random.
  • PRNGs pseudorandom number generators
  • PRNGs software programs commonly used in computers to generate "random” numbers.
  • PRNGs use a deterministic algorithm to produce numerical sequences. Although these pseudorandom sequences pass statistical pattern tests for randomness, by knowing the algorithm and the conditions used to initialize it, called the "seed", the output can be predicted.
  • a dedicated TRNG is oftentimes not available on resource-constrained and/or space limited devices, such as mobile or portable electronic devices including phones, tablets and the like, for various reasons.
  • resource-constrained devices such as mobile or portable electronic devices including phones, tablets and the like
  • the monitoring equipment for certain physical processes can tend to be bulky, which makes it unsuitable for space limited applications.
  • TRNG that can be implemented in resource-constrained and space limited devices that can produce high-quality random numbers in a cost- effective and space conserving manner in a way that is not sensitive to the
  • a true random number generator (TRNG) system includes a first noise source configured to generate first analog noise signals and a second noise source identical to the first noise source and configured to generate second analog noise signals.
  • An analog comparator receives the first analog noise signals and the second analog noise signals as inputs and outputs digital signals based on comparisons of the first analog noise signals and the second analog noise signals.
  • a conversion system receives the digital signals and generates a random bit stream signal from the digital signals.
  • An output pin is coupled to receive the random bit stream signal from the conversion system.
  • a method of generating a true random number includes outputting first analog noise signals from a first noise source, and outputting a second analog noise signals from a second noise source, the second noise source being identical to the first noise source.
  • the first analog noise signals and the second analog noise signals are compared with an analog
  • Digital signals are output from the analog comparator which are indicative of the comparisons of the first analog noise signals and the second analog noise signals.
  • the digital signals are converted to a random bit stream signal using a conversion system, and the random bit stream signal is outputted.
  • TRNG system includes a first noise source configured to generate first analog noise signals, and a second noise source identical to the first noise source and configured to generate second analog noise signals.
  • a differential amplifier receives the first analog noise signals and the second analog noise signals as inputs and outputs amplified difference signals indicative of a difference between the first analog noise signals and the second analog noise signals.
  • An analog comparator receives the amplified difference signals, compares the analog difference signals to an analog reference signal and outputs digital signals based on the comparisons.
  • a conversion system receives the digital signals and generates a random bit stream signal from the digital signals. An output connections is coupled to receive the random bit stream signal from the conversion system.
  • FIG. 1 depicts a first embodiment of a true random number generation (TRNG) system 12.
  • the TRNG system 12 includes a first noise source 14, a second noise source 16, an analog comparator 22 and a conversion system 24.
  • the TRNG system 12 is implemented in a resource-constrained device 10, such as a mobile phone, tablet or other type of portable electronic device.
  • the components of the TRNG system 12 can be implemented in any suitable combination of hardware, software, firmware, or combinations thereof on the resource-constrained device.
  • the first noise source 14 and the second noise source 14 are configured to output or generate first and second noise signals, respectively.
  • the first and second noise sources 14, 16 comprise unconnected analog pins.
  • the noise signals are indicative of the voltages at the respective pins.
  • the term "unconnected” means that the pins are not electronically connected to an external source or influence. Therefore, the voltages at the analog pins in theory should be 0 V.
  • the ambient environmental conditions such as temperature, can add "noise", such as thermal noise, to the voltage present at the pins.
  • the thermal noise influencing the voltages at the analog pins is random. This randomness is used by the system as entropy for generating true random numbers.
  • the analog pins 14, 16 are identical for all intents and purposes. Because the pins are essentially identical, they will be equally affected by environmental bias.
  • the analog pins may be incorporated onto a circuit board.
  • other components which are susceptible to environmental bias can be used to generate noise signals.
  • resistors, diodes, and the like can be used to provide noise signals.
  • the components used for both the first noise source and the second noise source are identical.
  • the resistors or diodes should have the same specifications and should preferably be from the same manufacturer so that the environmental influence on the components can be expected to be the same.
  • the noise signals may be amplified.
  • the first noise source further comprises a first amplifier 18 that receives the noise signal (i.e., voltage) from the first analog pin 14, and the second noise source further comprises a second amplifier 20 that receives the noise signal from the second analog pin 16.
  • the amplifiers 18, 20 comprise op-amps with the inputs tied together. Preferably, the amplifiers have the same gain.
  • the amplified noise signals enable a higher sampling rate.
  • the amplified noise signals are fed to the analog comparator 22.
  • the first noise signal is connected to a first input of the analog comparator 22, and the second noise signal is connected to a second input of the analog comparator 22.
  • the output of the analog comparator 22 is a digital signal which alternates between a high and low value depending on which of the voltages at the inputs is greater. Because both noise signals are affected by the same bias, e.g., temperature, this bias gets canceled out.
  • the digital signal output by the comparator 22 is supplied to the conversion system 24.
  • the conversion system 24 is configured to generate a random number stream 30 from the digital signals received from the comparator 22.
  • the random number stream 30 is supplied to an output connection, such as an output pin, where it is made available to other systems and applications.
  • the conversion system 24 includes any necessary components for generating the random number stream from the digital signals, such as shift registers, flip-flops, latches, counters, and the like.
  • the digital signal output by the comparator 22 is the digital signal output by the comparator 22
  • the conversion system 24 may be configured to extract certain bits from the 10-bit signals for use in generating the random number stream 30. In one embodiment, the conversion system 24 is
  • the conversion system 24 may be coupled to receive a reference clock signal which can be used for timing the reading of the bits of the digital signal.
  • FIG. 2 depicts another embodiment of TRNG system 12'.
  • TRNG system 12' comprises a first noise source 14, a second noise source 16, a differential amplifier 28, and an analog comparator 22.
  • the first and second noise sources 14, 16 may comprise unconnected analog pins (or alternatively other suitable components).
  • the first and second noise signals output by the first and second noise sources 14, 16 are supplied to the inputs of the differential amplifier 28.
  • the differential amplifier 28 outputs an amplified signal which is proportional to the difference between the voltages at the inputs of the amplifier.
  • the amplified difference signal is supplied to a first input of the analog comparator 22.
  • the second input of the analog comparator 22 is connected to receive a reference voltage signal.
  • the reference voltage is 0 V.
  • the reference voltage is provided by reference voltage source 32 as a digital voltage.
  • the digital reference voltage 32 is converted to an analog voltage signal by a digital to analog (D/A) converter 34.
  • the output of the D/A converter 34 is supplied to the second input of the analog comparator 22.
  • the digital reference voltage source is in the same device 10' as the first and second noise sources 14, 16 so they are affected by the same environmental bias. Similar to above, the output of the analog comparator 22 is a digital signal which alternates between a high and low value depending on which of the voltages at the inputs is greater. Because both noise signals are affected by the same bias, e.g., temperature, this bias gets canceled out.
  • FIG. 3 is graph of actual 10-bit measurements yielded by the comparator 22. The measurements are indicated by the jagged line in the graph. As can be seen, the digital output of the comparator still exhibits bias in the form of a sine curve. With postprocessing, this sine can be removed.
  • the conversion system may be configured to implement any suitable kind of post-processing, such as Fast Fourier transforms, to eliminate bias from the digital signal output by the comparator.
  • the output of the conversion system 24 in the embodiments described above is a random number stream or random bit stream 30.
  • the random number stream 30 can be supplied to other systems for use in different applications.
  • the TRNG system may be configured to supply the random number stream 30 to a cryptographic system 26.
  • the cryptographic system 26 can use the random number stream to generate cryptographic keys, as known in the art.
  • the cryptographic key can be used for data encryption and decryption, digital signature verification, digital signature creation, message authentication, key transport, key wrapping, and the like.
  • the least significant bit of the measurement signals may be used to generate a stream of random bits.
  • ten million measurements were performed and the least significant bit was extracted from the measurement signals to generate a random bit stream for testing.
  • the ten million bits were tested using the National Institute of Standards and Technology (NIST) Statistical Test Suite. The generated random bit stream passed these tests.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Analogue/Digital Conversion (AREA)

Abstract

L'invention concerne un système de générateur de nombres aléatoires matériel (TRNG) comprenant une première source de bruit conçue pour générer des premiers signaux de bruit analogique et une seconde source de bruit identique à la première source de bruit et conçue pour générer des seconds signaux de bruit analogique. Un comparateur analogique reçoit les premiers signaux de bruit analogique et les seconds signaux de bruit analogique en tant qu'entrées et émet en sortie des signaux numériques en fonction de comparaisons des premiers signaux de bruit analogique et des seconds signaux de bruit analogique. Un système de conversion reçoit les signaux numériques et génère un signal de train de bits aléatoires à partir des signaux numériques. Une broche de sortie est couplée afin de recevoir le signal de train de bits aléatoires provenant du système de conversion.
PCT/EP2017/084611 2016-12-30 2017-12-27 Procédé de génération de nombres aléatoires matérielle résistant à l'environnement WO2018122240A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
KR1020197018498A KR20190097075A (ko) 2016-12-30 2017-12-27 환경 저항성의 진정한 난수 발생 방법
CN201780081533.9A CN110100234A (zh) 2016-12-30 2017-12-27 用于环境抵抗真随机数生成的方法
EP17823168.4A EP3563229A1 (fr) 2016-12-30 2017-12-27 Procédé de génération de nombres aléatoires matérielle résistant à l'environnement

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201662440763P 2016-12-30 2016-12-30
US62/440763 2016-12-30

Publications (1)

Publication Number Publication Date
WO2018122240A1 true WO2018122240A1 (fr) 2018-07-05

Family

ID=60915539

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/084611 WO2018122240A1 (fr) 2016-12-30 2017-12-27 Procédé de génération de nombres aléatoires matérielle résistant à l'environnement

Country Status (4)

Country Link
EP (1) EP3563229A1 (fr)
KR (1) KR20190097075A (fr)
CN (1) CN110100234A (fr)
WO (1) WO2018122240A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110808728A (zh) * 2019-11-19 2020-02-18 天津津航计算技术研究所 基于高速动态比较器的随机信号发生方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6070178A (en) * 1999-02-17 2000-05-30 Starium Ltd Generating random numbers from random signals without being affected by any interfering signals
US20040006580A1 (en) * 2002-05-08 2004-01-08 Miller Robert H. Random bit stream generation by amplification of thermal noise in a CMOS process
US20070011217A1 (en) * 2005-07-06 2007-01-11 Samsung Electronics Co., Ltd. Low-power random bit generator using thermal noise and method thereof

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3507886B2 (ja) * 2000-07-24 2004-03-15 新潟大学長 乱数発生方法
GB0603523D0 (en) * 2006-02-22 2006-04-05 Qinetiq Ltd Apparatus and method for generating random numbers
CN202970175U (zh) * 2012-06-01 2013-06-05 杭州双华智能家居有限公司 一种可增删钥匙的无钥匙进入智能锁
CN106020770B (zh) * 2016-05-23 2018-12-04 深圳华视微电子有限公司 一种基于电阻热噪声的真随机数发生器
CN106055307A (zh) * 2016-05-23 2016-10-26 深圳华视微电子有限公司 一种随机数发生器
CN105827396B (zh) * 2016-05-28 2019-01-18 浙江中星光电子科技有限公司 一种车载天线与机顶盒通信加密方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6070178A (en) * 1999-02-17 2000-05-30 Starium Ltd Generating random numbers from random signals without being affected by any interfering signals
US20040006580A1 (en) * 2002-05-08 2004-01-08 Miller Robert H. Random bit stream generation by amplification of thermal noise in a CMOS process
US20070011217A1 (en) * 2005-07-06 2007-01-11 Samsung Electronics Co., Ltd. Low-power random bit generator using thermal noise and method thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110808728A (zh) * 2019-11-19 2020-02-18 天津津航计算技术研究所 基于高速动态比较器的随机信号发生方法
CN110808728B (zh) * 2019-11-19 2023-10-20 天津津航计算技术研究所 基于高速动态比较器的随机信号发生方法

Also Published As

Publication number Publication date
EP3563229A1 (fr) 2019-11-06
CN110100234A (zh) 2019-08-06
KR20190097075A (ko) 2019-08-20

Similar Documents

Publication Publication Date Title
Garcia-Bosque et al. Chaos-based bitwise dynamical pseudorandom number generator on FPGA
Killmann et al. A proposal for: Functionality classes for random number generators
US8804949B2 (en) Method for protecting IC cards against power analysis attacks
Wang et al. Design of pseudo-random bit generator based on chaotic maps
US10142103B2 (en) Hardware assisted fast pseudorandom number generation
Kalanadhabhatta et al. PUF-based secure chaotic random number generator design methodology
Das et al. PUF-based secure test wrapper design for cryptographic SoC testing
Merah et al. A pseudo random number generator based on the chaotic system of Chua’s circuit, and its real time FPGA implementation
Liu et al. A true random-based differential power analysis countermeasure circuit for an AES engine
Lampert et al. Robust, low-cost, auditable random number generation for embedded system security
Wu et al. Design and implementation of true random number generators based on semiconductor superlattice chaos
Park et al. QEC: A quantum entropy chip and its applications
AL-khatib et al. Acoustic lightweight pseudo random number generator based on cryptographically secure LFSR
US8321773B1 (en) Hardware true random number generator in integrated circuit with tamper detection
Yu et al. Can deep learning break a true random number generator?
US20090327381A1 (en) True random number generator
Hao et al. Statistical tests and chaotic synchronization based pseudorandom number generator for string bit sequences with application to image encryption
US9836280B2 (en) Arrangement and method for checking the entropy of a random number sequence
Dubrova et al. Keyed logic BIST for Trojan detection in SoC
JP2003131867A (ja) 乱数生成装置
EP3563229A1 (fr) Procédé de génération de nombres aléatoires matérielle résistant à l'environnement
Kounelis et al. Run-time effect by inserting hardware trojans, in combinational circuits
Rajski et al. A lightweight true random number generator for root of trust applications
Tebelmann et al. On-chip side-channel analysis of the loop PUF
Latif et al. Hardware-based random number generation in wireless sensor networks (WSNs)

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17823168

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 20197018498

Country of ref document: KR

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2017823168

Country of ref document: EP

Effective date: 20190730