Towards an Oscillator Based TRNG with a Certified Entropy Rate

We describe a practical and efficient method to estimate the entropy rate of a TRNG based on free running oscillators that does not require outputting and analyzing the clock signals with external equipment. Rather it relies on very simple computations that can be embedded in any logic device such as FPGA or ASIC. The method can be used for the calibration of an oscillator based TRNG or for online certification of its entropy rate. Our approach, which is inspired by the coherent sampling method, works under the general assumption that the period jitter is small compared to the period of the generated clock signal. We show that, in this case, it is possible to measure the relative phase between clocks of two oscillators with far higher precision than the time resolution given by the period of any internal clock signal. We use this observation to recover, under some reasonable heuristics, the distribution of the random walk component of the jitter, from which it is possible to obtain a lower bound on the entropy rate of the TRNG. Our method was thoroughly tested in simulations and in hardware. At the end of the paper, we draw some conclusions and make recommendations for a reliable implementation of TRNGs in cryptographic applications.

[1]  John Kelsey,et al.  Recommendation for Random Number Generation Using Deterministic Random Bit Generators , 2014 .

[2]  Hao Zheng,et al.  Design and Implementation of a True Random Number Generator Based on Digital Circuit Artifacts , 2003, CHES.

[3]  David Lubicz,et al.  On the Security of Oscillator-Based Random Number Generators , 2011, Journal of Cryptology.

[4]  A. Hajimiri,et al.  Jitter and phase noise in ring oscillators , 1999, IEEE J. Solid State Circuits.

[5]  E. Rubiola,et al.  Phase Noise and Frequency Stability in Oscillators , 2008 .

[6]  Wolfgang Maichen Digital Timing Measurements: From Scopes and Probes to Timing and Jitter , 2006 .

[7]  Viktor Fischer,et al.  Modeling and observing the jitter in ring oscillators implemented in FPGAs , 2008, 2008 11th IEEE Workshop on Design and Diagnostics of Electronic Circuits and Systems.

[8]  Samuel Karlin,et al.  A First Course on Stochastic Processes , 1968 .

[9]  Viktor Fischer,et al.  A Closer Look at Security in Random Number Generators Design , 2012, COSADE.

[10]  Werner Schindler,et al.  A Closer Look at Security in Random Number Generators Design , 2012 .

[11]  Bruno Robisson,et al.  Contactless Electromagnetic Active Attack on Ring Oscillator Based True Random Number Generator , 2012, COSADE.

[12]  Holger Bock,et al.  An Offset-Compensated Oscillator-Based Random Bit Source for Security Applications , 2004, CHES.

[13]  Mukarram Ahmad,et al.  Continued fractions , 2019, Quadratic Number Theory.

[14]  J. Kingman A FIRST COURSE IN STOCHASTIC PROCESSES , 1967 .

[15]  Berk Sunar,et al.  A Provably Secure True Random Number Generator with Built-In Tolerance to Active Attacks , 2007, IEEE Transactions on Computers.

[16]  Simon W. Moore,et al.  The Frequency Injection Attack on Ring-Oscillator-Based True Random Number Generators , 2009, CHES.