The present disclosure generally relates to random number generators. More particularly, the present disclosure relates to a true random number generator with secure and improved entropy between generated sequence.
Background description includes information that can be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
A random number generator (abbreviated as RNG) is a computational or physical device designed to generate a sequence of numbers or symbols that lack any pattern, i.e., appear random. Computer-based systems for random number generation are widely used, but often fall short of this goal, though they may meet some statistical tests for randomness intended to ensure that they do not have any easily discernible patterns. Methods for generating random results have existed since ancient times, including dice, coin flipping, the shuffling of playing cards, the use of yarrow stalks in the I Ching, and many other techniques.
A hardware random number generator (abbreviated as HRNG) or true random number generator (TRNG) is a device that generates random numbers from a physical process, rather than by means of an algorithm. Such devices are often based on microscopic phenomena that generate low-level, statistically random “noise” signals, such as thermal noise, the photoelectric effect, involving a beam splitter, and other quantum phenomena. These stochastic processes are, in theory, completely unpredictable, and the theory's assertions of unpredictability are subject to experimental test. This is in contrast to the paradigm of pseudo-random number generation commonly implemented in computer programs.
Another important characteristic associated with TRNGs is a state of entropy associated with the randomness aspect of the numbers. In simple terms, entropy in a TRNG context can be said to refer to a lack of predictability as to the randomness aspect of the numbers. Thus, there is a need for a TRNG that has a lack of predictability associated with it.
In order to ensure the uniqueness of the random number sequence, the random number sequence generated by the random number generator may include random numbers exceeding the pre-set number, and the length of the machine random number sequence can be long. However, not all cases require a random number sequence whose length exceeds a pre-set value, and the length of the random number sequence is too long, and the random number sequence occupies a large space, which wastes computer memory for the computer. Therefore, it is necessary to generate a random number sequence having a reduced length of the random number sequence while maintaining the uniqueness of the random number sequence.
In particular, a True Random Number Generator (TRNG) block is used for generating raw random bits with high amount of uncorrelation in successive and collective data stream. A TRNG block can include two channels: a) Ring Oscillator (RO TRNG); or a b) Metastability (META TRNG). The data stream generated by RO TRNG and META TRNG is sampled in a digital domain using a sampling flop.
Attempts have been made in to provide an improved TRNG. However, a need in the art still exists to provide a reliable and efficient true random number generator with secure and improved entropy between generated sequence.
It is an object of the present invention to provide a true random number generator with secure and improved entropy between generated sequence.
It is another object of the present invention to provide a simple and cost effective true random number generator with secure and improved entropy between generated sequence.
It is another object of the present invention to provide a reliable and efficient true random number generator with secure and improved entropy between generated sequence.
It is another object of the present invention to provide a robust true random number generator with secure and improved entropy between generated sequence.
It is another object of the present invention to provide a secure storage mechanism for the robust true random number generator with secure and improved uncorrelation between the generated sequences.
The present disclosure generally relates to random number generators. More particularly, the present disclosure relates to a true random number generator with secure and improved entropy between generated sequence.
An aspect of the present disclosure pertains to an apparatus for generating random data. The random data can be numbers. The apparatus includes a ring oscillator, a metastable oscillator, a first circuitry, and an analogue circuitry. The ring oscillator has a ring oscillator output frequency selectable through a selectable input of the ring oscillator. The metastable oscillator has a metastable oscillator output frequency selectable through a selectable input of the metastable oscillator. The first circuitry has a ring oscillator (RO) chain size selection logic circuit. The analogue circuitry has a capacitor and a switch used for varying frequency of the ring oscillator. The switch is configured to be controlled by the selection logic circuit of the first circuitry.
In an aspect, the analogue circuitry is configured to vary the output frequency of the ring oscillator.
In an aspect, the RO chain size selection logic circuit is configured to generate random data based on the output frequency of the ring oscillator and the metastable oscillator.
In an aspect, the generated random data are encoded and scrambled before storage in a storage area.
In another embodiment, the apparatus further includes two or more ring oscillators, each of the ring oscillators configured to operate in tandem with the metastable oscillator, and the first circuitry to generate random data.
In another embodiment, the metastable oscillator further includes a plurality of multiplexers, and a plurality of inverters, the inverters being configured to define a size of the metastable oscillator.
In another embodiment, the chain size selection logic circuit is configured to control the size of the metastable oscillator.
In another embodiment, the chain size selection logic circuit comprises four output signals, which are randomly selected from a 256-bit random data type stored in a storage element.
In another embodiment, the randomly selected output of the chain selection logic is generated using a one-time programmable (OTP) memory block, and an XOR logic circuit.
In another embodiment, the four output signals of the RO chain size selection logic circuit is generated through an interaction of the XOR logic circuit on at least four bytes of 256-bits of the generated random data.
In another embodiment, the at least four random data are selected using the XOR logic circuit.
In another embodiment, the apparatus further comprises a plurality of resistors connected in series with the drain of associated Metal Oxide Silicon Field Effect Transistors (MOSFETS).
Another aspect of the present disclosure pertains to a method for generating random data. The method includes the steps of: selecting an output frequency of a ring oscillator, the output frequency selectable through a selectable input of the ring oscillator; selecting an output frequency of a metastable oscillator, the output frequency selectable through a selectable input of the metastable oscillator; varying the output frequency of the ring oscillator by a switch associated with an analogue circuitry; and generating random data at a communication circuit based on the output frequencies of the ring oscillator and the metastable oscillator.
In an embodiment, the switch varies the output frequency by a chain size selection logic.
In another embodiment, the method further includes the steps of: selecting the output frequencies through respective selectable inputs of the two of more ring oscillators; varying the output frequencies of the two or more ring oscillators by the switch associated with the analogue circuitry; and generating random data by an XOR combination of output frequencies of the two or more ring oscillators.
Various objects, features, aspects, and advantages of the inventive subject matter will become more apparent from the following detailed description of preferred embodiments, along with the accompanying drawing figures in which like numerals represent like components
The diagrams are for illustration only, which thus is not a limitation of the present disclosure, and wherein:
The following is a detailed description of embodiments of the disclosure depicted in the accompanying drawings. The embodiments are in such detail as to clearly communicate the disclosure. However, the amount of detail offered is not intended to limit the anticipated variations of embodiments; on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the present disclosure as defined by the appended claims.
If the specification states a component or feature “may”, “can”, “could”, or “might” be included or have a characteristic, that particular component or feature is not required to be included or have the characteristic.
As used in the description herein and throughout the claims that follow, the meaning of “a,” “an,” and “the” includes plural reference unless the context clearly dictates otherwise. Also, as used in the description herein, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise.
Exemplary embodiments will now be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments are shown. These exemplary embodiments are provided only for illustrative purposes and so that this disclosure will be thorough and complete and will fully convey the scope of the invention to those of ordinary skill in the art. The invention disclosed may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Various modifications will be readily apparent to persons skilled in the art. The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the invention. Moreover, all statements herein reciting embodiments of the invention, as well as specific examples thereof, are intended to encompass both structural and functional equivalents thereof. Additionally, it is intended that such equivalents include both currently known equivalents as well as equivalents developed in the future (i.e., any elements developed that perform the same function, regardless of structure). Also, the terminology and phraseology used is for the purpose of describing exemplary embodiments and should not be considered limiting. Thus, the present invention is to be accorded the widest scope encompassing numerous alternatives, modifications, and equivalents consistent with the principles and features disclosed. For purpose of clarity, details relating to technical material that is known in the technical fields related to the invention have not been described in detail so as not to unnecessarily obscure the present invention.
The use of any and all examples, or exemplary language (e.g., “such as”) provided with respect to certain embodiments herein is intended merely to better illuminate the invention and does not pose a limitation on the scope of the invention otherwise claimed. No language in the specification should be construed as indicating any non — claimed element essential to the practice of the invention.
The present disclosure generally relates to random number generators. More particularly, the present disclosure relates to a true random number generator with secure and improved entropy between generated sequence.
An aspect of the present disclosure pertains to an apparatus for generating random data. The random data can be numbers. The apparatus includes a ring oscillator, a metastable oscillator, a first circuitry, and an analogue circuitry. The ring oscillator has a ring oscillator output frequency selectable through a selectable input of the ring oscillator. The metastable oscillator has a metastable oscillator output frequency selectable through a selectable input of the metastable oscillator. The first circuitry has a ring oscillator (RO) chain size selection logic circuit. The analogue circuitry has a capacitor and a switch used for varying frequency of the ring oscillator. The switch is configured to be controlled by the selection logic circuit of the first circuitry.
In an aspect, the analogue circuitry is configured to vary the output frequency of the ring oscillator.
In an aspect, the RO chain size selection logic circuit is configured to generate random data based on the output frequency of the ring oscillator and the metastable oscillator.
In an aspect, the generated random data are encoded and scrambled before storage in a storage area.
In another embodiment, the apparatus further includes two or more ring oscillators, the XOR combined single output of the ring oscillators is configured to operate in tandem with the metastable oscillator, and the first circuitry to generate random data.
In another embodiment, the metastable oscillator further includes a plurality of multiplexers, and a plurality of inverters, the inverters being configured to define a size of the metastable oscillator.
In another embodiment, the chain size selection logic circuit is configured to control the size of the metastable oscillator.
In another embodiment, the chain size selection logic circuit comprises four output signals, which are randomly selected from a 256-bit random data type stored in a storage element.
In another embodiment, the randomly selected output of the chain selection logic is generated using a one-time programmable (OTP) memory block, and an XOR logic circuit.
In another embodiment, the four output signals of the RO chain size selection logic circuit is generated through an interaction of the XOR logic circuit on at least bytes of 256-bits of the generated random data.
In another embodiment, the at least four random data are selected using the XOR logic circuit.
In another embodiment, the apparatus further comprises a plurality of resistors connected in series with the drain of associated MOSFETS.
Another aspect of the present disclosure pertains to a method for generating random data. The method includes the steps of: selecting an output frequency of a ring oscillator, the output frequency selectable through a selectable input of the ring oscillator; selecting an output frequency of a metastable oscillator, the output frequency selectable through a selectable input of the metastable oscillator; varying the output frequency of the ring oscillator by a switch associated with an analogue circuitry; and generating random data at a communication circuit based on the output frequencies of the ring oscillator and the metastable oscillator.
In an embodiment, the switch varies the output frequency by a ring oscillator chain size selection logic circuit.
In another embodiment, the method further includes the steps of: selecting the output frequencies through respective selectable inputs of the two of more ring oscillators; varying the output frequencies of the two or more ring oscillators by the switch associated with the analogue circuitry; and generating random data by an XOR combination of output frequencies of the two or more ring oscillators.
Referring again to
Referring yet again to
Referring yet again to
In an embodiment, the apparatus 100 further involves a plurality of resistors connected in series with the drain of associated with MOSFETS (not shown).
Referring again to
The 256-bit random number stored in the register block 404 can be transferred to the OTP 402 when requested by the control unit 405. This number can be easily accessed and is vulnerable to security attacks from outside. The integrity of the TRNG 100 is only valid as long as the generated random number is not broken. For the purposes of this disclosure, the random number is called the private key in the text below and is used interchangeably. There are many layers at which the private key can be protected, such as at the physical level where in the material used is tamper-proof, and/or at the logical level where different functions are used to manipulate the private key from being revealed. It is envisioned that the present disclosure can also cover devices which need that extra level of security to prevent attackers from getting the private key. The protection happens at the logical level using various methods as enumerated or can be appreciated herein.
Secrecy of the private key is paramount and hence concealing the key even through memory attacks should be handled. To achieve this, instead of storing the private key itself, an encoded key is provisioned. The encoding is achieved in a two-step method. In the first step the private key is left shifted by the number of bits denoted by the location at which the private key byte is to be stored. For example, if the location of the byte stored is stored at 45(00101101). The LSB 3 bits are 101 which is 5. The private key is left shifted by 5.
The random order of key retrieval from the storage can thus be realized. The order in which the private key is retrieved from the storage is randomized which creates almost 232 possibilities for the correct private key. The exact order can be known only to the block reading the private to form the entire 256-bit key. Snooping internally will thus render futile with this mechanism.
In an embodiment, fragmenting the 256-bit private key into 32 chunks of 8-bits is only one of the possible configurations. The 256-bit key can be configured to be fragmented into multiple combinations. It can be 64×4, 32×8, 16×16, 8×32 etc depending on the storage size and configuration capabilities.
In an embodiment, the switch varies the output frequency by a ring oscillator chain size selection logic circuit.
In an embodiment, the method further comprises: selecting respective output frequencies of respective two or more ring oscillators, the output frequencies selectable through respective selectable inputs of the two of more ring oscillators; varying the output frequencies of the two or more ring oscillators by the switch associated with the analogue circuitry; and generating random data at the communication circuit based on the output frequencies of the two or more ring oscillators.
In an embodiment, the metastable oscillator (like the same in apparatus 100) further comprises a plurality of multiplexers, and a plurality of inverters, the inverters being configured to define a size of the metastable oscillator.
In an embodiment, the chain size selection logic circuit (like the same in apparatus 100) is configured to control the size of the metastable oscillator.
Thus, in an aspect, an apparatus 100 for generating random data is provided. The circuitry can have two independent oscillators via Ring Oscillator (RO-OSC) and Metastable Oscillator (META-OSC) which are selectable through respective enable signals. The two TRNG bit streams generated for RO-OSC and META-OSC are used either independently OR in combined manner to achieve higher entropy number.
In an embodiment, the RO-OSC circuitry can include multiple ring oscillator chains of different chain lengths with all outputs logically combined to provide a single output, where the logic used is an XOR gate. Frequency of all the ring oscillators can be varied by dynamically varying the logical effort of the inverter chain by adding capacitive load.
In an embodiment, the META TRNG can include multiple META-OSC chains each having independent sampling stage. The oscillator chains are selected by LFSR outputs which are uncorrelated to the META mode select signal.
In an embodiment, the selection can be implemented through power ON-OFF of each stage which adds to the supply settling random noise.
In an embodiment, use of resistor in series with the drain of MOSFETS in meta inverter structure can reduce the power consumption which also adds to the thermal noise component.
In an embodiment, the method—feedback from the digital section 500 can provide a mechanism to generate random numbers with least correlation, thereby increasing the entropy of the entire TRNG system. The feedback is achieved by generating 4 random bits using 4 exclusive polynomials whose input is the 256-bit value in the shift register.
In an exemplary embodiment, the random number generate through the proposed system can have a high entropy (>0.97), which passes the NIST criteria.
In an embodiment, configuration modes can include sampling frequency, meta mode selection.
In an embodiment, the complete method/system for provisioning of private key can be central to Type-C Authentication or any of the authentication mechanisms as a TRNG with high entropy is central to any authentication mechanism.
In an embodiment, this present disclosure can be used for OTP or MTP flash technologies.
It should be apparent to those skilled in the art that many more modifications besides those already described are possible without departing from the inventive concepts herein. The inventive patent matter, therefore, is not to be restricted except in the spirit of the appended claims. Moreover, in interpreting both the specification and the claims, all terms should be interpreted in the broadest possible manner consistent with the context. In particular, the terms “includes” and “including” should be interpreted as referring to elements, components, or steps in a non-exclusive manner, indicating that the referenced elements, components, or steps may be present, or utilized, or combined with other elements, components, or steps that are not expressly referenced. Where the specification claims refer to at least one of something selected from the group consisting of A, B, C . . . and N, the text should be interpreted as requiring only one element from the group, not A plus N, or B plus N, etc. The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practised with modification within the spirit and scope of the appended claims.
While the foregoing describes various embodiments of the invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof. The scope of the invention is determined by the claims that follow. The invention is not limited to the described embodiments, versions or examples, which are included to enable a person having ordinary skill in the art to make and use the invention when combined with information and knowledge available to the person having ordinary skill in the art.
The present invention provides a true random number generator with secure and improved entropy between generated sequence.
The present invention provides a simple and cost effective true random number generator with secure and improved entropy between generated sequence, thereby producing random sequence of numbers with a high entropy.
The present invention provides a reliable and efficient true random number generator with secure and improved entropy between generated sequence, thereby producing random sequence of numbers with a high entropy.
The present invention provides a robust true random number generator with secure and improved entropy between generated sequence, thereby producing random sequence of numbers with a high entropy.
Number | Date | Country | Kind |
---|---|---|---|
202041044567 | Oct 2020 | IN | national |
This is a Continuation-in-Part Application of U.S. patent application Ser. No. 17/149,554, filed on Jan. 14, 2021, which is a Paris Convention Patent Application that claims benefit under 35 U.S.C. § 119 and claims priority to Indian Patent Application No. IN 202041044567, filed on Oct. 13, 2020, titled “AN APPARATUS FOR GENERATING RANDOM DATA AND A METHOD THEREOF”, the content of which is incorporated herein in its entirety by reference for all purposes.
Number | Date | Country | |
---|---|---|---|
Parent | 17149554 | Jan 2021 | US |
Child | 18100465 | US |