Hardware-based entropy for quality random numbers.

Random number generation

Cryptography is critically dependent on uncorrelated, unpredictable and high-quality random numbers.

The ability to generate true random numbers is a critical requirement for cryptographic algorithms, since ultimately the security of the protocols depends on the randomness of cryptographic keys. Truly random unpredictable data can be produced and extracted with an entropy source. An entropy source can be an external stimulus or observed noise. In addition to entropy source the TRNG includes entropy extractor and online health tests that ensure that entropy rate is sufficient continuously.

Xiphera has designed an FPGA-based TRNG IP core with an entropy source. The FPGA independent and ASIC compatible TRNG IP core includes the online health tests and construction described in NIST SP 800-90B, and has a standard compliant AES-CBC-MAC -based entropy extractor. The TRNG is used in other Xiphera's solutions like TLS 1.3, and can be used together with Xiphera's MACsec.

The robustness of the Xiphera TRNG IP core is verified with multiple FPGA families from Intel, Xilinx, Lattice Semiconductor and Microchip, passing all the popular test suites including dieharder, NIST SP800-22 and SP800-90B.

With Xiphera's Linux driver, the TRNG can be integrated into a running Linux kernel where it will supply the kernel with sufficient entropy for its cryptographic funtions. Also direct access to the TRNG's output is provided through the /dev/random interface. The TRNG can be also interfaced directly to user design on an FPGA.