Quantum random number generation for 1.25 GHz quantum key distribution systems

Security proofs of quantum key distribution (QKD) systems usually assume that the users have access to source of perfect randomness. State-of-the-art QKD systems run at frequencies in the GHz range, requiring a sustained GHz rate of generation and acquisition of quantum random numbers. In this paper we demonstrate such a high speed random number generator. The entropy source is based on amplified spontaneous emission from an erbium-doped fibre, which is directly acquired using a standard small form-factor pluggable (SFP) module. The module connects to the Field Programmable Gate Array (FPGA) of a QKD system. A real-time randomness extractor is implemented in the FPGA and achieves a sustained rate of 1.25 Gbps of provably random bits.Comment: 6 pages, 8 figure

Producing Random Bits with Delay-Line Based Ring Oscillators

One of the sources of randomness for a random bit generator (RBG) is jitter present in rectangular signals produced by ring oscillators (ROs). This paper presents a novel approach for the design of delays used in these oscillators. We suggest using delay elements made on carry4 primitives instead of series of inverters or latches considered in the literature. It enables the construction of many high frequency ring oscillators with different nominal frequencies in the same field programmable gate array (FPGA). To assess the unpredictability of bits produced by RO-based RBG, the restarts mechanism, proposed in earlier papers, was used. The output sequences pass all NIST 800-22 statistical tests for smaller number of ring oscillators than the constructions described in the literature. Due to the number of ROs with different nominal frequencies and the method of construction of carry4 primitives, it is expected that the proposed RBG is more robust to cryptographic attacks than RBGs using inverters or latches as delay element

On-chip jitter measurement for true random number generators

Applications of true random number generators (TRNGs) span from art to numerical computing and system security. In cryptographic applications, TRNGs are used for generating new keys, nonces and masks. For this reason, a TRNG is an essential building block and often a point of failure for embedded security systems. One type of primitives that are widely used as source of randomness are ring oscillators. For a ring-oscillator-based TRNG, the true randomness originates from its timing jitter. Therefore, determining the jitter strength is essential to estimate the quality of a TRNG. In this paper, we propose a method to measure the jitter strength of a ring oscillator implemented on an FPGA. The fast tapped delay chain is utilized to perform the on-chip measurement with a high resolution. The proposed method is implemented on both a Xilinx FPGA and an Intel FPGA. Fast carry logic components on different FPGAs are used to implement the fast delay line. This carry logic component is designed to be fast and has dedicated routing, which enables a precise measurement. The differential structure of the delay chain is used to thwart the influence of undesirable noise from the measurement. The proposed methodology can be applied to other FPGA families and ASIC designs

A Random Number Generator Using Ring Oscillators and SHA-256 as Post-Processing

Today, cryptographic security depends primarily on having strong keys and keeping them secret. The keys should be produced by a reliable and robust to external manipulations generators of random numbers. To hamper different attacks, the generators should be implemented in the same chip as a cryptographic system using random numbers. It forces a designer to create a random number generator purely digitally. Unfortunately, the obtained sequences are biased and do not pass many statistical tests. Therefore an output of the random number generator has to be subjected to a transformation called post-processing. In this paper the hash function SHA-256 as post-processing of bits produced by a combined random bit generator using jitter observed in ring oscillators (ROs) is proposed. All components – the random number generator and the SHA-256, are implemented in a single Field Programmable Gate Array (FPGA). We expect that the proposed solution, implemented in the same FPGA together with a cryptographic system, is more attack-resistant owing to many sources of randomness with significantly different nominal frequencies

D2.1 - Report on Selected TRNG and PUF Principles

This report represents the final version of Deliverable 2.1 of the HECTOR work package WP2. It is a result of discussions and work on Task 2.1 of all HECTOR partners involved in WP2. The aim of the Deliverable 2.1 is to select principles of random number generators (RNGs) and physical unclonable functions (PUFs) that fulfill strict technology, design and security criteria. For example, the selected RNGs must be suitable for implementation in logic devices according to the German AIS20/31 standard. Correspondingly, the selected PUFs must be suitable for applying similar security approach. A standard PUF evaluation approach does not exist, yet, but it should be proposed in the framework of the project. Selected RNGs and PUFs should be then thoroughly evaluated from the point of view of security and the most suitable principles should be implemented in logic devices, such as Field Programmable Logic Arrays (FPGAs) and Application Specific Integrated Circuits (ASICs) during the next phases of the project

A new TRNG based on coherent sampling with self-timed rings

Random numbers play a key role in applications such as industrial simulations, laboratory experimentation, computer games, and engineering problem solving. The design of new true random generators (TRNGs) has attracted the attention of the research community for many years. Designs with little hardware requirements and high throughput are demanded by new and powerful applications. In this paper, we introduce the design of a novel TRNG based on the coherent sampling (CS) phenomenon. Contrary to most designs based on this phenomenon, ours uses self-timed rings (STRs) instead of the commonly employed ring oscillators (ROs). Our design has two key advantages over existing proposals based on CS. It does not depend on the FPGA vendor used and does not need manual placement and routing in the manufacturing process, resulting in a highly portable generator. Our experiments show that the TRNG offers a very high throughput with a moderate cost in hardware. The results obtained with ENT, DIEHARD, and National Institute of Standards and Technology (NIST) statistical test suites evidence that the output bitstream behaves as a truly random variable.This work was supported in part by the Ministerio de Economia y Competitividad (MINECO), Security and Privacy in the Internet of You (SPINY), under Grant TIN2013-46469-R, and in part by the Comunidad de Madrid (CAM), Cybersecurity, Data, and Risks (CIBERDINE), underGrant S2013/ICE-3095

Transition Probability Test for an RO-Based Generator and the Relevance between the Randomness and the Number of ROs

A ring oscillator is a well-known circuit used for generating random numbers, and interested readers can find many research results concerning the evaluation of the randomness with a packaged test suit. However, the authors think there is room for evaluating the unpredictability of a sequence from another viewpoint. In this paper, the authors focus on Wold's RO-based generator and propose a statistical test to numerically evaluate the randomness of the RO-based generator. The test adopts the state transition probabilities in a Markov process and is designed to check the uniformity of the probabilities based on hypothesis testing. As a result, it is found that the RO-based generator yields a biased output from the viewpoint of the transition probability if the number of ROs is small. More precisely, the transitions 01 -> 01 and 11 -> 11 happen frequently when the number l of ROs is less than or equal to 10. In this sense, l > 10 is recommended for use in any application, though a packaged test suit is passed. Thus, the authors believe that the proposed test contributes to evaluating the unpredictability of a sequence when used together with available statistical test suits, such as NIST SP800-22