Random number generators (RNGs) attempt to generate a sequence of values that are random as defined mathematically. There are two forms of random number generator. A commonly used random number generator generates a sequence of apparently random values that is in actuality deterministic. Such a random number generator is referred to as a pseudo random number generator (PRNG). A pseudo random number generator relies on a first value, a seed value, in order to determine a sequence based thereon that appears random and has random characteristics. Because the process is mathematical in nature, it is relatively fast and can be implemented very efficiently and predictably in hardware. Unfortunately, pseudo random number generators produce predictable results which affect their usefulness.
Cryptographic quality random number generators (RNGs) implemented in digital logic hardware usually make use of a bank of registers for their control and data interfaces to the system. The natural size of numbers used in cryptographic systems tends to be large: 16 or 32 bytes. The sizes of common computer processor control and data paths used today is usually 1, 2, 4 or 8 bytes. Thus conversions are frequently made to adapt the size of RNG registers to the natural size of the controlling processor. This often uses more register space. While wide buses excel at moving data quickly, they consume large areas on an integrated circuit die or a circuit board.
Further, though the design of a pseudo random number generator (PRNG) is deterministic and easily verified against an algorithm, a true random number generator (TRNG) is not so easily verified. If it were discovered that a TRNG was inadequate, an entire circuit or system often loses its utility. This is very significant in larger systems where many random number generators are needed. In such systems, each PRNG is easily implemented and verified near its associated circuit. However, if TRNGs are needed, this then poses the drawback that if one TRNG is compromised, then the system as a whole may be useless. That the, if adequate backup TRNGs are provided, the area required to accommodate wiring to move wide buses of data around become an even greater concern.
A true random number generator (TRNG) is a circuit for generating a sequence of numbers that is non-deterministic. In order to accomplish this, the TRNG circuit obtains its random data from a physical noise source. Unfortunately, physical noise sources present many drawbacks. Amongst these are steady state issues when the physical noise source is external to the circuit, spacing between sampling events to ensure random characteristics, and manufacturing variations. For example, if temperature of a resistor is used as a noise source, placing the circuit in a very hot or cold environment can result in a sequence of values that tends toward one value or another. Similarly, if temperature of a resistor is relied upon, there is a time between value reading that must be observed or the values will be correlated one to another as the thermal noise signal will not have had sufficient time to vary in a random fashion. This is due to the fact that the frequency spectrum of a physical noise process is typically band-limited or inherently low-pass in nature. Also similarly, if during manufacture a small variation results in a resistor that is always a little bit hotter or colder, then the sequence of values may tend toward a known result. Problematically, these issues sometimes do not turn up until after a circuit is manufactured.
A random number generator (RNG) used in a cryptographic system often comprises a cascade of RNGs starting from a non-deterministic random number generator, also called a true random number generator (TRNG), that obtains its random data from a physical noise source. This data, referred to as a seed, is then used as input data to a deterministic random number generator in the form of a pseudorandom number generator (PRNG), which provides a more suitable interface for processor-based systems that make use of the RNG components. Thus, a seed value is determined in accordance with a TRNG process which is often slow. The PRNG which has rapid and predictable performance characteristics then provides a changing sequence of values for use in the encryption process. It is common for the PRNG to use a seed from a TRNG for a period of time, or to produce a certain number of output values within a random sequence of output values. Once the new seed is available, the PRNG is reseeded with a new input value from the TRNG. Once again, the performance and predictability of the PRNG is available.
TRNGs produce results when commanded to do so by a controlling process. The statistical nature of a TRNG's physical input data and the length of a seed value make the time required to produce new seed values long and variable.
It would be advantageous to provide a TRNG that overcomes some of the drawbacks of the prior art.