Random numbers are also used in security-related circuit arrangements, but not exclusively. In such a circuit arrangement they are used, for example, as test signals for transmission via dummy lines or via active shield conductors, or to mask the operation of the circuit arrangement. Random numbers are also used for cryptographic purposes.
The generation of genuine random numbers based on a random process as occur, for example, in noise processes, is very complex. Random number generators constructed correspondingly are called “genuine” random number generators. Conventional genuine random number generators require the existence of analog circuit elements, the implementation of which in mainly digital circuits, however, is often avoided because of the expenditure.
In order to be able to generate unpredictable random number sequences, nevertheless, so-called pseudo random number generators are used. The random number sequences generated by pseudo random number generators are not genuine, that is to say random number sequences but sequences reproducibly generating an algorithm, with the statistical characteristics of genuine random number sequences.
However, pseudo random number sequences can be used like genuine random number sequences as long as the generating algorithm cannot be determined by outsiders. However, this is frequently the case because the knowledge of a long pseudo random number sequence or, particularly, of a starting value for the random number generator allows the algorithm, and thus the following pseudo random number values to be inferred. The knowledge of the algorithm and thus of the pseudo random number sequence generated by it then makes it possible to attack the circuit arrangement in order to, for example, decrypt encrypted data.
To prevent the pseudo random number sequence from being predictable by an attacker, the starting value of the pseudo random number generator should be unknown. The starting value should be unknown even to the manufacturer since the manufacturer otherwise would have the possibility of attacking the circuit arrangement at the user's promises or to facilitate the attack for a third party by revealing the starting value.
A possible approach for generating an unknown starting value is to generate this starting value internally in the circuit by another random number generator. If it is intended to avoid genuine random number generators for this purpose, the same problems occur in the generation of the starting value as the problems described above for generating the actual random number sequence.