Paper 2020/866

Development of The RISC-V Entropy Source Interface

Markku-Juhani O. Saarinen, G. Richard Newell, and Ben Marshall

Abstract

The RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic DRBGs into a separate privileged interface, and in its use of polling. The modular approach is suitable for the RISC-V hardware IP ecosystem, allows a significantly smaller implementation footprint on platforms that need it, while directly supporting current standards compliance testing methods. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. The design was informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices result from quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries.

Note: This significantly expanded version has been updated to reflect changes in the RISC-V Scalar Cryptography and Entropy Source Extension and has been accepted for publication by the Journal of Cryptographic Engineering (Springer) -- DOI: 10.1007/s13389-021-00275-6 . The title of the ASHES '20 paper was slightly different: "Building a Modern TRNG: An Entropy Source Interface for RISC-V."

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Major revision. In 4th Workshop on Attacks and Solutions in Hardware Security (ASHES’20), November 13, 2020, Virtual Event, USA.
DOI
10.1145/3411504.3421212
Keywords
Entropy SourceRISC-VRandomTRNGFIPS 140-3SP 800-90B
Contact author(s)
mjos @ mjos fi
History
2021-11-11: last of 44 revisions
2020-07-12: received
See all versions
Short URL
https://ia.cr/2020/866
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/866,
      author = {Markku-Juhani O.  Saarinen and G.  Richard Newell and Ben Marshall},
      title = {Development of The {RISC}-V Entropy Source Interface},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/866},
      year = {2020},
      doi = {10.1145/3411504.3421212},
      url = {https://eprint.iacr.org/2020/866}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.