Cryptology ePrint Archive: Report 2020/866

Building a Modern TRNG: An Entropy Source Interface for RISC-V

Markku-Juhani O. Saarinen and G. Richard Newell and Ben Marshall

Abstract: The currently proposed RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic PRNGs into a separate interface, and in its use of polling. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. This design is informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices are a result of quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries. We further compare the architecture to some contemporary random number generators and describe a minimalistic TRNG reference implementation that uses the Entropy Source together with RISC-V AES instructions.

Category / Keywords: implementation / Entropy Source, RISC-V, Random, TRNG, FIPS 140-3, SP 800-90B

Date: received 10 Jul 2020, last revised 15 Jul 2020

Contact author: mjos at mjos fi

Available format(s): PDF | BibTeX Citation

Version: 20200715:095438 (All versions of this report)

Short URL: ia.cr/2020/866


[ Cryptology ePrint archive ]