A Simple Burst-Mode Multiple-Entropy TRNG Based on Standard Logic Primitives

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

1. A comparative performance table (accuracy, speed, power efficiency, complexity, etc.) with recent published literatures would help to evaluate the contribution relative to prior works.
2. In Table 2, the throughput is listed as 43.7 Mb/s. Is this figure represent the "effective throughput" averaged over time (including the idle periods between bursts) or the "burst throughput" (the bit rate during the active phase only)?
3. The authors mention that the sampling speed was limited to 195 MHz due to the capabilities of the CPLD and the designed logic. Will the performance be enhanced by replacing more advanced FPGAs?

Author Response

• A comparative performance table (accuracy, speed, power efficiency, complexity, etc.) with recent published literatures would help to evaluate the contribution relative to prior works.

Thank you for this suggestion – we have added more references to recent works in the table and included power efficiency in the comparison in accordance with the suggestion. We believe that the current scope of the table covers the parameters of speed and complexity. 

• In Table 2, the throughput is listed as 43.7 Mb/s. Is this figure represent the "effective throughput" averaged over time (including the idle periods between bursts) or the "burst throughput" (the bit rate during the active phase only)?

We have clarified this in a new footnote to Table 2 – the method of throughput calculation excludes idle periods between bursts and takes into consideration the active phase only.

• The authors mention that the sampling speed was limited to 195 MHz due to the capabilities of the CPLD and the designed logic. Will the performance be enhanced by replacing more advanced FPGAs?

Thank you very much for this question. A more advanced FPGA will allow higher sampling rates, thus increasing the throughput by catching more transitions during the autonomous operation of the system. Moreover, lower RC constants and the lower propagation delay of LUTs ensure higher variability of the solution to the nonlinear equation set over time during the autonomous operation. According to the measurement results (shown in the present article version), the FPGA may have lower jitter, which may slightly affect the entropy of a single core. However, considering the advantage of a much higher maximum frequency of FPGAs, the slightly smaller entropy due to a smaller jitter is not a problem. In our case, we needed to increase the number of TRNG cores.

Reviewer 2 Report

Comments and Suggestions for Authors

Based on the research work “A simple burst-mode multiple-entropy TRNG based on standard logic primitives”, I have listed some comments and suggestion below. This proposed work is simple and innovative with very well-illustrated Figures and diagrams for the readers.

Therefore, I proposed minor revision and could be accepted if authors can provide satisfactory replies to my comments below.

Comments for author File: Comments.pdf

Author Response

• There should be a discussion section before the conclusion section.

The section has been added in accordance with the suggestion.

•  Conclusion section is too short.

We have extended the Conclusion section to provide a more thorough coverage of accomplished work.

• How does the proposed burst-mode TRNG exploit cross-coupled XOR gates and delay lines to generate randomness, and in what ways does this approach differ from traditional jitter-or metastability-based TRNG designs?

The typical jitter-based designs rely mostly on harvesting jitter from free-running oscillators. On the other hand, the metastability-based designs usually exploit timing violations in synchronous elements. This is similar to some extent to our approach, as we sample an unstable logic of the circuit to obtain random data.

However, to harvest randomness from the pure metastability of a bistable, it is necessary to ensure its timing violations precisely. Therefore, a serious drawback of metastable-based TRNGs is the accurate adjustment of timing to reach the metastable response. On the other hand, RO-based TRNGs often suffer from frequency lock-up and can be easily attacked with a frequency/energy attack. Our design exploits randomness from a system utilizing nonlinear circuits (XOR/NXOR gates) with internal delays (tdel1 and tdel2), in which the momentary noise/jitter affects the system’s trajectory and the solution over time. The system trajectory is sophisticated (also due to the use of cross-coupled XOR/NXOR gates) and depends on particular values of parameters such as tdel1, tdel2, RC, and so on. Therefore, the sophisticated trajectory itself is unpredictable in a specific device due to the parameter mismatch; moreover, it is also affected by the initial condition (i.e., the length of the starting pulse), which is also subject to jitter present in a real circuit.

• The TRNG was implemented on a low-resource Altera MAX V CPLD. What are the strengths and limitations of using such a constrained platform, and how might the results differ if implemented on a higher-end FPGA?

The CPLD may be more similar to low-resource end devices, such as IoT electronics, for which this TRNG would be mostly applicable. The main limitation is that we may not present the maximum possible throughput due to the limited f_clk_MAX in this CPLD.
Since higher-end FPGAs may have a more precise fabrication process, this may result in longer times of autonomous operation of TRNG due to lower RC constants between logic.

• The references are too little to convince the readers that this is a worthy and trusted manuscript. The reference list should be boosted to > 50 so that it’s a reliable and convincing one. I propose adding (doi:10.3390/electronics13101801) to Internet of Things in page 2, line 47 of the manuscript.

Thank you again for this comment. While it is agreed that more references would raise trustworthiness of the paper, it is hard to add over 30 references in a meaningful manner in the very limited time given for the minor revision of the paper. In the revised paper, we have included as many references that are relevant to our work as we could, with the addition of the proposed reference.

• Compared with other state-of-the-art TRNGs, the proposed design shows lower throughput but very low resource usage. How does this trade-off affect the practical applicability of the design in cryptographic and IoT use cases?

Low resource utilization and complexity make this solution more applicable and favorable for IoT end-devices. The trade-off may not affect the practical applicability of the design at all, as the designated application area usually does not require high-throughput streams of random numbers, but rather a few random numbers for single network transactions. Low resource utilization is a more decisive factor here.

• The dual-core design showed significant improvements over the single-core version. What potential exists for scaling to multiple cores or optimizing delay paths, and how might future work address throughput and resource efficiency simultaneously?

This is a valuable comment. As a dual-core design is sufficient to pass all NIST tests, there isn’t really a point to scale it further to increase randomness, mainly due to the sampling frequency limitations of the CPLD device used. However, a design with multiple parallel dual-core TRNGs or an implementation with an FPGA with a higher sampling frequency may be exploited to reach higher throughput. Optimizing delay paths with more specific constraints may result in longer autonomous operation times for the TRNG, as shown for the noiseless macromodel in Fig. 4 of our paper.