Search Results (36)

Traditional cryptographic systems face critical vulnerabilities posed by the rapid advancement of quantum computing, particularly concerning key exchange mechanisms and the quality of entropy sources for random number generation. To address these challenges, this paper proposes a multi-layered, quantum-resistant hybrid cryptographic architecture. First, to ensure robust data confidentiality and secure key establishment, the architecture employs AES-256 (Advanced Encryption Standard-256) for data encryption and utilizes the Kyber Key Encapsulation Mechanism (KEM), which is based on the Learning With Errors (LWE) problem, for secure key exchange. Second, to further bolster overall security by establishing a high-quality cryptographic foundation, we design a TRNG (true random number generator) system based on a multi-level Ring Oscillator (RO) architecture (employing 5, 7, 9, and 11 inverter stages), which provides a reliable and high-quality entropy source. Third, to enable intelligent and adaptive security management, we introduce FA-Kyber (Flow-Adaptive Kyber), a dual-trigger key exchange framework facilitating dynamic key management strategies. Experimental evaluations demonstrate that our implementation exhibits robust performance, achieving an encrypted data transmission throughput of over 550 Mbps with an average end-to-end latency of only 3.14 ms and a key exchange success rate of 99.99% under various network conditions. The system exhibits excellent stability under network congestion, maintaining 86% of baseline throughput under moderate stress, while adaptively increasing the key rotation frequency to enhance security. This comprehensive approach strikes an optimal balance between performance and post-quantum resilience for sensitive communications. Full article

Any cryptographic system strongly relies on randomness to ensure robust encryption and masking methods. True Random Number Generators play a fundamental role in this context. The National Institute of Standards and Technology (NIST) and the Bundesamt für Sicherheit in der Informationstechnik (BSI) provide guidelines for designing reliable entropy sources to fuel cryptographic Random Bit Generators. This work presents a highly parameterized, open-source implementation of a TRNG based on ring oscillators, complemented by an optimized Keccak conditioning unit. The design process is accompanied by a thorough study of the relevant literature and standards, specifying the requirements for reliable entropy sources in cryptographic systems. The design of the TRNG proposed in this paper aims to strike a balance between area, throughput, power consumption, and entropy, while adhering to these guidelines. The proposed design has undergone extensive testing and validation and has successfully passed the NIST SP 800-22, NIST SP 800-90B, and BSI AIS-31 tests, achieving a min-entropy per bit of 0.9982 (NIST) and 0.9998 (BSI). Full article

In this paper, novel architecture of the true random number generator (TRNG) is presented. The proposed TRNG uses jitter in capacitive oscillators as a source of entropy. These capacitive oscillators exploit the input/output (I/O) buffers of a field-programmable gate array (FPGA) chip. A specific connection between these buffers allows cyclical charging and discharging of a parasitic capacitance associated with an external FPGA pin. If a few pins of an FPGA chip are not connected to any external components, they can be targeted to build the TRNG. The proposed TRNG requires only three external FPGA pins dedicated to capacitive oscillators, as well as 18 look-up tables (LUTs) and 20 flip-flops (FFs). Its throughput amounts to 11–13 Mbit/s. To pass all NIST SP800-22 statistical tests for a wide range of operating temperatures, the TRNG requires a post-processing circuit. The characteristic feature of the proposed TRNG is that it internally generates a signal indicating that a random bit was just produced. Therefore, no external clock signal is needed to sample the output. Full article

The use of physical unclonable functions (PUFs) linked to the manufacturing process of the electronic devices supporting applications that exchange critical data over the Internet has made these elements essential to guarantee the authenticity of said devices, as well as the confidentiality and integrity of the information they process or transmit. This paper describes the development of a configurable PUF/TRNG module based on ring oscillators (ROs) that takes full advantage of the structure of modern programmable devices offered by Xilinx 7 Series families. The proposed architecture improves the hardware efficiency with two main objectives. On the one hand, we perform an exhaustive statistical characterization of the results derived from the exploitation of RO configurability. On the other hand, we undertake the development of a new version of the module that requires a smaller amount of resources while considerably increasing the number of output bits compared to other proposals previously reported in the literature. The design as a highly parameterized intellectual property (IP) module connectable through a standard interface to a soft- or hard-core general-purpose processor greatly facilitates its integration into embedded solutions while accelerating the validation and characterization of this element on the same electronic device that implements it. The studies carried out reveal adequate values of reliability, uniqueness, and unpredictability when the module acts as a PUF, as well as acceptable levels of randomness and entropy when it acts as a true random number generator (TRNG). They also illustrate the ability to obfuscate and recover identifiers or cryptographic keys of up to 4096 bits using an implementation of the PUF/TRNG module that requires only an array of $4\times 4$ configurable logic blocks (CLBs) to accommodate the RO bank. Full article

The triboelectric nanogenerator (TENG) has the potential to serve as a high-entropy energy harvester, enabling the self-powered operation of Internet of Things (IoT) devices. True random number generator (TRNG) is a common feature of encryption used in IoT data communication, ensuring the security of transmitted information. The benefits of multiplexing TENG and TRNG in resource-constrained IoT devices are substantial. However, current designs are limited by the usage scenarios and throughput of the TRNG. Specifically, we propose a structurally and environmentally friendly design based on the contact–separation structure, integrating heat fluctuation and charge decay as entropy sources. Furthermore, filtering and differential algorithms are recommended for data processing based on TENG characteristics to enhance randomness. Finally, a TENG-based TRNG is fabricated, and its performance is verified. Test results demonstrate a random number throughput of 25 Mbps with a randomness test pass rate approaching 99%, demonstrating suitability for resource-constrained IoT applications. Full article

This study explores memristor-based true random number generators (TRNGs) through their evolution and optimization, stemming from the concept of memristors first introduced by Leon Chua in 1971 and realized in 2008. We will consider memristor TRNGs coming from various entropy sources for producing high-quality random numbers. However, we must take into account both their strengths and weaknesses. The comparison with CMOS-based TRNGs will serve as an illustration that memristor TRNGs stand out due to their simpler circuits and lower power consumption— thus leading us into a case study involving electroless YMnO₃ (YMO) memristors as TRNG entropy sources that demonstrate good security properties by being able to produce unpredictable random numbers effectively. The end of our analysis sees us pinpointing challenges: post-processing algorithm optimization coupled with ensuring reliability over time for memristor-based TRNGs aimed at next-generation security applications. Full article

This paper introduces a low-complexity start–stop true random number generator (TRNG) utilizing jitter in ring oscillators (ROs). Incorporating phase detectors enhances entropy extraction from the same number of ROs. The raw bits undergo online post-processing using the SHA-1 algorithm, which is widely supported by many programming languages. The output bit streams pass all NIST statistical tests (SP 800-22 and SP-90B). Bits are generated on demand, enhancing security by preventing eavesdropping during continuous bit production. The TRNG maintains its performance regardless of the FPGA manufacturer. Full article

A True Random Number Generator (TRNG) is an important component in cryptographic algorithms and protocols. The Rosin Autonomous Boolean Network (ABN) digital TRNG has been widely studied due to its nice properties, such as low energy consumption, high speed, strong platform portability, and strong randomness. However, there is still a lack of suitable entropy models to deduce the requirement of design parameters to ensure true randomness. The current model to evaluate the entropy of oscillator-based TRNGs is not applicable for Rosin ABN TRNGs due to low-frequency noise. This work presents a new, suitable stochastic model to evaluate the entropy of Rosin ABN TRNGs. Theoretical analysis and simulation experiments verify the correctness and the effectiveness of the model, and, finally, the appropriate sampling parameters for Rosin ABN TRNGs are given for sufficient entropy per random bit to ensure true randomness. Full article

With the combined call for increased network throughput and security comes the need for high-bandwidth, unconditionally secure systems. Through the combination of true random number generators (TRNGs) for unique seed values, and four-dimensional Lorenz hyperchaotic systems implemented on a Stratix 10 Intel FPGA, we are able to implement 60 MB/s encryption/decryption schemes with 0% data loss on an unconditionally secure system with the NIST standard using less than 400 mW. Further, the TRNG implementation allows for unique encryption outputs for similar images while still enabling proper decryption. Histogram and adjacent pixel analysis on sample images demonstrate that without the key, it is not possible to extract the plain text from the encrypted image. This encryption scheme was implemented via PCIe for testing and analysis. Full article

Resistance random access memory (RRAM) based true random number generator (TRNG) has great potential to be applied to hardware security owing to its intrinsic switching variability. Especially the high resistance state (HRS) variation is usually taken as the entropy source of RRAM-based TRNG. However, the small HRS variation of RRAM may be introduced owing to fabrication process fluctuations, which may lead to error bits and be vulnerable to noise interference. In this work, we propose an RRAM-based TRNG with a 2T1R architecture scheme, which can effectively distinguish the resistance values of HRS with an accuracy of 1.5 k$\Omega$. As a result, the error bits can be corrected to a certain extent while the noise is suppressed. Finally, a 2T1R RRAM-based TRNG macro is simulated and verified using the 28 nm CMOS process, which suggests its potential for hardware security applications. Full article

As a module of the internet of things (IOT) information security system, the true random number generator (TRNG) plays an important role in overall performance. In this paper, a low-power TRNG based on dual oscillators is proposed. Two high-frequency cross-coupled oscillators are used to generate high-jitter clock signals, and then the SR latch with power supply below standard power supply voltage is adopted to process the oscillator output to maintain its metastability and increase jitter. The circuit is realized by an SMIC 180 nm 1P6M mixed-signal process. The experimental results show that when power supply voltage is 1.8 V, the circuit outputs a random number bit rate of 200 kb/s, the core area is 0.0039 mm², and the power consumption is only 36 µw. The output random sequences can pass the NIST SP 800-22 test. Full article

The generation of random numbers is crucial for practical implementations of cryptographic algorithms. In this sense, hardware security modules (HSMs) include true random number generators (TRNGs) implemented in hardware to achieve good random number generation. In the case of cryptographic algorithms implemented on FPGAs, the hardware implementation of RNGs is limited to the programmable cells in the device. Among the different proposals to obtain sources of entropy and process them to implement TRNGs, those based in ring oscillators (ROs), operating in parallel and combined with XOR gates, present good statistical properties at the cost of high area requirements. In this paper, these TRNGs are revisited, showing a method for area optimization independently of the FPGA technology used. Experimental results show that three ring oscillators requiring only three LUTs are enough to build a TRNG on Artix 7 devices from Xilinx with a throughput of 33.3 Kbps, which passes NIST tests. A throughput of 50 Kbps can be achieved with four ring oscillators, also requiring three LUTs in Artix 7 devices, while 100 Kbps can be achieved using an structure with four ring oscillators requiring seven LUTs. Full article

The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate. Full article

True random key generator (TRNG) architectures play a notable role in strengthening information security infrastructure. The development of new entropy sources based on reconfigurable hardware is always in demand, especially for the integrity of devices in IoT applications. TRNGs can be adopted for generating unique device IDs that form the data network in the IoT. A ring oscillator (RO) is an efficient entropy source which can be implemented on FPGAs or realised as ASIC hardware. This work proposes a non-identical RO array as an entropy source. The TRNG architecture, based on an increasing odd number of inverters per ring, was extensively studied. The various statistical and hardware analyses provided encouraging results for this reliable entropy unit. The suggested device-independent non-identical RO structure was implemented on five different types of FPGA hardware belonging to the Xilinx and Intel families, consuming 13 registers and nearly 15 combinational functions. This TRNG achieved a throughput of 3.5 Mbps. While the emergence of the Gaussian response evaluated true randomness, the NIST 800-90B and NIST 800-22 tests yielded good results in terms of the justification of randomness evolving from the proposed TRNG architecture. Full article

This paper presents the validation of a novel approach for a true-random number generator (TRNG) based on a ring oscillator–physical unclonable function (RO-PUF) for FPGA devices. The proposal takes advantage of the different noise sources that affect the electronic implementation of the RO-PUF to extract the entropy required to guarantee its function as a TRNG, without anything more than minimal changes to the original design. The new RO-PUF/TRNG architecture has been incorporated within a hybrid HW/SW embedded system designed for devices from the Xilinx Zynq-7000 family. The degree of randomness of the generated bit streams was assessed using the NIST 800-22 statistical test suite, while the validation of the RO-PUF proposal as an entropy source was carried out by fulfilling the NIST 800-90b recommendation. The features of the hybrid system were exploited to carry out the evaluation and validation processes proposed by the NIST publications, online and on the same platform. To establish the optimal configuration to generate bit streams with the appropriate entropy level, a statistical study of the degree of randomness was performed for multiple TRNG approaches derived from the different implementation modes and configuration options available on the original RO-PUF design. The results show that the RO-PUF/TRNG design is suitable for secure cryptographic applications, doubling its functionality without compromising the resource–efficiency trade-off already achieved in the design. Full article