FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Using TRNG output as entropy source

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using TRNG output as entropy source

‎11-07-2016 03:49 PM
2,068 Views
mofassirhaque
Contributor I

The Freescale P2040 QorIQ chip has a built-in RNG which contains PRNG and TRNG. As per SEC4.2 Reference Manual, The TRNG consists of two entropy sources (free running oscillators), each of which provides a single bit of output. Concatenated together, these 2 output bits are expected to provide 1 bit of entropy every 100 clock cycles.

During seed generation, the RNG adds entropy generated in the TRNG to the RNG XKEY Register which is 256 bits long. If I directly use these 256 bits as entropy source then can I claim entropy of 256 bits ?

Thanks,

Labels (1)
Labels
Tags (3)
0 Kudos
Reply
3 Replies

‎11-08-2016 01:30 AM
977 Views
bpe
NXP Employee
NXP Employee


XKEY is an internal PRNG state register used for testing purpose only. It
is fed from TRNG only when a reseed occurs. It shall not be used as
a source of entropy. The recommended method of obtaining random bits
from RNG is to create an appropriate JD and submit it for processing.

Regards,

Platon

0 Kudos
Reply

‎11-08-2016 07:16 PM
977 Views
mofassirhaque
Contributor I

Hi Platon,

Thanks for your quick reply. Can you please clarify the amount of entropy which can be claimed for random numbers generated by RNG which is based on TRNG consisting of two entropy sources and providing 1 bit of entropy every 100 clock cycles ?

Thanks,

0 Kudos
Reply

‎03-30-2017 11:19 AM
977 Views
tomtkacik
NXP Employee
NXP Employee

To use the PRNG in P2040 as an entropy source, SP800-90C has some guidelines.  The PRING uses the SHA1 based RNG specified in FIPS186-3.  This random number generator is no longer approved by FIPS, but can be used as an entropy source. It has a 120-bit internal state, fed by a TRNG providing 256 bits each reseed.

SP800-90C states that if the entropy input is high enough, and you re-seed everytime you generate output, then you can get 1/2 the bits of full entropy out.  Using this as a guideline, force a re-seed of the RNG, then read eight bytes of output.  Assuming that the TRNG generates enough entropy, this will give you 64-bits of entropy that can be used as you desire.

The key point is whether or not the TRNG provides enough entropy.  Only an entropy assessment, by an approved labs, can determine  that.  I am not aware that this has been done for P2040.

Regards,

Tom Tkacik

0 Kudos
Reply