Building a Modern TRNG: An Entropy Source Interface for RISC-V

Markku Juhani O. Saarinen; G. Richard Newell; Ben Marshall

doi:10.1145/3411504.3421212

Building a Modern TRNG: An Entropy Source Interface for RISC-V

Markku Juhani O. Saarinen
, G. Richard Newell
, Ben Marshall

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

5 Citations (Scopus)

Abstract

The currently proposed RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic PRNGs into a separate interface, and in its use of polling. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. This design is informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices are a result of quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries. We further compare the architecture to some contemporary random number generators and describe a minimalistic TRNG reference implementation that uses the Entropy Source together with RISC-V AES instructions.

Original language	English
Title of host publication	ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security
Publisher	ACM
Pages	93-102
Number of pages	10
ISBN (Electronic)	9781450380904
DOIs	https://doi.org/10.1145/3411504.3421212
Publication status	Published - 13 Nov 2020
Externally published	Yes
Publication type	A4 Article in conference proceedings
Event	4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2020 - Virtual, Online, United States Duration: 13 Nov 2020 → …

Publication series

Name	ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security

Conference

Conference	4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2020
Country/Territory	United States
City	Virtual, Online
Period	13/11/20 → …

Funding

In addition to anonymous program committee members, we thank the RISC-V Cryptographic Extensions Task Group for its input and support, especially Andy Glew, Barry Spinney, Derek Atkins, Ken Dockser, and Nathan Menhorn. This work was supported in part by Innovate UK (R&D Project Ref.: 105747), and by EPSRC (Grant No.: EP/R012288/1, under the RISE programme.)

Funders	Funder number
RISC-V Cryptographic Extensions Task Group
EPSRC - Engineering and Physical Sciences Research Council	EP/R012288/1
Innovate UK Research	105747

Keywords

entropy source
fips 140-3
random
risc-v
sp 800-90b
trng

ASJC Scopus subject areas

Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality
Hardware and Architecture

Access to Document

10.1145/3411504.3421212

Cite this

Saarinen, M. J. O., Newell, G. R., & Marshall, B. (2020). Building a Modern TRNG: An Entropy Source Interface for RISC-V. In ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security (pp. 93-102). (ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security). ACM. https://doi.org/10.1145/3411504.3421212

@inproceedings{878650bb049448c1976772a5aebd7f07,

title = "Building a Modern TRNG: An Entropy Source Interface for RISC-V",

abstract = "The currently proposed RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic PRNGs into a separate interface, and in its use of polling. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. This design is informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices are a result of quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries. We further compare the architecture to some contemporary random number generators and describe a minimalistic TRNG reference implementation that uses the Entropy Source together with RISC-V AES instructions.",

keywords = "entropy source, fips 140-3, random, risc-v, sp 800-90b, trng",

author = "Saarinen, \{Markku Juhani O.\} and Newell, \{G. Richard\} and Ben Marshall",

note = "Publisher Copyright: {\textcopyright} 2020 ACM.; 4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2020 ; Conference date: 13-11-2020",

year = "2020",

month = nov,

day = "13",

doi = "10.1145/3411504.3421212",

language = "English",

series = "ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security",

publisher = "ACM",

pages = "93--102",

booktitle = "ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security",

address = "United States",

}

Saarinen, MJO, Newell, GR & Marshall, B 2020, Building a Modern TRNG: An Entropy Source Interface for RISC-V. in ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security. ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security, ACM, pp. 93-102, 4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2020, Virtual, Online, United States, 13/11/20. https://doi.org/10.1145/3411504.3421212

Building a Modern TRNG: An Entropy Source Interface for RISC-V. / Saarinen, Markku Juhani O.; Newell, G. Richard; Marshall, Ben.
ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security. ACM, 2020. p. 93-102 (ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Building a Modern TRNG

T2 - 4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2020

AU - Saarinen, Markku Juhani O.

AU - Newell, G. Richard

AU - Marshall, Ben

PY - 2020/11/13

Y1 - 2020/11/13

N2 - The currently proposed RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic PRNGs into a separate interface, and in its use of polling. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. This design is informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices are a result of quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries. We further compare the architecture to some contemporary random number generators and describe a minimalistic TRNG reference implementation that uses the Entropy Source together with RISC-V AES instructions.

AB - The currently proposed RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic PRNGs into a separate interface, and in its use of polling. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. This design is informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices are a result of quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries. We further compare the architecture to some contemporary random number generators and describe a minimalistic TRNG reference implementation that uses the Entropy Source together with RISC-V AES instructions.

KW - entropy source

KW - fips 140-3

KW - random

KW - risc-v

KW - sp 800-90b

KW - trng

UR - https://www.scopus.com/pages/publications/85097337230

U2 - 10.1145/3411504.3421212

DO - 10.1145/3411504.3421212

M3 - Conference contribution

AN - SCOPUS:85097337230

T3 - ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security

SP - 93

EP - 102

BT - ASHES 2020 - Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security

PB - ACM

Y2 - 13 November 2020

ER -

Building a Modern TRNG: An Entropy Source Interface for RISC-V

Abstract

Publication series

Conference

Funding

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this