Entropy justification for metastability based nondeterministic random bit generator

2017 IEEE 2nd International Verification and Security Workshop (IVSW) Pub Date : 2017-07-01 DOI:10.1109/IVSW.2017.8031540

R. Parker

{"title":"Entropy justification for metastability based nondeterministic random bit generator","authors":"R. Parker","doi":"10.1109/IVSW.2017.8031540","DOIUrl":null,"url":null,"abstract":"We describe a minimum entropy justification for the metastable latch based nondeterministic random bit generator (NRBG) also known as an entropy source (ES). The NRBG, used for on-die generation of cryptographic keys in SOCs, is comprised of a CMOS latch with a continuously running offset cancellation loop. The offset cancellation allows for the resolution required to sample device noise at the expense of introducing serial correlation in the output data. Because the NRBG is embedded within SP 800-90 A/B/C and FIPs 140-2 compliant systems, it is critical that the loss of entropy due to serial correlation be known and bounded, and that there is a mechanism to detect loss of entropy during manufacturing test as well as normal operation. We demonstrate that a simplified one-dimensional stochastic model of the comparator in conjunction with a birth-death Markov chain model of the offset cancellation can be used to derive the minimum entropy of the NRBG and the probability of bit patterns used by entropy quality health test circuits. The result of this work compares excellently to measured data from an advanced FinFET process.","PeriodicalId":184196,"journal":{"name":"2017 IEEE 2nd International Verification and Security Workshop (IVSW)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 2nd International Verification and Security Workshop (IVSW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IVSW.2017.8031540","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

We describe a minimum entropy justification for the metastable latch based nondeterministic random bit generator (NRBG) also known as an entropy source (ES). The NRBG, used for on-die generation of cryptographic keys in SOCs, is comprised of a CMOS latch with a continuously running offset cancellation loop. The offset cancellation allows for the resolution required to sample device noise at the expense of introducing serial correlation in the output data. Because the NRBG is embedded within SP 800-90 A/B/C and FIPs 140-2 compliant systems, it is critical that the loss of entropy due to serial correlation be known and bounded, and that there is a mechanism to detect loss of entropy during manufacturing test as well as normal operation. We demonstrate that a simplified one-dimensional stochastic model of the comparator in conjunction with a birth-death Markov chain model of the offset cancellation can be used to derive the minimum entropy of the NRBG and the probability of bit patterns used by entropy quality health test circuits. The result of this work compares excellently to measured data from an advanced FinFET process.

查看原文本刊更多论文

基于亚稳态的不确定性随机比特发生器的熵证明

我们描述了基于亚稳锁存器的不确定性随机比特发生器(NRBG)也称为熵源(ES)的最小熵证明。NRBG用于在芯片上生成soc中的加密密钥，由CMOS锁存器和连续运行的偏移抵消回路组成。偏移抵消允许采样设备噪声所需的分辨率，但代价是在输出数据中引入串行相关。由于NRBG嵌入在SP 800-90 A/B/C和FIPs 140-2兼容的系统中，因此由串行相关引起的熵损失是已知和有界的，并且在制造测试和正常操作期间有一种检测熵损失的机制。我们证明了一个简化的比较器的一维随机模型，结合偏移抵消的生-死马尔可夫链模型，可以推导出NRBG的最小熵和熵质量健康测试电路使用的位模式的概率。这项工作的结果与先进的FinFET工艺的测量数据相比非常好。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 IEEE 2nd International Verification and Security Workshop (IVSW)

自引率

0.00%

发文量