{"title":"基于亚稳态的不确定性随机比特发生器的熵证明","authors":"R. Parker","doi":"10.1109/IVSW.2017.8031540","DOIUrl":null,"url":null,"abstract":"We describe a minimum entropy justification for the metastable latch based nondeterministic random bit generator (NRBG) also known as an entropy source (ES). The NRBG, used for on-die generation of cryptographic keys in SOCs, is comprised of a CMOS latch with a continuously running offset cancellation loop. The offset cancellation allows for the resolution required to sample device noise at the expense of introducing serial correlation in the output data. Because the NRBG is embedded within SP 800-90 A/B/C and FIPs 140-2 compliant systems, it is critical that the loss of entropy due to serial correlation be known and bounded, and that there is a mechanism to detect loss of entropy during manufacturing test as well as normal operation. We demonstrate that a simplified one-dimensional stochastic model of the comparator in conjunction with a birth-death Markov chain model of the offset cancellation can be used to derive the minimum entropy of the NRBG and the probability of bit patterns used by entropy quality health test circuits. The result of this work compares excellently to measured data from an advanced FinFET process.","PeriodicalId":184196,"journal":{"name":"2017 IEEE 2nd International Verification and Security Workshop (IVSW)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Entropy justification for metastability based nondeterministic random bit generator\",\"authors\":\"R. Parker\",\"doi\":\"10.1109/IVSW.2017.8031540\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We describe a minimum entropy justification for the metastable latch based nondeterministic random bit generator (NRBG) also known as an entropy source (ES). The NRBG, used for on-die generation of cryptographic keys in SOCs, is comprised of a CMOS latch with a continuously running offset cancellation loop. The offset cancellation allows for the resolution required to sample device noise at the expense of introducing serial correlation in the output data. Because the NRBG is embedded within SP 800-90 A/B/C and FIPs 140-2 compliant systems, it is critical that the loss of entropy due to serial correlation be known and bounded, and that there is a mechanism to detect loss of entropy during manufacturing test as well as normal operation. We demonstrate that a simplified one-dimensional stochastic model of the comparator in conjunction with a birth-death Markov chain model of the offset cancellation can be used to derive the minimum entropy of the NRBG and the probability of bit patterns used by entropy quality health test circuits. The result of this work compares excellently to measured data from an advanced FinFET process.\",\"PeriodicalId\":184196,\"journal\":{\"name\":\"2017 IEEE 2nd International Verification and Security Workshop (IVSW)\",\"volume\":\"71 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 2nd International Verification and Security Workshop (IVSW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IVSW.2017.8031540\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 2nd International Verification and Security Workshop (IVSW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IVSW.2017.8031540","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Entropy justification for metastability based nondeterministic random bit generator
We describe a minimum entropy justification for the metastable latch based nondeterministic random bit generator (NRBG) also known as an entropy source (ES). The NRBG, used for on-die generation of cryptographic keys in SOCs, is comprised of a CMOS latch with a continuously running offset cancellation loop. The offset cancellation allows for the resolution required to sample device noise at the expense of introducing serial correlation in the output data. Because the NRBG is embedded within SP 800-90 A/B/C and FIPs 140-2 compliant systems, it is critical that the loss of entropy due to serial correlation be known and bounded, and that there is a mechanism to detect loss of entropy during manufacturing test as well as normal operation. We demonstrate that a simplified one-dimensional stochastic model of the comparator in conjunction with a birth-death Markov chain model of the offset cancellation can be used to derive the minimum entropy of the NRBG and the probability of bit patterns used by entropy quality health test circuits. The result of this work compares excellently to measured data from an advanced FinFET process.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
