True Random Number Generator (RNG) RM0351
810/1830 DocID024597 Rev 5
Post processing
The sample values obtained from a true random noise source consist of 2-bit bitstrings.
Because this noise source output is biased, the RNG implements a post-processing
component that reduces that bias to a tolerable level.
The RNG post-processing consists of two stages, applied to each noise source bits:
• The RNG takes half of the bits from the sampled noise source, and half of the bits from
inverted sampled noise source. Thus, if the source generates more ‘1’ than ‘0’ (or the
opposite), it is filtered
• A linear feedback shift register (LFSR) performs a whitening process, producing 8-bit
bitstrings.
This component is clocked by the RNG clock.
Output buffer
The RNG_DR data output register can store up to two 16-bit words which have been output
from the post-processing component (LFSR). In order to read back 32-bit random samples it
is required to wait 42 RNG clock cycles.
Whenever a random number is available through the RNG_DR register the DRDY flag
transitions from “0” to “1”. This flag remains high until output buffer becomes empty after
reading one word from the RNG_DR register.
Note: When interrupts are enabled an interrupt is generated when this data ready flag transitions
from “0” to “1”. Interrupt is then cleared automatically by the RNG as explained above.
Health checks
This component ensures that the entire entropy source (with its noise source) starts then
operates as expected, obtaining assurance that failures are caught quickly and with a high
probability and reliability.
The RNG implements the following health check features:
1. Behavior tests, applied to the entropy source at run-time
– Repetition count test, flagging an error when:
a) One of the noise source has provided more than 64 consecutive bits at a constant
value (“0” or “1”)
b) One of the noise sources has delivered more than 32 consecutive occurrence of
two bits patterns (“01” or “10”)
2. Vendor specific continuous test
– Real-time “too slow” sampling clock detector, flagging an error when one RNG
clock cycle (after divider) is smaller than AHB clock cycle divided by 16.
The CECS and SECS status bits in the RNG_SR register indicate when an error condition is
detected, as detailed in Section 27.3.7: Error management.
Note: An interrupt can be generated when an error is detected.
To Next Page
Loading...
Need help?
General
