Overview
TRNG Introduction
The True Random Number Generator (TRNG) can generate full-entropy 32-bit random data for application use. Its core components include a dynamic entropy source and an internal conditioning module. Adopting a physical entropy source design, fundamentally immune to side channel attacks. This module has passed NIST sts-2.1.2 randomness tests.
Features
The TRNG generates 32-bit true random numbers derived from an entropy source.
The TRNG is embedded with a health test unit and an error management unit.
The TRNG includes two independent FIFOs: FIFO_NS and FIFO_S (higher priority).
The TRNG throughput is approximately 2Mbps.
Architecture
Block Diagram
Key Submodule Functions
Clock & Entropy Source
PLL (Phase-Locked Loop): Provides stable clock signals to ensure precise system timing.
Noise Source: Utilizes physical processes such as clock jitter to generate random noise signals, serving as the foundation for random number generation.
Debias: Processes the noise signal to eliminate or reduce bias.
LFSR (Linear Feedback Shift Register): Further mixes the debiased signal to enhance the complexity and cycle length of the random sequence.
Extractor: Extracts the final random number sequence from the processed signal.
Control & Security
TRNG control:
This region contains the actual control registers.
Includes a control bit to enable/disable access from the non-secure world.
Control_S:
Secure world access window, mapped to the actual Control registers.
Control_NS:
Non-secure world access window, mapped to the actual Control registers.
Accessible only when the S bit in the Control register is set to A.
FIFO Resource Prioritization
FIFO_S:
256-bit capacity, high-priority filling (immediately refills when data < 128 bits to ensure secure world access even under malicious attacks).
FIFO_NS:
128-bit capacity, filling depends on remaining secure world data (enabled only when FIFO_S ≥ 128 bits).
Data Reliability
Built-in 1024-bit APT test buffer, ensuring output passes NIST STS-2.1.2 standard validation.
Block Diagram
Key Submodule Functions
Clock & Entropy Source
PLL (Phase-Locked Loop): Auto-calibration (300MHz~660MHz) provides a stable clock reference.
Analog ROSC (Ring Oscillator): 4~7MHz true random clock source with power-off leakage prevention design.
Control & Security
TRNG control:
This region contains the actual control registers.
Includes a control bit to enable/disable access from the non-secure world.
Control_S:
Secure world access window, mapped to the actual Control registers.
Control_NS:
Non-secure world access window, mapped to the actual Control registers.
Accessible only when the S bit in the Control register is set to A.
FIFO Resource Prioritization
FIFO_S:
256-bit capacity, high-priority filling (immediately refills when data < 128 bits to ensure secure world access even under malicious attacks).
FIFO_NS:
128-bit capacity, filling depends on remaining secure world data (enabled only when FIFO_S ≥ 128 bits).
Data Reliability
Built-in 1024-bit APT test buffer, ensuring output passes NIST STS-2.1.2 standard validation.
Block Diagram
Key Submodule Functions
Clock & Entropy Source
PLL (Phase-Locked Loop): Auto-calibration (300MHz~660MHz) provides a stable clock reference.
Analog ROSC (Ring Oscillator): 4~7MHz true random clock source with power-off leakage prevention design.
Control & Security
TRNG control:
This region contains the actual control registers.
Includes a control bit to enable/disable access from the non-secure world.
Control_S:
Secure world access window, mapped to the actual Control registers.
Control_NS:
Non-secure world access window, mapped to the actual Control registers.
Accessible only when the S bit in the Control register is set to A.
FIFO Resource Prioritization
FIFO_S:
256-bit capacity, high-priority filling (immediately refills when data < 128 bits to ensure secure world access even under malicious attacks).
FIFO_NS:
128-bit capacity, filling depends on remaining secure world data (enabled only when FIFO_S ≥ 128 bits).
Data Reliability
Built-in 1024-bit APT test buffer, ensuring output passes NIST STS-2.1.2 standard validation.
Block Diagram
Key Submodule Functions
Clock & Entropy Source
PLL (Phase-Locked Loop): Auto-calibration (300MHz~660MHz) provides a stable clock reference.
Analog ROSC (Ring Oscillator): 4~7MHz true random clock source with power-off leakage prevention design.
Control & Security
TRNG control:
This region contains the actual control registers.
Includes a control bit to enable/disable access from the non-secure world.
Control_S:
Secure world access window, mapped to the actual Control registers.
Control_NS:
Non-secure world access window, mapped to the actual Control registers.
Accessible only when the S bit in the Control register is set to A.
FIFO Resource Prioritization
FIFO_S:
256-bit capacity, high-priority filling (immediately refills when data < 128 bits to ensure secure world access even under malicious attacks).
FIFO_NS:
128-bit capacity, filling depends on remaining secure world data (enabled only when FIFO_S ≥ 128 bits).
Data Reliability
Built-in 1024-bit APT test buffer, ensuring output passes NIST STS-2.1.2 standard validation.
Block Diagram
Key Submodule Functions
Clock & Entropy Source
PLL (Phase-Locked Loop): Provides stable clock signals to ensure precise system timing.
Noise Source: Utilizes physical processes such as clock jitter to generate random noise signals, serving as the foundation for random number generation.
Debias: Processes the noise signal to eliminate or reduce bias.
LFSR (Linear Feedback Shift Register): Further mixes the debiased signal to enhance the complexity and cycle length of the random sequence.
Extractor: Extracts the final random number sequence from the processed signal.
Control & Security
TRNG control:
This region contains the actual control registers.
Includes a control bit to enable/disable access from the non-secure world.
Control_S:
Secure world access window, mapped to the actual Control registers.
Control_NS:
Non-secure world access window, mapped to the actual Control registers.
Accessible only when the S bit in the Control register is set to A.
FIFO Resource Prioritization
FIFO_S:
256-bit capacity, high-priority filling (immediately refills when data < 128 bits to ensure secure world access even under malicious attacks).
FIFO_NS:
128-bit capacity, filling depends on remaining secure world data (enabled only when FIFO_S ≥ 128 bits).
Data Reliability
Built-in 1024-bit APT test buffer, ensuring output passes NIST STS-2.1.2 standard validation.
Usage Instructions
If the system requires security attributes, it is recommended to set the TRNG to secure mode to ensure its control registers are only accessible by the Secure World, preventing unauthorized operations from the Non-Secure World.
When both the Secure World and Non-Secure World request large amounts of random data simultaneously:
Requests from the Secure World are prioritized (higher priority).
Requests from the Non-Secure World are processed only after Secure World requests are fulfilled.
APIs
API |
Description |
Parameter |
|---|---|---|
_rand() |
Obtains a single 32-bit true random number |
None |
TRNG_get_random_bytes() |
Retrieves a random byte stream of a specified length, optimized for handling non-aligned memory access |
|
TRNG_get_random_bytes_f_rng() |
An adapter provided for users that can be used as a standard RNG function signature for mbedtls. |
|
__wrap_rand() |
Can replace the standard library rand(), with a return value range of 0 ≤ n ≤ __RAND-MAX (currently 0x7FFFFFFF). |
None |