On the Security of TRNGs Based on Multiple Ring Oscillators

Abstract

True random number generator (TRNG) is essential for the implementation of cryptographic applications, such as digital signature algorithms and security protocols. The quality of generated sequences would directly influence the security of the cryptographic application. Furthermore, in order to enhance the generation rate of random numbers, a TRNG based on multiple ring oscillators (ROs), i.e., MRO-TRNG for short, has been proposed by Sunar et al. There exist potential risks threatening the security of the MRO-TRNG, like pseudo-randomness and phase interlock. For MRO-TRNG, experimental observation and statistical test results have been well investigated. However, these methods cannot distinguish the pseudo-randomness. The concept of entropy is used to quantify the amount of randomness. As far as we know, there is no entropy estimation method for MRO-TRNGs. In this regard, this paper provides an entropy estimation method to analyze the security of MRO-TRNG based on the method for oscillator-based TRNG, and calculates a lower bound of entropy. The theoretical results are verified through Matlab simulations and FPGA experiments. The conclusions can further guide the setting of design parameters (i.e., number of ROs, sampling frequency, etc.) to generate outputs with sufficient entropy.