Update README to describe the new ROSC based TRNG

2024-10-01 01:45:38 -04:00 · 2022-10-19 09:37:58 +02:00 · 2022-10-19 09:37:58 +02:00 · c07c15a8b8
commit c07c15a8b8
parent e0d68f3dae
1 changed files with 43 additions and 15 deletions
--- a/hw/application_fpga/core/trng/README.md
+++ b/hw/application_fpga/core/trng/README.md
@ -1,29 +1,57 @@
 # trng
-Implementation of the FiGaRO TRNG for FPGAs
+Implementation of the Tillitis True Random Number Generator (TRNG).
 ## Introduction
-# figaro
+Applications running on the Tillitis Key device may have a need of random numbers.
 As unpredictable initial vectors, as challnges, random tokens etc.
 The Tillitis TRNG supports these applications by providing a hardware based
 source of entropy (digital noise) with a uniform distribution.
 Note that the data provided by the TRNG is entropy, not processed random numbers.
 The data should NOT be used directly, but used as seed for a (cryptographically safe)
 random number generator algorithm.
 ## Status
 First version completed. In testing. Use with caution.
 ## How to use
 The ready bit in the status register indicates that there is a new word of
 entropy available to read out. Applications requiring multiple words of
 entropy MUST wait for the ready bit to be set before reading ut
 subseqent words. Not waiting for the ready bit to be set will lead to reading out
 the same entropy data more than once.
-## Introduction
+Applications that need cryptographically safe random number should use the output
-This is a an implementation of the FiGaRO true random
+from the TRNG as seed to a Digital Random Bit Generator (DRBG), for example a Hash_DRBG.
 number generator (TRNG) [1]. The main FPGA target is Lattice iCE40
 UltraPlus, but adaption to other FPGAs should be easy to do.
 ## Implementation details
-The implementation instantiates four FiRO and four GaRO modules. The
+The implementation is based on free running digital oscillators. The implementation creates
-modules includes state sampling. The polynomials used for the
+two sets of oscillators by instantiating a number if LCs configured as one bit inverter gates,
-oscillators are given by equotions (9)..(16) in paper [1]. The eight
+where the output of the inverter is connected to its own input. The oscillators will have a toggle
-outputs are then XORed together to form a one bit random value.
+rate based on the given internal gate delay and the wire delay through given by the feedback
 circuit.
-The random bit value is sampled at a rate controlled by a 24 bit
+After a given number of clock cycles the outputs from the oscillators in each group are
-divisor.
+XOR combined and sampled into two separate registers. This process is repeated a second time,
 producing two more bits, one for each group. These two sets of two bits are then XOR combined
 to produce a single entropy bit. This means that an entropy bit is the XOR combined result
 from two oscillator groups over two sampling events.
-## References
+Entropy bits are collected into an entropy word. When at least 32 bits have been collected,
-[1] [True Random Number Generator Based on Fibonacci-Galois
+the ready bit is set, indicating to SW that a new entropy word is available.
-Ring Oscillators for FPGA](https://www.mdpi.com/2076-3417/11/8/3330/pdf)
+
 Note that the entropy word is not held for the SW to read out. Sampling and collection is running
 continuosly, and the word read by SW will contain the latest 32 bits collected. Entropy bits
 not read by SW will be discarded at the same rate as new bits are collected.
 Currently the following build time parameters are used to configure the implementation:
 - 4096 cycles between sampling
 - 16 oscillators in each group
 - 64 bits collected before setting the ready flag
 ---