Random Number Generator - Zign RNG
Intrinsic ID Zign® RNG is an embedded software IP solution that enables device manufacturers and designers to add a random number generator to their products without the need for hardware modifications. Random number generators are essential in many cryptographic operations, for example, to secure connections in settings such as IoT, automotive or datacenter. The Zign RNG product is compliant with the NIST SP 800-90 standard. It implements a deterministic random bit generator (DRBG) as specified in NIST SP 800-90A. The DRBG is seeded by a true random seed that is harvested from the noise in the SRAM physical unclonable function (PUF). This construction follows the NIST SP 800-90B specification.
Zign RNG is an embedded software implementation that leverages existing SRAM as a PUF, so it is the only hardware entropy source that does not need to be loaded at silicon fabrication. Zign RNG can be installed later in the supply chain, and even retrofitted on already-deployed devices. This enables a never-before-possible “brownfield” deployment of a cryptographically secure, NIST-certified RNG.
Features
- Uses standard SRAM start-up values as a true random source
- NIST CAVP certified for DRGB and AES
- Compliant with NIST SP 800-90
- Compliant with BSI AIS 20/31
- Supports FIPS 140-3 certification
Benefits
- No need for additional or modified silicon
- Can be added at any point in the supply
chain - Fits in resource-constrained embedded devices
- Portable across different technologies
Zign RNG v1.2-0 | Zign RNG v1.2-1 |
||
---|---|---|---|
Code size* | 4.9 kB | 4.9 kB |
|
SRAM required for PUF | 2.1 kB | 3.2 kB |
|
Performance on Arm Cortex-M4 - Initialize (to be run once after power-up) - Get random bytes | 64 128 512 | (clock cycles) | (clock cycles) |
Security strength | 128 bits | 256 bits |
|
Compliant with NIST SP 800-90 - Health checks - Test interface | ✓ | ✓ |
|
NIST CAVP certified for DRBG (SP 800-90A) and AES | ✓ | ✓ |
* On Arm Cortex M4 (NXP LPCXpresso5411x)
Operational Range
The Intrinsic ID PUF-based solutions have been deployed on MCUs/SoCs/ASICs in a diverse set of foundry/process node combinations. SRAM PUF responses across this diverse array have been qualified for use in a wide range of operational environments, over years of field operation.
- All major fabs from 0.35 μm to 5 nm
- Temperature range from -55°C to 150°C
- Voltage supply variation +/- 20%
- Lifetime > 25 years
Zign RNG Deliverables
- Library compiled for a specific target chip
- Reference manual
- Code examples, e.g. examples of integration with mbed TLS, WolfSSL, and OpenSSL
Applications
- Content protection
- Authentication
- Secure communications
- Platform security
“The approach of Zign RNG offers us a cost-effective way to generate true randomness on devices with limited resources by utilizing something that is already present, the SRAM. It has proven to provide our devices with the entropy that is needed to build our security solutions on,”
— Sean McGrath, Senior VP and General Manager, Connectivity and Audio Business Group at Dialog Semiconductor, a Renesas Company.