A TRNG Implemented using a Soft-Data Based Sponge Function within a Unified Strong PUF Architecture

TL;DR

This paper introduces a unified architecture combining a strong PUF and sponge-based data processing to create a robust, high-entropy TRNG suitable for secure hardware applications, validated through extensive testing.

Contribution

It presents a novel integrated PUF-TRNG design using a SiRF PUF and a soft-data sponge function, enhancing entropy and security against attacks.

Findings

Achieved high min-entropy and stability in the TRNG.

Validated the design with comprehensive NIST and DieHarder tests.

Demonstrated robustness across multiple FPGA instances.

Abstract

Hardware security primitives including True Random Number Generators (TRNG) and Physical Unclonable Functions (PUFs) are central components to establishing a root of trust in microelectronic systems. In this paper, we propose a unified PUF-TRNG architecture that leverages a combination of the static entropy available in a strong PUF called the shift-register, reconvergent-fanout (SiRF) PUF, and the dynamic entropy associated with random noise present in path delay measurements. The SiRF PUF uses an engineered netlist containing a large number of paths as the source of static entropy, and a time-to-digital-converter (TDC) as a high-resolution, embedded instrument for measuring path delays, where measurement noise serves as the source of dynamic entropy. A novel data postprocessing algorithm is proposed based on a modified duplex sponge construction. The sponge function operates on soft data, i.e., fixed point data values, to add entropy to the ensuing random bit sequences and to increase the bit generation rate. A postprocessing algorithm for reproducing PUF-generated encryption keys is also used in the TRNG to protect against temperature voltage attacks designed to subvert the random characteristics in the bit sequences. The unified PUF-TRNG architecture is implemented across multiple instances of a ZYBO Z7-10 FPGA board and extensively tested with NIST SP 800-22, NIST SP 800-90B, AIS-31, and DieHarder test suites. Results indicate a stable and robust TRNG design with excellent min-entropy and a moderate data rate.