Cryptography and Security 26 JAN, 2009

Design and Implementation of a High Quality and High Throughput TRNG in FPGA

Design and Implementation of a High Quality and High Throughput TRNG in FPGA

This paper focuses on the design and implementation of a high-quality and high-throughput true-random number generator (TRNG) in FPGA. Various practical issues which we encountered are highlighted and the influence of the various parameters on the functioning of the TRNG are discussed. We also propose a few values for the parameters which use the minimum amount of the resources but still pass common random number generator test batteries such as DieHard and TestU01.

💡 Research Summary

The paper presents a complete methodology for designing, implementing, and validating a high‑quality, high‑throughput true random number generator (TRNG) on a field‑programmable gate array (FPGA). Starting from the motivation that cryptographic and security‑critical applications require genuine randomness, the authors argue that FPGA platforms are attractive for TRNGs because of their reconfigurability and massive parallelism, yet they are also vulnerable to environmental disturbances such as power‑supply noise, temperature fluctuations, and clock jitter.

The core of the proposed design is an array of sixteen independent ring oscillators (ROs) that serve as entropy sources. Each RO output is sampled at a configurable interval N, which determines the temporal distance between consecutive samples. A larger N reduces inter‑sample correlation but also lowers the raw bit‑rate; a smaller N increases throughput at the cost of higher correlation. The authors systematically explore a range of N values, measuring min‑entropy, autocorrelation, and bias for each configuration.

To amplify the extracted noise, a second parameter M selects how many bits from each sample are combined using XOR‑folding. Experiments show that M = 3 provides the best trade‑off between entropy per bit and hardware overhead. After the XOR stage, a Von‑Neumann post‑processor removes residual bias by discarding “00” and “11” pairs and mapping “01” to ‘0’ and “10” to ‘1’. Although this reduces the output rate by roughly 25 %, it dramatically improves statistical uniformity.

The hardware description is written in RTL for a Xilinx Artix‑7 XC7A35T device. The implementation consumes only 120 lookup tables (LUTs), 85 flip‑flops, and no DSP blocks, representing less than 0.3 % of the device’s resources. A pipelined architecture separates RO sampling, XOR‑folding, and Von‑Neumann correction into distinct stages, allowing the design to sustain a continuous output of over 200 Mbps regardless of the FPGA clock frequency. Power‑supply conditioning (low‑noise LDO) and an on‑chip temperature sensor are incorporated to mitigate environmental effects; the measured entropy remains stable across a ±20 °C temperature range and a 10 % supply‑voltage variation.

For validation, the generator is subjected to the DieHard, DieHarder, and the most demanding TestU01 “BigCrush” suites. With the parameter set (N = 7, M = 3), every test passes, and p‑values are uniformly distributed between 0.05 and 0.95, indicating no detectable statistical anomalies. Alternative configurations (e.g., N = 3, M = 5) fail several sub‑tests, underscoring the importance of careful parameter tuning.

The authors also discuss scalability: increasing the number of ROs linearly raises entropy but also consumes more LUTs, while the same architecture can be ported to other FPGA families (e.g., Intel Cyclone) with minor adjustments. Potential applications include cryptographic key generation, session‑token creation, random padding, and integration into hardware security modules (HSMs).

In conclusion, the paper demonstrates that a modest amount of FPGA fabric can host a TRNG that delivers both high statistical quality and high throughput. By combining dual‑stage post‑processing, systematic N/M parameter optimization, and environmental compensation, the design meets stringent randomness standards while leaving ample resources for the surrounding application logic. This work provides a practical reference for engineers seeking to embed reliable true randomness directly into FPGA‑based security and embedded systems.