True Random Number Generator (TRNG)

Introduction

The TRNG is a true random number generator that provides full entropy outputs to the application as 32-bit samples. It is composed of a live entropy source (digital) and an internal conditioning component.

The TRNG has been tested using NIST-Random Tests.

Features

• The TRNG delivers 32-bit true random numbers, produced by an digital entropy source.

• The TRNG embeds with a health test unit and an error management unit.

• Two independent FIFOs, the secure one has a higher priority.

• The throughput of the TRNG is up to about 10Mbps.

Functional Description

Block Diagram

The block diagram of TRNG is shown in the following figure.

The TRNG includes the following sub-modules:

• Clock

  • TRNG bus clock is 40Mhz.

• Noise Source

  • The noise source is digital osc, as a random number source, it is internally composed of ring oscillator.

• TRNG control

  • A bit is added to control whether the control register can be accessed from non-secure world.

  • Ensure that the default setting for OSC can work. ROM will use it only without configuring ROSC.

  • This area is the real control register, and the Control_S is the access window in the secure world, Control_NS is the access window in the non-secure world.

• Debias and LFSR and Extractor

  • A serial post-processing circuit

• RCT and APT

  • Two health tests of NIST specification

• Control_S

  • This area is the access window in the secure world; the real address is “Control”.

• Status_S

  • Indicates the available data in FIFO_S.

  • Indicates whether an error has happened.

• FIFO_S

  • Only have one window register instead of all the registers.

  • Read and return all zero when FIFO is empty.

  • FIFO size is 256 bits.

  • When the available data is less than 128 bits, hardware will fill the FIFO_S to full in a high priority.

• Control_NS

  • This area is the access window in the non-secure world; the real address is “Control”.

  • Only can be accessed when S bit in Control is 0.

• Status_NS

  • Indicates the available data in FIFO_NS

  • Indicates whether an error has happened.

• FIFO_NS

  • Only have one window register instead of all the registers.

  • Read and returns all zero when FIFO is empty.

  • FIFO size is 128 bits.

  • This FIFO has a lower priority than FIFO_S. If available data is less than 128 bits in FIFO_S, hardware will not feed any data to this FIFO.

Clock and Power

The whole system can work in two power-saving modes: sleep mode and deepsleep mode.

• In sleep mode, the PLL and APB clock will be gated by system PMC, the power for TRNG should be maintained to keep the registers’ status. The power of ROSC needs to be cut off in this mode.

• In deepsleep mode, there is no power and clock for TRNG and OSC.

Registers

RTL8721DxRTL8720ERTL8726ERTL8713ERTL8730E

Base Address: 0x41101000

Name	Address offset	Access	Description
REG_IER	000h	R/W
REG_ISR	004h	R
REG_ICR	008h	R/W
REG_FIFO_STATUS	00Ch	R	A ready/error summary status
REG_STATUS	030h	R	Status of buffer and health tests
REG_CTRL	034h	R/W
REG_SW_RST	038h	R/W
REG_LFSR_CTRL	108h	R/W	Init drop count and free-run control
REG_RCT0	110h	R/W
REG_RCT1	114h	R/W
REG_APT	118h	R/W
REG_EN_CTRL0	1F4h	R/W
REG_EN_CTRL1	1F8h	R/W
REG_RING_SAMPLE_CLK_CTRL	1FCh	R/W

REG_IER

• Name : Interrupt Enable Register

• Size : 32

• Address offset : 000h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:5	RSVD	R	-	Reserved
4	BUFFER_FULL_INTERRUPT_ENABLE	R/W	0x0	RNG buffer full interrupt enable
3	APT0_FAIL_INTERRUPT_ENABLE	R/W	0x1	Adaptive Proportion Test 0 fail interrupt enable
2	RCT1_FAIL_INTERRUPT_ENABLE	R/W	0x1	Repetition Count Test 1 fail interrupt enable
1	RCT0_FAIL_INTERRUPT_ENABLE	R/W	0x1	Repetition Count Test 0 fail interrupt enable
0	READ_ERROR_INTERRUPT_ENABLE	R/W	0x0	Read error interrupt enable. Trigger interrupt when read RNG data register and RNG valid is not 0x1~0x8.

REG_ISR

• Name : Interrupt Status Register

• Size : 32

• Address offset : 004h

• Read/write access : R

Bit	Symbol	Access	Reset	Description
31:5	RSVD	R	-	Reserved
4	BUFFER_FULL_INTERRUPT_ACTIVE	R
3	APT0_FAIL_INTERRUPT_ACTIVE	R
2	RCT1_FAIL_INTERRUPT_ACTIVE	R
1	RCT0_FAIL_INTERRUPT_ACTIVE	R
0	READ_ERROR_INTERRUPT_ACTIVE	R

REG_ICR

• Name : Interrupt Clear Register

• Size : 32

• Address offset : 008h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:5	RSVD	R	-	Reserved
4	BUFFER_FULL_INTERRUPT_CLEAR	R/W
3	APT0_FAIL_INTERRUPT_CLEAR	R/W		Clear the this interrupt also clear the error flags of APT0 health tests
2	RCT1_FAIL_INTERRUPT_CLEAR	R/W		Clear the this interrupt also clear the error flags of RCT1 health tests
1	RCT0_FAIL_INTERRUPT_CLEAR	R/W		Clear the this interrupt also clear the error flags of RCT0 health tests
0	READ_ERROR_INTERRUPT_CLEAR	R/W

REG_FIFO_STATUS

• Name : Encoded Status Register

• Size : 32

• Address offset : 00Ch

• Read/write access : R

A ready/error summary status

Bit	Symbol	Access	Reset	Description
31:4	RSVD	R	-	Reserved
3:0	VALID	R		Encoded status register. 0x0: buffer empty or APT is not done. 0x1~0x8: number of word is valid. 0xF: APT test fails.

REG_STATUS

• Name : Detail Status Register

• Size : 32

• Address offset : 030h

• Read/write access : R

Status of buffer and health tests

Bit	Symbol	Access	Reset	Description
31:27	RSVD	R	-	Reserved
26	APT0_FAIL	R		APT0 error detected
25	RCT1_FAIL	R		RCT1 error detected
24	RCT0_FAIL	R		RCT0 error detected
23:17	RSVD	R	-	Reserved
16	APT0_DONE	R		Adaptive Proportion Test done status. (APT test pass count > = APT done threshold setting)
15:9	RSVD	R	-	Reserved
8	BUFFER_OVERFLOW	R		Buffer overflow status. It is clear by RNG read out.
7:4	RSVD	R	-	Reserved
3:0	BUFFER_ENTRY_LEVEL	R		Number of 32-bit random number are valid. 0: empty 8: full

REG_CTRL

• Name : Control Register

• Size : 32

• Address offset : 034h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:20	RSVD	R	-	Reserved
19:16	SECURITY_CONTROL	R/W	0x0	If this field is equal to 0xA, the TRNG becomes a non-secur e slave, and all the registers can be accessed by non-secur e transaction. If this field is not equal to 0xA, the non-seucre transacti on can only access address 0xC~0x30. This register is available only when NONSEC_RNG_BUFFER confi g is 1 that supports TrustZone and dual buffer.
15:8	RSVD	R	-	Reserved
7:4	LWC_COND_RATE	R	-	Compression rate of lightweight-cipher conditioning compone nt. 0: bypass lightweight-cipher conditioning component. Larger than 0: enable extra TRNG conditioning. This register is available only when LWC_COND config is 1.
3	RSVD	R	-	Reserved
2	LFSR_BYPASS	R/W	0x0	LFSR bypass enable
1	DEBIAS_CORRECTOR_BYPASS	R/W	0x0	Debias corrector bypass enable
0	NOISE_COLLECTOR_OUTPUT_DISABLE	R/W	0x0	Noise collector output disable

REG_SW_RST

• Name : Software Reset Register

• Size : 32

• Address offset : 038h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:1	RSVD	R	-	Reserved
0	SW_RESET	R/W	-	Write 1 to reset TRNG. It triggers a reset generator to rese t all the componets of TRNG except control register. The register settings remain unchange, but other function bl ocks incuding noise collector(ROSC sampler), debias modules and health tests will be reset. When SW changes the setting of RCT/APT, it’s recommanded to clear error first, and then wirte this register to trigger a reset after apply new setting.

REG_LFSR_CTRL

• Name : LFSR Control Register

• Size : 32

• Address offset : 108h

• Read/write access : R/W

Init drop count and free-run control

Bit	Symbol	Access	Reset	Description
31:9	RSVD	R	-	Reserved
8	FREE_RUN	R/W	0x1	0x1: continuously run LFSR when no input data 0x0: only shift LFSR when input 1 bit data
7:0	INIT_DROP_COUNT	R/W	0x40	Discard number of bit after reset or re-init. Default shift out 64 bits in LFSR.

REG_RCT0

• Name : Repetition Count Test 0 Control Register

• Size : 32

• Address offset : 110h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:16	RSVD	R	-	Reserved
15:8	RCT0_CUTOFF_VALUE	R/W	0x1F	Cutoff value
7:4	RSVD	R	-	Reserved
3:1	RCT0_SAMPLE_SIZE	R/W	0x0	Number of bit per test sample. The sample size is the value add 1. 0: 1-bit 1: 2-bit … 7: 8-bit
0	RCT0_ENABLE	R/W	0x1	Test enable

REG_RCT1

• Name : Repetition Count Test 1 Control Register

• Size : 32

• Address offset : 114h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:16	RSVD	R	-	Reserved
15:8	RCT1_CUTOFF_VALUE	R/W	0x5	Cutoff value
7:4	RSVD	R	-	Reserved
3:1	RCT1_SAMPLE_SIZE	R/W	0x7	Number of bit per test sample. The sample size is the value add 1. 0: 1-bit 1: 2-bit … 7: 8-bit
0	RCT1_ENABLE	R/W	0x1	Test enable

REG_APT

• Name : Adaptive Proportion Test Control Register

• Size : 32

• Address offset : 118h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:28	APT0_DONE_THRESHOLD	R/W	0x1	Assert test done after how many test pass
27:26	RSVD	R	-	Reserved
25:16	APT0_CUTOFF_VALUE	R/W	0x24D	Cutoff value
15:11	RSVD	R	-	Reserved
10:8	APT0_SAMPLE_SIZE	R/W	0x0	Number of bit per test sample. The sample size is the value add 1. 0: 1-bit 1: 2-bit … 7: 8-bit
7:2	RSVD	R	-	Reserved
1	APT0_WINDOW_SIZE	R/W	0x1	0: 512 bits 1: 1024 bits
0	APT0_ENABLE	R/W	0x1	Test enable

REG_EN_CTRL0

• Name : Ring50[29:0] Enable Register

• Size : 32

• Address offset : 1F4h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:30	RSVD	R	-	Reserved
29:0	RING50_ENABLE_0	R/W	0x3FFFFFFF	Enable Ring #29~0

REG_EN_CTRL1

• Name : Ring50[49:30] Enable Register

• Size : 32

• Address offset : 1F8h

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:21	RSVD	R	-	Reserved
20	RING50_RNG_ENABLE	R/W	0x1	Enable Ring50 noise source
19:0	RING50_ENABLE_1	R/W	0xFFFFF	Enable Ring #49~30

REG_RING_SAMPLE_CLK_CTRL

• Name : Sample clock control

• Size : 32

• Address offset : 1FCh

• Read/write access : R/W

Bit	Symbol	Access	Reset	Description
31:12	RSVD	R	-	Reserved
11:8	CLOCK_SAMPLE_RATE_CONTROL	R/W	0x0	For fine-tune rocs sample clock
7:0	CLOCK_PHASE_CONTROL	R/W	0x0	For fine-tune rocs sample clock