Ctyptographic True Random Number Generator for Embedded Nios Processor

The paper presents an implementation of a custom extension of commercially available NIOS processor embedded into Altera reconfigurable hardware. Added true random number generator uses recently proposed principle based on reconfigurable on-chip analog PLLs that are embedded in all modern Altera devices. Proposed solution significantly improves security of System on a Programmable Chip (SOPC) embedded cryptographic applications based on the NIOS processor. 1 I n t r o d u c t i o n Almost all cryptographic protocols require generation and use of secret values that must be unknown to attackers [1]. For example, True Random Number Generators (TRNGs) are required to generate public/private keypairs for asymmetric (public key) algorithms including RSA, DSA and Diffie-Hellman. Keys for symmetric and hybrid cryptosystems are also generated randomly. Unfortunately standard processors (including synthesisizable NIOS processor from Altera) are not able to generate true random numbers, as they are deterministic systems. Numerical pseudo-random generators relay on complexity and their standalone use in cryptography, for example to generate keys is inadvisable. The only way to get true random numbers, hence true security for crypto-systems, is to build a generator based on a random physical phenomenon. Current modern high-density Field Programmable Logic Devices (FPLDs) provide an alternative hardware platform even for system-level integration of embedded symmetric and asymmetric cryptographic algorithms but not for high quality TRNGs. Most hardware TRNGs follow unpredictable natural processes, such as thermal (resistance or shoot) noise or nuclear decay. Such TRNGs are not compatible with modern FPLDs and cannot provide a SOPC solution. This paper describes custom TRNG implementation based on recently proposed method [2] that uses on-chip analog PLLs included in Altera APEX FPLDs [3]. Proposed method reliably extracts intrinsic randomness from low-jitter clock signals synthesized by on-chip APEX analog PLLs. The TRNG is developed as an Intellectual Property (IP) building block optimized for NIOS processor and provides significantly higher system level security for complete embedded cryptographic SOPC designs. 2 N I O S P r o c e s s o r O v e r v i e w The NIOS CPU [4] is a pipelined general-purpose RISC microprocessor that is generated by proprieatary Altera VHDL generator (SOPC Builder) and can be synthetized in all recent Altera FPLDs. NIOS supports both 32-bit and 16-bit architectural variants and both 16 and 32-bit variants use 16-bit instructions. The principal features of the NIOS instruction set architecture are: Large, windowed register file – NIOS implementations can include up to 512 internal general-purpose registers. The compiler uses the internal registers to accelerate subroutine calls and local variable access. Simple, complete instruction set – Both 32-bit and 16-bit NIOS variants use 16-bit wide instructions. 16-bit instructions reduce code size and instruction-memory badwidth. Powerful addressing modes – The NIOS instruction set includes Load and Store instructions that the compiler uses to accelerate structure access and local-variable (stack) access. ∗ This work was supported by VEGA grant 1/8130/01 – Digital Signal Processing and Watermarking in Multimedia Communications. Extensibility – Users can incorporate custom logic directly into the NIOS arithmetic logic unit. The automatically-generated Software Development Kit (SDK) includes macros for accessing custom instruction hardware for C and assembly-language programs. Existing NIOS peripherals (e.g. UART, Timer, ...) as well as new custom peripherals can by connected through an Avalon bus. Avalon is a simple bus architecture designed for connecting onchip processor(s) and peripheral together into a SOPC. The principal features of the Avalon bus are: Simplicity – Provide an easy to understand protocol with a short learning curve. Optimized resource utilization – Conserve Logic Elements (LEs) inside the FPLD. Synchronous operation – Integrate well with other user logic that coexists on the same FPLD, while avoiding complex timing analysis issues. The structure of an example SOPC with user-defined custom TRNG, part of which is automatically generated by the SOPC Builder, is shown in Fig.1.