Popis: |
Cryptography and computer security rely heavily on random numbers for key exchange of authentication algorithms. However, current Internet-of-Things (IoT) device security is often based on poor quality pseudo-random number generators (PRNGs). This issue can be overcome using true random number generators (TRNGs) that may offer better quality and higher security. Nonetheless, TRNG often provide slow throughput and require post-processing to correct hardware biases and ensure the desired statistical behavior. In this paper, we present a FPGA-based hardware platform able to validate and post-process multiple TRNG sources. Moreover, we propose a hardware implementation of a provably secure post-processing algorithm called SPRG. Based on the sponge construction and the Keccak-f standard, it improves random number quality while maintaining high data throughput. A full platform providing hardware acceleration has been implemented on a Xilinx Kintex- 7 FPGA board to test the validity of the generated numbers through χ 2 and SP800-90B online statistical tests, and to improve the randomness using AIS-31 or SPRG post-processing hardware cores. The proposed platform is modular and targets both IoT edge devices and back-end servers. |