TRNG Operation Description
If the clock is stopped, the TRNG can not be accessed and a bus fault is generated (within the
Interconnect).
If an application that no longer needs the TRNG must go into deep sleep mode without waiting, the
application can write 0 in the TRNG:CTL.TRNG_EN register bit, and the input system clock can be
switched off. If the TRNF:CTL.TRNG_EN register is set to 0 and the input clock is switched off. happens,
and if a random number is needed later, a soft reset is required because randomness cannot be ensured.
The penalty is entropy accumulation time is required before the first random number is ready.
16.5.2 TRNG Alarms
TRNG alarms happen and are most likely caused by FRO clock to sampling clock frequency locking. The
sampling clock is the same as the system clock for the TRNG, and when the FRO oscillating frequency
gets too close to a multiple of this clock, frequency lock might result in sampling the FRO clock at the
same phase too many times so a repeated pattern is detected. When such a repeated pattern is detected
it is counted, and when this count exceeds the limit set by the TRNG:ALARMCNT.ALARM_THR register
and the alarm event is triggered. Keeping this value high limits the number of alarms, and default is 255
alarm indications before an alarm event is enabled.
When an alarm event is triggered, the associated FRO is automatically shut down and not allowed to
contribute to entropy accumulation. The user must then decide what to do with this event. Two options
exist:
•
Change the FRO oscillating frequency
•
Leave the FRO off
For the first option, a bit in the TRNG:FRODETUNE.FRO_MASK register set to 1 allows the
associated FRO run approximately 5 percent faster. The value of one of these bits may only be
changed while the corresponding FRO is turned off (by temporary writing 0 in the corresponding bits of
the TRNG:FROEN register—in case of an alarm this bit is already set to 0). When the value is
updated, the corresponding FRO must be enabled again.
For the second option, the de-tune probably had no effect, or the FRO is not oscillating. This state
must be stored so the corresponding bit in the TRNG:FROEN register is kept in off state to eliminate
new alarm triggers caused by the particular FRO.
16.5.3 TRNG Entropy
Entropy is defined as a result of:
•
How many FROs are enabled—more, entropy is achieved faster
•
How many samples are accumulated—longer, higher entropy
The more FROs are enabled and the longer they run, that is, how many samples have been stored in the
LSFR, the higher the entropy becomes.
The TRNG module must be running at maximum frequency when creating random values.
Creation time for a random value is defined by the values set in the TRNG:CTL.STARTUP_CYCLES
reigster, the TRNG:CFG0.MIN_REFILL_CYCLES or the TRNG:CFG0.MAX_REFILL_CYCLES register
and the TRNG:CFG0.SMPL_DIV register; modifications of all these registers can only be done when the
TRNG:CTL.TRNG_EN register is 0.
The TRNG:CFG0.SMPL_DIV register defines how often a sample is collected from the FRO, default value
0 indicates that samples are taken every clock cycle, maximum value 0xF takes one sample every 16
clock cycles. All values of SAMPLE_DIV can be used on this device and it must be set as small as
possible.
To have the same amount of entropy in each created seed, the startup and minimum refill times must be
identical. By using minimum startup and minimum refill time, the entropy per bit is very low. When all
FROs are enabled, a start-up time of 5 ms generates a word with 64-bit entropy.
Low values in the TRNG:CTL.STARTUP_CYCLES register and the TRNG:CFG0.MIN_REFILL_CYCLES
or TRNG:CFG0.MAX_REFILL_CYCLES registers must only be used to generate random values for
nonsecure use like synchronization words, CRC initialization, and so forth. For more secure usages the
minimum of 64-bit entropy and beyond must be defined.
1161
SWCU117C – February 2015 – Revised September 2015
Random Number Generator
Copyright © 2015, Texas Instruments Incorporated