[Cryptography] Open hardware RNG design: Hector, Cryptech, OpenTitan, others?

Ondrej Mikle ondrej.mikle at gmail.com
Wed Apr 1 12:23:09 EDT 2020

Let's say you have to implement RNG in your hardware (core/SoC).

I know about two that are older and had more peer review:

- https://hector-project.eu/about (based on PLL jitter)
- https://cryptech.is/ (based on avalanche breakdown on diode)

There is a new project, OpenTitan, but its backing looks solid:

- https://docs.opentitan.org/hw/ip/entropy_src/doc/

So far the OpenTitan's ENTROPY_SRC is just LFSR PRNG design without the analog
noise part.

Any opinions comparison of these projects?

What I liked especially about Hector project is that it seemed really thorough
on researching the alternatives. Also it focused on one important question -
"how do I know the analog noise source will not fail/skew?" and actually had a
reasonable answer.

The OpenTitan feels more geared towards creating IP cores to be used in designs
than research-geared goal. I am wondering if you could use e.g. the Cyptech's
NoisyDiode to feed OpenTitan's ENTROPY_SRC and how much straightforward it is
(since RNG design is not exactly simple).

  O. Mikle

More information about the cryptography mailing list