• State Verified Answer
  • Replies 4 replies
  • Subscribers 67 subscribers
  • Views 3991 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 237431
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Random Number Generator

HappyANdy

Hello Nordic.

I find two RNG example.

Both nrf_crypto_rng_vector_generate and nrf_drv_rng_rand , what is the difference?

Which one is better on RNG.

How to correspond in the nRF52840_PS_v1.1.pdf!

• True random number generator (TRNG) compliant with NIST 800-90B15, AIS-31, and FIPS 140-2/315 .

• Pseudorandom number generator (PRNG) using underlying AES engine compliant with NIST 800-90A

Thank You!
Andy 

Parents
  • +1

    Hi Andy!

    The first example you mentioned utilizes ARM's CryptoCell cryptography service. CryptoCell has two random number generator methods, both true random number generator and pseudo random number generator. True random number generator, also knowns as hardware random number generator uses a physical process to generate the numbers. Here you can read more about the entropy sources for this process. On the other hand, the pseudo-random number generator uses an algorithm to produce random numbers, by attempting to emulate randomness. This method is much fast than TRNG, but it is also "less random".

    The second example you mention is an example that demonstrates the use of the RNG driver, which accesses the RNG peripheral of the chip.  

    Best regards,

    Heidi

  • 0 in reply to Heidi-Irene Harvey Sollie

    Dear Heidi,

    I get it.
    So, can I think so there are three ways to generate the random number?

    One is using ARM-CC310 a TRNG that is compliant with NIST 800-90B15, AIS-31, and FIPS 140-2/315.

    Another is using the mbed TLS CTR-DRBG standardized by NIST SP 800-90A Rev. 1. 

    The other is using the RNG driver, which accesses the RNG peripheral of the chip. Is it compliant with any certificate?

    Because I need very pay attention to the quality of the random number generator, I must know more detail.


    Thank You!
    Andy

Reply
  • 0 in reply to Heidi-Irene Harvey Sollie

    Dear Heidi,

    I get it.
    So, can I think so there are three ways to generate the random number?

    One is using ARM-CC310 a TRNG that is compliant with NIST 800-90B15, AIS-31, and FIPS 140-2/315.

    Another is using the mbed TLS CTR-DRBG standardized by NIST SP 800-90A Rev. 1. 

    The other is using the RNG driver, which accesses the RNG peripheral of the chip. Is it compliant with any certificate?

    Because I need very pay attention to the quality of the random number generator, I must know more detail.


    Thank You!
    Andy

Children
  • 0 in reply to HappyANdy
    HappyANdy said:
    So, can I think so there are three ways to generate the random number?

    Yes, two ways using CryptoCell and one using the hardware peripheral.

     

    HappyANdy said:
    The other is using the RNG driver, which accesses the RNG peripheral of the chip. Is it compliant with any certificate?

    No, the RNG peripheral is not compliant with any certificate.

    You should note that although the CryptoCell RNG is designed to be compliant with these specifications, it is not certified. 

    Best regards,

    Heidi

Related