You copied the Doc URL to your clipboard.

How do I use the NIST tool to perform characterization for the TRNG second iteration and restarts tests iteration?

Information in this article applies to:

  • TrustZone Random Number Generator

Problem/Question

How do I use the NIST tool to perform characterization for the TRNG second iteration and restarts tests iteration?

Scenario

N/A

Answer

To perform characterization for the True Random Number Generator (TRNG) second iteration and restarts tests iteration, take the following steps:

  1. Download the source code of the National Institute of Standards (NIST) tool from https://github.com/usnistgov/SP800-90B_EntropyAssessment.

  2. Apply the patch below. The following code shows how the patch adds the build steps for the restart test tool and fixes the build error:

    diff --git a/cpp/Makefile b/cpp/Makefile
    index eb9d583..6e96883 100644
    --- a/cpp/Makefile
    +++ b/cpp/Makefile
    @@ -13,6 +13,11 @@ INC=-I/usr/include -I/usr/include/c++/4.9 -I/usr/include/c++/4.9/backward \
    # Main operations
    ######
    
        

    +all: iid non_iid restart conditioning + +clean: + rm -f ea_iid ea_non_iid ea_restart ea_conditioning + iid: iid_main.o iid_main.o: iid_main.cpp $(CXX) $(CXXFLAGS) $(INC) iid_main.cpp $(LIB) -o ea_iid @@ -21,6 +26,15 @@ non_iid: non_iid_main.o non_iid_main.o: non_iid_main.cpp $(CXX) $(CXXFLAGS) $(LIB) $(INC) non_iid_main.cpp -o ea_non_iid

    +restart: restart_main.o +restart_main.o: restart_main.cpp + $(CXX) $(CXXFLAGS) $(LIB) $(INC) restart_main.cpp -o ea_restart + +conditioning: conditioning_main.o +conditioning_main.o: conditioning_main.cpp + $(CXX) $(CXXFLAGS) $(LIB) $(INC) conditioning_main.cpp -o ea_conditioning + + run_iid: ./ea_iid ../bin/truerand_8bit.bin 8 -i -t -v

    @@ -58,4 +72,4 @@ permutation_test_main.o: test/permutation_test_main.cpp $(CXX) $(CXXFLAGS) $(TESTFLAGS) $(INC) test/permutation_test_main.cpp $(LIB) -o permutation_test

    run_permutation_test: - ./permutation_test ../bin/truerand_8bit.bin 8 1000000 1 -v \ No newline at end of file + ./permutation_test ../bin/truerand_8bit.bin 8 1000000 1 -v diff --git a/cpp/restart_main.cpp b/cpp/restart_main.cpp index 7ee6e7b..70f01d9 100644 --- a/cpp/restart_main.cpp +++ b/cpp/restart_main.cpp @@ -10,6 +10,7 @@ #include "non_iid/compression_test.h" #include "non_iid/markov_test.h"

    +#define SIZE MIN_SIZE

    void print_usage(){ printf("Usage is: ./restart_main <file_name> <bits_per_word> <H_I> <-i|-n> [-v]\n\n");

  3. Build the source code in the Linux system.
    The test binaries ea_iid and ea_restart are created after the build.

  4. Collect the TRNG output data.
    For details about this step, see the section called Second characterization iteration in the Arm® TRNG Characterization Application Note.

  5. Run the ea_iid application in your Linux console.

    For information about how to use the ea_iid application, enter the command ea_iid.

  6. Enter either of the following commands to estimate the TRNG output:

    ./ea_iid <data-file> 8 -i -a -v 
    ./ea_iid <data-file> 8 -c -a -v 

    The parameter data-file specifies one of the data files that you collect in worst case conditions and typical case conditions.

    If you use the function CC_TST_TRNG to collect data, you must remove the header (16 bytes) and footer (12 bytes) from the output of the function. For details about the CC_TST_TRNG function, see https://github.com/ARM-software/TZ-TRNG/blob/master/TRNG_test.c.

    This following figure shows the header (16 bytes) highlighted in a red box at the beginning of the file.


    images/download/attachments/328381807/header.jpg

    This figure shows the footer (12 bytes) highlighted in a red box at the end of the file:


    images/download/attachments/328381807/footer.jpg

    If all the files pass the iid test, this means that the TRNG output values are independent.

    If some of the tests fail, increase the sample counter value of the ROSC by multiplying the value by 1.5, and collect the relevant ring oscillator TRNG output again under worst case conditions. For example, the original sample counter value R0 is 1000. If the iid test fails, you must set the sample counter value R0 to 1500 and collect R0 TRNG output again under worst case conditions. Other ROSCs do not need any tests.

  7. Repeat Step 6 until all the files pass the idd test.

  8. Apply the sample counter value in your software:

    • For CC312, apply the value in the host/src/pal/cc_pal_trng.c file.

    • For CC712 TEE, apply the value in the shared/include/trng/cc_config_trng90b.h file.

  9. Run 1000 power cycles of the device, collect 1000 bits in each cycle, and combine these 1M bits into one file.

    For details about this step, see the section called Restart tests iteration in the Arm TRNG Characterization Application Note.

  10. Enter the following command to do the restart test.

    ea_restart <file_name> 8 H_I -i -v

    If restart tests fail, take the following steps:

    1. Increase the sample counter value of ROSC by multiplying the value by 1.5.

    2. Collect the relevant ROSC TRNG output again under worst case conditions.

    3. Go to Step 4 until restart tests are successful.

Workaround

N/A

Example

N/A

Related Information

Was this page helpful? Yes No