RNDR, Random Number
The RNDR characteristics are:
Purpose
Random Number. Returns a 64-bit random number which is reseeded from the True Random Number source at an IMPLEMENTATION DEFINED rate.
If the hardware returns a genuine random number, PSTATE.NZCV is set to 0b0000.
If the instruction cannot return a genuine random number in a reasonable period of time, PSTATE.NZCV is set to 0b0100 and the data value returned in UNKNOWN.
It is unusual to not have a genuine random number returned in a reasonable period of time. The definition of a reasonable period of time is IMPLEMENTATION DEFINED.
The output of this random number is from a Deterministic Random Bit Generator (DRBG) that is seeded from a True Random Number Generator (TRNG).
The TRNG:
Provides entropy in the form of random numbers from the sampled output of an unpredictable physical process.
Should conform to the BSI AIS-31, FIPS 140-2, NIST SP800-90B, and NIST SP800-22 standards.
The DRBG:
Produces random numbers from a cryptographically secure algorithm.
Is seeded from the TRNG.
Is reseeded after an IMPLEMENTATION DEFINED number of random numbers has been generated and read using the RNDR register.
Should conform to the NIST SP800-90A Rev. 1 standard.
The entire random number generation should conform to the NIST SP800-90C standard.
Since a TRNG can only generate random bits at a limited rate, the output is commonly collected in an entropy pool until needed. An implementation should ensure that lower privileged software cannot impact the performance of higher privileged software by entirely draining the entropy pool. The refill time cost of the entropy pool should be paid for the persistent caller.
It is expected that a read of the RNDRRS register is likely to be significantly slower than a read of the RNDR register. Both the random number sources are intended to be of high quality, software should encouraged to use RNDRRS only when there is a strong reason for the immediate reseeding.
Configuration
This register is present only when ARMv8.5-RNG is implemented. Otherwise, direct accesses to RNDR are UNDEFINED.
RW fields in this register reset to architecturally UNKNOWN values.
Attributes
RNDR is a 64-bit register.
Field descriptions
The RNDR bit assignments are:
| 63 | 62 | 61 | 60 | 59 | 58 | 57 | 56 | 55 | 54 | 53 | 52 | 51 | 50 | 49 | 48 | 47 | 46 | 45 | 44 | 43 | 42 | 41 | 40 | 39 | 38 | 37 | 36 | 35 | 34 | 33 | 32 |
| RNDR | |||||||||||||||||||||||||||||||
| RNDR | |||||||||||||||||||||||||||||||
| 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
RNDR, bits [63:0]
Random Number. Returns a 64-bit Random Number which is reseeded from the True Random Number source at an IMPLEMENTATION DEFINED rate.
This field resets to an architecturally UNKNOWN value.
Accessing the RNDR
Accesses to this register use the following encodings:
MRS <Xt>, RNDR
| op0 | op1 | CRn | CRm | op2 |
|---|---|---|---|---|
| 0b11 | 0b011 | 0b0010 | 0b0100 | 0b000 |
if PSTATE.EL == EL0 then
return RNDR;
elsif PSTATE.EL == EL1 then
return RNDR;
elsif PSTATE.EL == EL2 then
return RNDR;
elsif PSTATE.EL == EL3 then
return RNDR;