Towards an Oscillator Based TRNG with a Certified Entropy Rate

We describe a practical and efficient method to estimate the entropy rate of a TRNG based on free running oscillators that does not require outputting and analyzing the clock signals with external equipment. Rather it relies on very simple computations that can be embedded in any logic device such as FPGA or ASIC. The method can be used for the calibration of an oscillator based TRNG or for online certification of its entropy rate. Our approach, which is inspired by the coherent sampling method, works under the general assumption that the period jitter is small compared to the period of the generated clock signal. We show that, in this case, it is possible to measure the relative phase between clocks of two oscillators with far higher precision than the time resolution given by the period of any internal clock signal. We use this observation to recover, under some reasonable heuristics, the distribution of the random walk component of the jitter, from which it is possible to obtain a lower bound on the entropy rate of the TRNG. Our method was thoroughly tested in simulations and in hardware. At the end of the paper, we draw some conclusions and make recommendations for a reliable implementation of TRNGs in cryptographic applications.