Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

The random-number technique for embedded systems

Posted: 16 May 2008 ?? ?Print Version ?Bookmark and Share

Keywords:embedded systems security? random numbers? clock cycle?

In generating random numbers for embedded systems, developers can use a 16bit MCU that keeps all signals internal, making it a cheaper, more secure alternative to expensive analog hardware.

An MCU's random-number generation capabilities are enabled by a dual-clock chip architecture. A very low-frequency oscillator (VLO) and digitally controlled oscillator (DCO) are two independent clock systems, and the timing differences between them can be exploited to generate a stream of random bits.

The speed of the VLO can be reduced below that of the DCO. A timer can then be configured to count upward, with the DCO as its source clock, triggering a capture on the next VLO low-to-high transition. This capture will record the number of DCO clock cycles in one VLO clock cycle. Because of the variance of the clock sources, each capture will result in similar, yet slightly different, amounts of DCO clocks counted per VLO cycle. This difference is the source of the random number.

Using the timer peripheral for gathering random LSBs, a designer can achieve ultralow power consumption by keeping the CPU off during each capture cycle. The CPU is needed only briefly to shift the LSB into a memory location.

TI's MSP430 clock system allows designers to incorporate feedback methods that can improve the performance of the algorithm.

The first feedback mechanism is that the DCO is sped up slightly after each sampled bit. After each bit, the clock control register has the number five added to it. Although any number could be used, it was found that five caused a large enough step change to vary the DCO significantly with respect to the VLO.

Each time an LSB is shifted, the two previously sampled random bits are XORed into the divider bits of the clock control register (CCR). These bits control the divider used for the VLO before it reaches the timer, while also changing the relationship between the VLO and DCO as measured by the timer.

Finally, each resultant bit is due to a majority vote of five loops, each of which generates its own LSB from the CCR, but the majority vote of five is used to select the final resultant bit. Using this method, the MCU can generate a continuous stream of random bits using very little power. This bit stream could be used to create random numbers or, if modifications to a running application's clock structure are not desired, to generate an initial seed for a pseudorandom-number generator.

Using this method, the MCU can generate a continuous stream of random bits using very little power.

With this technique, it's possible to generate a stream of bits that can pass the FIPS 140-2 randomness test. That makes it useful for applications that require random numbers, especially as wireless technologies become more prevalent.

- Lane Westlund
MSP430 Tools Software Engineer
Texas Instruments Inc.

Article Comments - The random-number technique for embe...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top