Why to use a standalone RNG ?
-
to obtain FIPS140-3
-
as part of CMVP (Cryptographic Module Verification Program)
One must certify its RNG – Random Number Generator following Entropy Validation defined by the NIST – National Institute of Standards and Technology department ESVTS – Entropy Source Validation Test Server
SP800/90 A –> RNG90-SSVDA-T is the solution
Read more on the NIST website Cryptographic Module Validation Program | CSRC
Challenges
- Very complex
The deterministic data needs to be extracted from the RNG engine and provided to a 3rd party lab for certification as contracted by the customer
Potential certification failure
- Lengthy
Need tri-party NDA with customer, lab, silicon provider (distributor) to provide the RNG data
Process take about 9 months or more to just get the RNG certified.
Only then the customers can move forward with the next steps of their certification journey
Why can’t I get the RNG from a standard controller ?
- Customer and test lab testimony
“because I would need to work directly with the controller (MCU, MPU, FPGA) business unit team of the silicon provider
- for 18-24 month
- for an opportunity less than 100ku
- so I expect no support and I must fold back to a discrete approach
- … that’s just for the RNG90”
RNG90 Features
- I²C Interface Only
- Packages: 8-PIN SOIC and 8-PAD UDFN
- Single Zone of Memory (Configuration) No real need for Data
- Random Number Generator SP800-90A/B/C Compliant
- RNG and DRBG Health Tests
- Voltage Range: 1.65 to 5.5V’s
- Versions:
Extended Industrial -40°C to +105°C
Automotive -40°C to +125°C
Both versions are called RNG90 but have different ordering codes
Support collateral
No NDA datasheet, all public content
Multiple socket kits
Parts are available from stock:
MIKROE-3788
