joris
/
vhdl-prng
1
0
Fork 0
Code Pull Requests Releases Activity

Trivium: Fix mistake in initialization. 

* Only 1152 *bits* must be discarded after seeding, not 1152 output words.
 * Add URL of Trivium specification.
This commit is contained in:
Joris van Rantwijk 2016-11-20 22:23:32 +01:00
parent e39568c6f4
commit 688bda983d
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
rtl/rng_trivium.vhdl
View File

@ -8,15 +8,18 @@
-- --
-- The algorithm "Trivium" is by Christophe De Canniere and Bart Preneel. -- The algorithm "Trivium" is by Christophe De Canniere and Bart Preneel.
-- See also: -- See also:
-- C. De Canniere, B. Preneel, "Trivium Specifications", (TODO URL). -- C. De Canniere, B. Preneel, "Trivium Specifications",
-- http://www.ecrypt.eu.org/stream/p3ciphers/trivium/trivium_p3.pdf
-- The eSTREAM portfolio page for Trivium:
-- http://www.ecrypt.eu.org/stream/e2-trivium.html
-- --
-- The generator requires an 80-bit key and an 80-bit initialization -- The generator requires an 80-bit key and an 80-bit initialization
-- vector. Defaults for these values must be supplied at compile time -- vector. Defaults for these values must be supplied at compile time
-- and will be used to initialize the generator at reset. The generator -- and will be used to initialize the generator at reset. The generator
-- also supports re-keying at run time. -- also supports re-keying at run time.
-- --
-- After reset and after re-seeding, at least 4*288 clock cycles are needed -- After reset and after re-seeding, at least (1152/num_bits) clock cycles
-- before valid random data appears on the output. -- are needed before valid random data appears on the output.
-- --
-- NOTE: This generator is designed to produce up to 2**64 bits -- NOTE: This generator is designed to produce up to 2**64 bits
-- of secure random data. If more than 2**64 bits are generated -- of secure random data. If more than 2**64 bits are generated
@ -44,6 +47,7 @@ entity rng_trivium is
generic ( generic (
-- Number of output bits per clock cycle. -- Number of output bits per clock cycle.
-- Must be a power of two: either 1, 2, 4, 8, 16, 32 or 64.
num_bits: integer range 1 to 64; num_bits: integer range 1 to 64;
-- Default key. -- Default key.
@ -74,8 +78,8 @@ entity rng_trivium is
out_ready: in std_logic; out_ready: in std_logic;
-- High when valid random data is available on the output. -- High when valid random data is available on the output.
-- This signal is low during the first 4*288 clock cycle after reset -- This signal is low during the first (1152/num_bits) clock cycles
-- and after re-seeding, and high in all other cases. -- after reset and after re-seeding, and high in all other cases.
out_valid: out std_logic; out_valid: out std_logic;
-- Random output data (valid when out_valid = '1'). -- Random output data (valid when out_valid = '1').
@ -106,6 +110,9 @@ architecture trivium_arch of rng_trivium is
begin begin
-- Check that num_bits is a power of 2.
assert (64 / num_bits) * num_bits = 64;
-- Drive output signal. -- Drive output signal.
out_valid <= reg_valid; out_valid <= reg_valid;
out_data <= reg_output; out_data <= reg_output;
@ -117,8 +124,8 @@ begin
if rising_edge(clk) then if rising_edge(clk) then
-- Determine valid output state. -- Determine valid output state.
-- Delay by 4*288 clock cycles after re-seeding. -- Delay by 4*288/num_bits clock cycles after re-seeding.
if reg_valid_wait = 4*288 then if reg_valid_wait = 4*288/num_bits then
reg_valid <= '1'; reg_valid <= '1';
end if; end if;

2
sim/Makefile
View File

@ -16,6 +16,8 @@ tb_mt19937: tb_mt19937.o rng_mt19937.o
tb_mt19937.o: tb_mt19937.vhdl rng_mt19937.o tb_mt19937.o: tb_mt19937.vhdl rng_mt19937.o
rng_mt19937.o: ../rtl/rng_mt19937.vhdl rng_mt19937.o: ../rtl/rng_mt19937.vhdl
rng_trivium.o: ../rtl/rng_trivium.vhdl
tb_%: tb_%.o tb_%: tb_%.o
$(GHDL) $(GHDLFLAGS) -e $@ $(GHDL) $(GHDLFLAGS) -e $@