True random number generator

Hi! We have migrated the Help Center to another platform, hence the content that you see here might not be the latest version. Visit our new Help Center or submit a request if you need any product assistance. Thank you for your cooperation!

Why does TRNG(True random number generator) matter?

To explain further about the purpose of a TRNG, it is important to learn about "How a private key is generated". Whether a private key is generated in a secure methodology will greatly impact the security level of the private key itself.

A private key is a list of digits and numbers that are randomly generated based on asymmetric cryptographic algorithm. The more random the creation source is, the more secure a private key will be. In such case, a random number generator(RNG) is used to create a list of random values with random sources, including physical sources, or software sources.

There are two types of random number generator: true random number generator(TRNG) and pseudo random number generator(PRNG).

TRNG measures some physical phenomenon that is expected to be random and then compensates for possible biases in the measurement process. Example sources include measuring atmospheric noise, thermal noise, and other external electromagnetic and quantum phenomena. For example, cosmic background radiation or radioactive decay as measured over short timescales represent sources of natural entropy.

PRNG uses computational algorithms that can produce long sequences of apparently random results, which are in fact completely determined by a shorter initial value, known as a seed value or key. As a result, the entire seemingly random sequence can be reproduced if the seed value is known. This type of generator typically does not rely on sources of naturally occurring entropy, though it may be periodically seeded by natural sources. This generator type is non-blocking, so they are not rate-limited by an external event, making large bulk reads a possibility.

Based on above descriptions, it is not difficult to notice that a TRNG is using more random and unpredictable sources compared to a PRNG. In our daily life, most of the cellphones or computers are using PRNG, while SafePal S1 is embedded with a TRNG. This is to ensure a new private key is generated on a secure basis when a user create new wallet on the device.

TRNG on SafePal S1 hardware wallet

SafePal S1 is embedded with a true random number generator qualified with both the AIS31 standard from the Germany BSI and the FIPS PUB 140-2 standard from the U.S. government computer security standard, the two most well-known standards of encryption and information security. Both AIS31 and FIPS PUB 140-2 standards have utilized more advanced and strict testing criteria to test upon the quality of random number generator in stead of regular randomness examinations.

Learn more about the Germany BSI AIS31 standard from here.

Learn more about the US FIPS PUB 140-2 standard here.

PreviousAir-gapped Signing Mechanism NextIndependent security element & multi-sensors

Last updated 2 years ago