 Hello and welcome to this presentation of the STM32 Random Number Generator. The features of this peripheral, which is widely used to provide random numbers, will be covered in this presentation. The Random Number Generator, or RNG, integrated inside STM32 products provides random numbers which are used when producing an unpredictable result is desirable. Applications can benefit from the RNG to increase the randomness of numbers or to decrease the possibility of guessing certain values. It is certifiable NIST SP890B with a guaranteed entropy of 128 bits. The RNG peripheral is based on continuous analog noise that provides a random 32-bit value. It is certifiable NIST SP890B with a guaranteed entropy of 128 bits. When configured to pass NIST SP890B certification, the time between two sets of 432-bit data is either 412 AHB cycles. If FAHB is less than F threshold or 256 RNG cycles, FAHB is greater than or equal to F threshold. With F threshold equals 1.6 times FAHB. For example, 77 MHz if FRNG equals 48 MHz. When CLKDIV is different from zero, FRNG must take into account the internal divider ratio programmed in the RNG. The data ready flag is set in the status register when a set of new random data is ready and validated. It must always be used. The RNG automatically performs NIST SP890B compliant health tests on the noise source. A seed error current status flag is set in case of an error. A clock error current status flag is set if the RNG clock is less than HCLK clock divided by 32. This check can be disabled, especially when the RNG clock is initialized low for maximum entropy. An interrupt source can also be enabled to indicate an abnormal seed sequence or frequency error. This simplified block diagram of the RNG shows its basic functional and control modules. This architecture is compliant with NIST SP890B specification. The random number generator is based on an analog circuit made of several ring oscillators, whose outputs are sampled, then XOR'd, to generate the seeds that feed a digital conditioning block that is able to produce 4 32-bit random numbers per round of computation. The sampling of analog seeds is clocked by a dedicated RNG clock signal plus internal divider so that the quality of the random number is independent of the HCLK frequency. The contents of the conditioning block is transferred into the data register through a 4-word FIFO. The data ready flag, or DRDY, is triggered as soon as the FIFO is full and is automatically reset when no more data can be read back from the RNG. In parallel, an error management block verifies the correct seed behavior and the frequency of the RNG source clock. Status bits are set and an interrupt is triggered if an abnormal sequence is detected in the seed or if the RNG frequency is too low. The RNG frequency error check must be disabled if the RNG clock is fixed below AHBCLK32, for example, for quality reasons. TRNG block must be properly initialized with this sequence. 1. Write in the RNG CR register the bit c-o-n-d-r-s-t equals 1 together with the correct RNG configuration. 2. Perform a second write to the RNG CR register with the bit c-o-n-d-r-s-t equals 0, the interrupt enable bit i-e equals 1, and the RNG enable bit r-n-g-e-n equals 1. An interrupt is now generated when a random number is ready or when an error occurs. The true random number generator is only active in run mode. It can be kept enabled in sleep and low power modes to avoid the latency at initialization time. It is disabled for the other low power modes and is completely powered down in standby or shutdown modes. The RNG can be used for a wide range of applications, including cryptography, games, and statistical sampling. For example, all the security of cryptography algorithms are connected to the impossibility of guessing the key. So the key has to be a random number, otherwise the attacker can guess it. This is a list of peripherals related to the random number generator. Please refer to these trainings for more information if needed. For more details, please refer to application note AN-4232 about using the NIST statistical test suite to validate the random numbers generated by a selection of STM-32 MCUs.