Efficient Pseudo Random Number Generator

(PRNG) Design on FPGA

Sonia Akter†1 , Kasem Khalil∗§2 , Magdy Bayoumi¶3
† The
Center for Advanced Computer Studies, University of Louisiana at Lafayette, LA, USA
∗ Department of Electrical and Computer Engineering, University of Mississippi, Mississippi, USA
§ Department of Electrical Engineering, Assiut University, Assiut, Egypt
¶ Department of Electrical and Computer Engineering, University of Louisiana at Lafayette, LA, USA

Emails: {[email protected], [email protected], [email protected]}

Abstract—Random Number Generators (RNGs) are a polynomial modulator. The polynomial Modulator can select
2024 IEEE 17th Dallas Circuits and Systems Conference (DCAS) | 979-8-3503-4953-5/24/$31.00 ©2024 IEEE | DOI: 10.1109/DCAS61159.2024.10539915

substantially used in many security domains, providing a different primitive polynomials using a counter, a multiplexer,
fundamental source of unpredictability essential for tasks such and a comparator. Furthermore, different primitive polyno-
as cryptography, simulations, and statistical analyses. The
efficiency and quality of an RNG directly impact the reliability mials are polynomials with varying bit lengths, including 4-
and security of diverse applications, making advancements in bit, 8-bit, and 16-bit lengths. Although the proposed method
RNG design, as explored in this study, of significant importance successfully passed the NIST 800-22 Test suite, it did not
for enhancing computational processes. This paper presents compare the results with similar work in the state-of-the-art
an innovative Pseudo-Random Number Generator (PRNG) literature regarding resource utilization.
that leverages the efficiency of two carefully selected Linear
Feedback Shift Registers (LFSRs) and a connecting XOR gate. The work by Hussain et al. [11] present an LFSR-based
The investigation of five polynomials identified an optimal pair, pseudorandom number generator to encrypt data. The pro-
resulting in a notable improvement of over 200X in the length of posed method uses two LFSRS, LFSR1 and LFSR2, along
random bit sequences compared to a single LFSR-based PRNG. with a 1-bit comparator. The comparator is used to incorporate
The Basys3 FPGA board with the xc7a35tcpg236-1 FPGA chip inequality in the linear recurrence equation and improve the
was used to implement and synthesize the proposed design. Two
significant findings emerge from this research. Firstly, using randomness of the PRNG. The proposed method consumes
variable polynomials demonstrates a huge enhancement in the more power but claims to have more linear complexity
duration of randomness, outperforming the impact of variable compared to traditional 5-bit, 7-bit, and 12-bit LFSR, thus
seeds. A noteworthy observation is that employing the same applicable for high-security applications [12, 13].
polynomials in different branches does not result in optimal The research by Bailey et al. [14] present the performance
results. Secondly, managing more seeds is associated with an
increased area cost, underscoring the efficiency of handling two of 4, 8, 16, and 32-bit reversible LFSRs using the Pareek
polynomials. gate approach. All designs were developed using primitive
polynomials and implemented in Xilinx Spartan6 FPGA on the
Keywords: Random Number Generator, Random Bit, Xilinx ISE 14.7 platform. This method reduces the power con-
LFSR, PRNG, Security, Integrated circuit, FPGA, Basys3, sumption by the random number generator because reversible
FLip Flop. LFSRs allow very fast random sequence generation compared
to PRNG. On the other hand, PRNG uses linear congruential
I. I NTRODUCTION equations requiring high mathematical operations, resulting in
Security is significant in several applications and is high power consumption. However, this work did not mention
paramount for protecting against cyber threats, ensuring the the cost paid in randomness while achieving a 10% reduction
integrity, confidentiality, and availability of data transmit- in power.
ted and processed by interconnected devices[1–7]. However, Gudla et al. [15] propose a PRNG constructed in Resis-
PRNG based on LFSR, also has applications in Quantum Key tance Random- Access Memory chip (ReRAM) to improve
Distribution (QKD) [8]. QKD uses quantum mechanics to the dependability, unpredictability, and unrepeatability of the
establish shared encryption keys between two parties securely. ReRAM chip. The suggested method used Modified LFSR
Morever, LFSR-based Random Number Generators (LRNGs) to generate an ultra-high-throughput random sequence. The
are crucial in low-power applications, particularly in wireless idea is to use a ReRAM RTN circuit to generate a random
technologies like Bluetooth. They are employed to encrypt fre- control signal for the MUX. An integrated linear feedback shift
quency hopping spread spectrum systems, enhancing security register produces an unseen/microscopic quick NOT in the
against signal jamming attacks [9]. sequence data source. This work used Transmission gate-based
The work conducted by Durga et al. [10] propose an RNG 2X1 MUXs to select between signals because transmission
based on the Linear Feedback Shift Register (LFSR). To en- gates can transfer input signals to outputs without attenuating
hance the unpredictability of the RNG, this work incorporates threshold voltages. This method might require a high-speed

979-8-3503-4953-5/24/$31.00 ©2024 IEEE

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on August 26,2024 at 11:37:45 UTC from IEEE Xplore. Restrictions apply.
 clock source, and the randomness quality may depend on the
Digital Clock Manager (DCM) quality.
The work by Zode et al.[16] propose an LFSR-based
True Random Number Generator. The idea is to increase the
randomness using fly seed change using the FPGA Xilinx
IP System monitor. Power supply voltage and on-chip tem-
perature variations were used to generate the random seed.
The whole design is implemented on the Xilinx Virtex-5
Fig. 1: Basic structure of eight-bit LFSR.
ML505 board. On-chip resources consume less space and
less power. The proposed method passed all NIST Statistical
tests. Tests were performed on 218 MB data output from without repetition in specific digital systems like pseudo-
TRNG. The architecture takes only 24 LUTs and 33 slice random number generators (PRNGs) [20]. These polynomials,
registers out of 69120, thus making it suitable for resource- being indecomposable into smaller components, serve as fun-
constrained devices. Verilog HDL language was used, simu- damental building blocks for creating extensive, non-repeating
lated & synthesized on the ML505 Evaluation board (Device sequences, especially crucial in cryptographic operations [21].
XC5VLX110T). on-board frequency of 33MHz was used. In Fig. 1, an example of a traditional eight-bit LFSR using
Han et al. [17] present LFSR-based RNG by introducing the maximum-length polynomial is illustrated. The feedback
the concept of a dynamic polynomial Modulator to avoid mechanism of this LFSR involves the XOR combination of
predictability. The proposed method can generate 4000 times the 8th, 6th, 5th, and 4th bits, which are then fed back to the
larger random numbers before repetition than conventional least significant bit (LSB) of the LFSR. An LFSR’s feedback
LFSR-based random number generators. The dynamic poly- function, achieved through a simple polynomial, determines
nomial Modulator means changing the polynomials by using the series of pseudo-random numbers generated by the LFSR.
switches when the output of the LFSR becomes the ini- The proposed method 1, incorporates a RNG structure
tial seed to avoid periodic patterns. The proposed method that enhances randomness by employing the XOR operation
mostly focuses on the quality of the randomness. Tang et al. on the outputs of two identical LFSRs having two different
[18] illustrate configurable LSFR-based PRNG by using the seeds. Fig. 2 illustrates the proposed method 1, where the
characteristics of the metastable state of the digital circuit. outputs of the two LFSRs are combined to produce a more
The suggested method can produce pseudo-random 16-bit robust and unpredictable random sequence. The key feature
numbers within the range of 1 to 40,000. Configurable means, of the proposed method 2 ( Fig. 3) lies in the utilization
seeds, and feedback factors can both be controlled by using a of two different polynomials for the two LFSR branches,
metastable state. contributing to the diversity and complexity of the generated
In this academic study, we begin by selecting five poly- random numbers. For example, Fig. 3, one LFSR employs the
nomials for LFSR design, denoted as traditional design, as- Polynomial-1:
sessing their performance regarding random sequence length, x8 + x6 + x5 + x4 + 1
power consumption, and resource usage. This groundwork was
crucial for subsequent designs requiring two high-performing While the other LFSR utilizes the Polynomial-2:
polynomials. We then present two designs to enhance random x7 + x5 + x4 + x3 + 1
bit sequence generation compared to traditional LFSR-based
RNGs. The proposed method 1, involved creating a PRNG This deliberate choice of distinct polynomials introduces
using two LFSRs with the same polynomials but different variability in the feedback mechanism of each LFSR, con-
seeds for each. The proposed method 2 was introduced as tributing to the overall randomness of the generated sequence.
an improved solution, providing a notably higher random It is noteworthy that, despite the different polynomials em-
sequence than the initial proposal. ployed, the proposed method 2 maintains the unique char-
The paper is structured as follows: In Section II, the design acteristic of using the same initial seeds for both LFSR
strategies of the proposed Random Number Generator (RNG) branches. The initial seed represents the starting point of the
are discussed. Following that, Section III presents the imple- LFSR operation and significantly influences the subsequent
mentation details and experimental results. Finally, Section IV sequence of random numbers generated. By employing the
concludes the paper. same seed for both LFSRs, method 2 introduces a controlled
yet intricate interplay between the two branches, aiming to
II. T HE P ROPOSED M ETHOD enhance the randomness and statistical properties of the overall
In communication systems, linear feedback shift registers RNG output.
(LFSRs) play a vital role in various applications such as The proposed methods, 1 & 2, comprise of traditional
scramblers, randomizers, convolutional encoders, and genera- method. Moreover, the traditional method is a basic 8-bit
tors of pseudo-random bit sequences (PRBS) [19]. A primitive LFSR. The traditional method uses four inputs, namely ”seed,”
polynomial, defined as an irreducible mathematical expression, ”enable,” ”reset,” and Clk. According to Fig. 1, feedback
holds significance in generating the longest possible sequence bit is calculated by xoring specific bits (8,6,5,4) when using

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on August 26,2024 at 11:37:45 UTC from IEEE Xplore. Restrictions apply.
 Fig. 2: The first proposed method using two distinct seeds with identical polynomials.

Fig. 3: The second proposed method based on two distinct polynomials and one seed.

polynomisl-1 and feedback to LSB bit of the LFSR. Now, at III. I MPLEMENTATION AND E XPERIMENTAL R ESULTS
each positive edge of the clock cycle (posege clk), if reset
is low (nonactive) and enable signal is active, 1 bit shifting The proposed design was developed and synthesized on the
towards MSB happens, and precalculated bit (by XORring) Basys3 FPGA board, featuring the xc7a35tcpg236-1 FPGA
then will become the new least significant bit. An 8-bit register chip, utilizing the Xilinx Vivado 2021.1 platform. The Basys3
is used to store the current state of the LSFR. For proposed FPGA board provides a versatile and accessible hardware
method 1, two different seeds are used, but two of the same platform for digital design projects, making it well-suited for
polynomials are used for two branches of the design. On each the realization of the proposed design. During the simulation
positive edge of the clock cycle(if enabled), two of the same phase, a clock frequency of 100MHz was utilized to model the
XOR operations will be performed based on the specified bits behavior of the designed circuit. The initial seed for traditional
in the polynomials, and finally, another XOR operation will be eight-bit LFSR and proposed method 2 is Hexa Decimal FF.
performed based on the output MSB bits of the two LFSRs. The proposed method 1 uses two initial seeds: Hexa Decimal
Even though the bit number for the XOR operation is the FF and Hexa Decimal 55.
same, the bit value initially depends on the initial seed. A comprehensive overview of five potential polynomials
designed for an 8-bit LFSR is shown in TABLE I. We
have selected these polynomials from the literature as fol-
In the proposed method 2, two LFSRs have used two lows: Polynomial-1 [22], Polynomial-3 [14], Polynomial-4 &
different polynomials. On each positive edge of the clock cycle Polynomial-5 [23]. However, Polynomial-2 is experimental
(if enabled), two different XOR operations will be performed for this paper. This table details the length of random bit
based on the specified bits in the polynomials. Output bits from sequences, power consumption, and area consumption asso-
both LFSRs are again XORed to get new random bits, which ciated with each polynomial during its execution in the 8-bit
is the pseudo-random sequence of the proposed design. The LFSR. Notably, Polynomial-1, Polynomial-3, and Polynomial-
initial seed for method 2 is the same for two LFSR branches. 5 emerge as the most promising options, demonstrating op-

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on August 26,2024 at 11:37:45 UTC from IEEE Xplore. Restrictions apply.
 TABLE I: 8-bit polynomials selection based on their performance based on Fig. 1.
Resource Utilization
Polynomials Repetition after(ns) Power Consumption (W)
LUTs Registers Bonded IOB
x8 + x6 + x5 + x4 + 1 2615 1.18 34 24 19
x7 + x5 + x4 + x3 + 1 1335 1.181 34 24 19
x8 + x4 + x3 + x2 +1 2615 1.199 34 24 19
x8 + x7 + x6 + x5 + 1 2225 1.179 34 24 19
x8 + x6 + x4 + x3 + x2 + x1 + 1 2615 1.252 36 24 19

TABLE II: PRNG results based on the first proposed method

Resource Utilization
Combination of Polynomials Repetition after(ns) Power Consumption (W)
LUTs Registers Bonded IOB
1&1 2615 2.559 67 48 27
2&2 1335 2.566 67 48 27
3&3 2615 2.566 67 48 27
4&4 2225 2.559 67 48 27
5&5 2605 2.673 71 48 27

TABLE III: PRNG results based on the second proposed method

Resource Utilization
Combination of Polynomials Repetition after(ns) Power Consumption (W)
LUTs Registers Bonded IOB
1&2 323905 2.493 58 40 19
1&3 2575 2.499 59 40 19
1&4 553385 2.495 59 40 19
1&5 2565 2.555 61 40 19

timal results in terms of generating a series of unrepeated clear that it is better to use the traditional method because
bits before repetition occurs (at 2615 ns). It is important it provides almost the same length of randomness with less
to note that the clock period is 10 ns, requiring 10 ns to power and area consumption. Even though proposed method 1
generate one random bit, and it generates 255 bits over seems inefficient, it revealed two important insights: 1) storing
2615 ns, characteristic of max length polynomial, indicating seeds is costlier than running more polynomials, and 2) using
the LFSR is functioning flawlessly. However, The above- different seed pairs dynamically will give almost the same
mentioned selected polynomials will be further evaluated in results in terms of randomness if polynomials are the same.
the subsequent analyses depicted in Fig.2 (results presented TABLE III, depicts the polynomial combination used in
in TABLE II) and Fig.3 (results presented in TABLE III). proposed method 2 for the PRNG, length of unrepeated bits,
The objective is to assess and identify a high-performance power consumption, and resource utilization for each polyno-
PRNG based on the criteria of generating the longest series mial combination. When polynomial 1 & 4 is used in proposed
of eight-bit sequences before repetition occurs. The resource method 2, it gives the highest length of randomness, which is
consumption and power consumption results for each configu- more than 200 times (553385 ns) what a single polynomial
ration will be thoroughly examined and subsequently reported can generate, compared with the highest length in TABLE I.
to provide a comprehensive understanding of the performance It can be concluded that using Polynomial-1 and polynomial-4
characteristics of the proposed designs. is the best choice for the proposed design in this work. Using
TABLE II, represents polynomials pair used in two branches polynomial-1 and polynomial-2 can give the second-best result
of proposed method 1, length of unrepeated bits, power con- in terms of random bit sequence. Now comparing TABLE II
sumption, and resource utilization for each polynomial combi- with TABLE III, it is clear that proposed method 2 consumed
nation. The proposed method 1 shows how long the unrepeated less power and less area and provided better results in terms
bits continue to generate while polynomials are the same, of randomness (also 200X ns length of random bit sequence).
but the seeds differ. It is evident that when the Polynomial-1 The work by Panda et al. [23] implement and investigate the
& Polynomia-1 pair and Polynomial-3 & Polynomial-3 pair performance of the 8, 16, and 32-bit LFSR on FPGA using
used in method 1 provide the highest random bit sequence. Verilog VHDL. This method did not use any new approach
However, if TABLE II is compared with TABLE I, random to enhance the length of stages with random bits. However,
bit sequence is almost the same for the two designs. It is the proposed method 2 in our work significantly increases

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on August 26,2024 at 11:37:45 UTC from IEEE Xplore. Restrictions apply.
 the size of the random bit sequence length, especially while based random number generator,” in 2020 Third International
choosing polynomial-1 & polynomial-4, and Polynomial-1 & Conference on Smart Systems and Inventive Technology (IC-
polynomial-2. SSIT), pp. 438–442, IEEE, 2020.
[11] S. Hussain, A. K. Chaudhary, and S. Verma, “Enhancing secu-
rity in iot devices by using pseudo random number generator
IV. C ONCLUSION based on two different lfsr and a comparator,” in 2022 IEEE
This study introduces an efficient PRNG employing two Delhi Section Conference (DELCON), pp. 1–7, IEEE, 2022.
carefully selected LFSR joined by an XOR gate. The metic- [12] S. Akter, K. Khalil, and M. Bayoumi, “A survey on hardware
security: Current trends and challenges,” IEEE Access, 2023.
ulous investigation of five polynomials revealed that two are [13] A. Meza, F. Restuccia, J. Oberg, D. Rizzo, and R. Kastner,
optimal for the proposed design, which was synthesized on “Security verification of the opentitan hardware root of trust,”
the Basys3 FPGA board with notable success. The results IEEE Security & Privacy, 2023.
demonstrate an improvement of over 200 times longer ran- [14] K. Bailey et al., “Fpga implementation of reversible lfsr with
dom bit sequences compared to a single LFSR-based PRNG. primitive polynomial using verilog hdl,” in 2022 IEEE Inter-
national Conference on Distributed Computing and Electrical
However, this research also unveils two crucial findings. Circuits and Electronics (ICDCECE), pp. 1–5, IEEE, 2022.
Firstly, employing variable polynomials significantly enhances [15] V. V. Gudla and V. S. S. S. S. Jyothi, “Design and imple-
randomness, surpassing the impact of using stored variable mentation of digital clock manager based pseudo-true random
seeds. However, it is noted that using the same polynomials number generator,” in 2022 IEEE 3rd Global Conference for
in different branches is noncritical to achieving optimal results Advancement in Technology (GCAT), pp. 1–5, IEEE, 2022.
[16] P. Zode, P. Zode, and R. Deshmukh, “Fpga based novel true ran-
even if the seeds are different. Secondly, the management of dom number generator using lfsr with dynamic seed,” in 2019
more seeds comes at the cost of increased area, emphasizing IEEE 16th India Council International Conference (INDICON),
the efficiency of handling two distinct polynomials. Moving pp. 1–3, IEEE, 2019.
forward, we aim to explore the dynamic application of five [17] M. Han and Y. Kim, “Unpredictable 16 bits lfsr-based true
polynomials for TRNG, opening up a promising path for random number generator,” in 2017 International SoC Design
Conference (ISOCC), pp. 284–285, IEEE, 2017.
further investigation in this field. [18] H. Tang, T. Qin, Z. Hui, P. Cheng, and W. Bai, “Design
and implementation of a configurable and aperiodic pseudo
R EFERENCES random number generator in fpga,” in 2018 IEEE 2nd Interna-
[1] H. U. Khan, M. Sohail, F. Ali, S. Nazir, Y. Y. Ghadi, and tional Conference on Circuits, System and Simulation (ICCSS),
I. Ullah, “Prioritizing the multi-criterial features based on pp. 47–51, IEEE, 2018.
comparative approaches for enhancing security of iot devices,” [19] B. Soreng, Implementation of WiMAX physical layer baseband
Physical Communication, vol. 59, p. 102084, 2023. processing blocks in FPGA. PhD thesis, 2013.
[2] S. Akter, K. Khalil, and M. Bayoumi, “Hardware security in the [20] K. Mandal, “Design and analysis of cryptographic pseudo-
internet of things: A survey,” in 2023 IEEE 36th International random number/sequence generators with applications in rfid,”
System-on-Chip Conference (SOCC), pp. 1–6, IEEE, 2023. 2013.
[3] Y. Wang, Z. Su, N. Zhang, R. Xing, D. Liu, T. H. Luan, and [21] E. Almaraz Luengo, “A brief and understandable guide to
X. Shen, “A survey on metaverse: Fundamentals, security, and pseudo-random number generators and specific models for
privacy,” IEEE Communications Surveys & Tutorials, vol. 25, security,” Statistic Surveys, vol. 16, pp. 137–181, 2022.
no. 1, pp. 319–352, 2022. [22] A. Kurt, “Design of 4 bit and 8 bit pseudo noise sequence
[4] K. Khalil, K. Elgazzar, A. Abdelgawad, and M. Bayoumi, “A generators with all zero condition protection circuit,” in 2021
security approach for coap-based internet of things resource 13th International Conference on Electrical and Electronics
discovery,” in 2020 IEEE 6th World Forum on Internet of Things Engineering (ELECO), pp. 480–484, IEEE, 2021.
(WF-IoT), pp. 1–6, IEEE, 2020. [23] IEEE, FPGA implementation of 8, 16 and 32 bit LFSR with
[5] A. Vangala, A. K. Das, V. Chamola, V. Korotaev, and J. J. Ro- maximum length feedback polynomial using VHDL, 2012.
drigues, “Security in iot-enabled smart agriculture: Architecture,
security solutions and challenges,” Cluster Computing, vol. 26,
no. 2, pp. 879–902, 2023.
[6] K. Khalil, A. Sherif, M. M. Mamun, M. Elsersy, A. A.-
A. Imam, M. Hataba, and M. Mahmoud, “Privacy-preserving
and hardware acceleration-based authentication scheme for data
collection in e-health applications,” in 2023 IEEE 66th Interna-
tional Midwest Symposium on Circuits and Systems (MWSCAS),
pp. 703–707, IEEE, 2023.
[7] M. Seliem, K. Elgazzar, and K. Khalil, “Towards privacy pre-
serving iot environments: a survey,” Wireless Communications
and Mobile Computing, vol. 2018, pp. 1–15, 2018.
[8] P. Chandravanshi, J. K. Meka, V. Mongia, R. P. Singh, and
S. Prabhakar, “Lfsr based rng on low cost fpga for qkd appli-
cations,” arXiv preprint arXiv:2307.16431, 2023.
[9] A. Ebrahimzadeh, A. Falahati, et al., “Frequency hopping
spread spectrum security improvement with encrypted spreading
codes in a partial band noise jamming environment,” Journal of
Information Security, vol. 4, no. 1, pp. 1–6, 2013.
[10] R. S. Durga, C. Rashmika, O. N. Madhumitha, D. Suvetha,
B. Tanmai, and N. Mohankumar, “Design and synthesis of lfsr

Authorized licensed use limited to: NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR. Downloaded on August 26,2024 at 11:37:45 UTC from IEEE Xplore. Restrictions apply.