摘 要

隨著科技的演進，包括在加解密上、參數的量測上、以及在某些特定的模擬程序上的應用，亂數產生器的應用是越來越廣，而且其地位以及其重要性已經不可同日而語，現今不管在學術界或者業界所應用的亂數產生器大多是由主要的幾種方式設計，包括透過Thermal Noise、Shot Noise、Jitter來產生Truly Random Sequence或是利用LFSR以及Chaos model的方式來產生亂數雖然可以產生真正難以預測的數列，但也會來產生Pseudo Random Sequence。
利用Noise 或是 Jitter遇到系統無法控制、對環境參數太過於敏感以及無法度量其亂數特性的問題，然而利用LFSR來產生亂數，其方程式的特性又太容易被破解，而且會遇上亂數特性極度不良的情況，有鑑於此，我們選擇既具有良好的亂數特性且易於實現的Chaos Model(Logistic Equation)來作為亂數產生器的基本方程式，並且利用全數位的方式來實現亂數的產生。
System Model : (Logistic Equation) x(n+1) = 4*x(n)*[1 – x(n)].

p.s.其中x(n) 的範圍為界於零跟一之間的小數，此方程式為43-bits的運算，如果x(n)的值出現0 0.25 0.5 0.75 時，系統將會出現錯誤。

此架構(Logistic Equation)除了有易於實現的優點之外(方程式簡單、階數不高，所以可以達成高速亂數產生器的設計)，不但如此，此方程式在random tests(NIST Sp.800-22)數值上的表現也比起其他的RNG model要來得好，所以我們便利用Logistic Equation的各種優越的特性來實現渾沌基礎之全數位亂數產生器的設計。

Logistic Equation的實現需要一個減法器(43-bits)以及一個乘法器(43-bits)，但如果不加以簡化，實在沒有辦法滿足高速(100MHz)的要求，所以我們利用其方程式的特性來做以下的化簡:
1. 將方程式中的[1 – x]項作運算，變成x’+ lsb。
2. 把前面的x項乘上去，變成 x*x’+ x*lsb。
3. 即可利用array multiplier的特性來做化簡，也就是只需要一個乘法器即可達到整個方程式的運算，根據之前模擬出來的結果，利用此種話減的方式可以將整個系統的速度提高將近一半以上。(即為下圖所示的square 方塊) 。
4. 在此乘法器當中，僅取乘法過後的前43bits的資料當做下一個state的輸入，如此便可忽略掉一些不必要的訊號，系統可消除一些不必要的信號源，以及運算的電路，可以省去不必要的面積浪費，並且不會影響到系統的正常運作。
5. 將乘法的程序細分為partial product 以及 carry propagation 兩個部分，其中partial product的部分利用7 to 3的加法器來壓縮critical path，並且利用在partial product部分的輸出時間不一致的特性，carry propagation的部分便以 on the fly的架構來設計，一方面可以解決訊號到達時間不一致的問題，同時也有助於整個乘法器的化簡加快系統速度。
根據目前的實驗數據及與其他model的比較結果，可以完全證明利用Logistic Equation不管是在系統速度上或是在亂數的特性上都遠比目前其他paper中提到的亂數產生器要來得好。

In this paper, a chaos-based pseudo random number generator (PRNG) is implemented in a fully digital circuit with 120 MHz operation clock frequency. The chaotic equation called Logistic Equation is applied to the system model of PRNG. Noise can be injected to disturb the iterations with dead operation detected. The random quality of the chaos-based model is measured by the Sp. 800-22 random test package. The chaos-based PRNG has been designed and run in the UMC 1P6M 0.18 um CMOS process with area of 944□m□ 813□m.

[1] Stojanovski, T. Kocarev, L., “Chaos-based random number generators-part II: analysis [cryptography],” IEEE Transactions on Circuits and Systems I: Fundamental Theory and Applications, Circuits and Systems I: Regular Papers, Volume: 48 , Issue: 3 , March 2001, Pages: 382 – 385.
[2] Stojanovski, T. Kocarev, L., “Chaos-based random number generators-part I: analysis [cryptography],” IEEE Transactions on Circuits and Systems I: Fundamental Theory and Applications, Circuits and Systems I: Regular Papers, Volume: 48, Issue: 3 , March 2001, Pages: 281 – 288.
[3] Degaldo-Restituto, M. Medeiro, F. Rodriguez-Vazquez, A., “Nonlinear switched current CMOS IC for random signal generation,” Electronics Letters, Volume: 29, Issue: 25, 9 Dec. 1993, Pages: 2190 – 2191.
[4] Gerosa, A., Bernardini, R., Pietri, S., “A Fully Integrated Chaotic System for The Generation of Truly Random Numbers,” Circuits and Systems I: Fundamental Theory and Applications, IEEE Transactions on [see also Circuits and Systems I: Regular Papers, IEEE Transactions on] , Volume: 49 , Issue: 7 , July 2002
Pages:993 - 1000
[5] Petri, C., Cortigiani, F., Rocchi, S., Vignoli, V., “Very High-speed True Random Noise Generator,” Electronics, Circuits and Systems, 2000. ICECS 2000. The 7th IEEE International Conference on , Volume: 1 , 17-20 Dec. 2000, Pages:120 - 123.
[6] National Institute of Standards and Technology, “Security Requirements for Cryptographic Modules”, FIPS PUB 140-2, May 25, 2001.
[7] J. Soto, “Statistical Testing of Random Number Generator,”
URL:http://csrc.nist.gov/rng/nissc-paper.pdf.
[8] A. Lempel, J. Ziv, “On the Complexity of Finite Sequences Lempel,”
IEEE Trans. on Info. Theory, vol. 22, 1976
Pages: 75 - 81.
[9] S. Mund, “Ziv-Lempel Complexity for Periodic Sequences and Its Cryptographic Application,” Advances in Cryptology – EUROCRYPT ’91, Lecture Notes in Computer Science, Springer-Verlag, 1991.
URL: http://202.115.65.116/Cipher/HTML/PDF/E91/114.PDF
[10] A. K. Leung and Stafford E. Tavares, “Sequence Complexity as a Test for Cryptographic Systems,” Proc. of CRYPTO 84, 1984, Pages: 468 – 474.
[11] G. Hadley, “Introduction to Probability and Statistical Decision Theory,” HOLDEN-DAY, San Francisco, 1967.
[12] Robert V. Hogg, Elliot A., “Probability and statistical inference,” MACMILLAN, fourth edition, New York, 1993.
[13] A. Menezes, P. van Oorschot, S Vanstone, “Handbook of Applied Cryptography,” CRC Press, Boca Raton, 1996.
[14] A. Rukhin, J. Soto, J. Nechvatal, M. Smid, E. Barker, S. Leigh, M. Levenson, M. Vangel, D. Banks, A. Heckert, J. Dray, S. Vo , “A Statistical Test Suite for Random and Pseudorandom Number generators for Cryptographic Applications.” NIST Special Publication 800-22, 2001.
[15] “Security Requirements for Cryptographic Modules,”
federal information processing standard publication, May 2001
(supersedes FIPS PUB 140-1, 1994 January 11).
[16] A Certicom Whitepaper, “An Introduction to Information Security”, http://www.certicom.ca/ecc/wpaper.htm, 1997.
[17] B. Schneier, “Applied Cryptography: Protocols, Algorithms, and Source Code in C,” John Wiley & Sons, New York, 2nd edition, 1996.
[18] D.R. Stinson, “Cryptography: Theory and Practice,” CRC Press, Boca Raton, Florida, 1995.
[19] T. Y. Chang; J. R. Huang; H. Y. Lo; P. S. Wang; K. Yang; “The on-the-fly circuits that can be applied to array multiplier and fast Gray code adder,” Circuits and Systems, 2000. Proceedings of the 43rd IEEE Midwest Symposium on ,Volume: 1 , 8-11 Aug. 2000, Pages:342 - 345 vol.1
[20] H.-T. Yang, J.-R. Huang, and T.-Y. Chang; “A Chaos-Based Fully Digital 120 MHz Pseudo Random Number Generator,” Proc. of IEEE Asia-Pacific Conf. on Circuits and System, pp.357-360, Tainan, Taiwan, Dec. 2004. (MoEA 92-EC-17-A-03-S1-0002, NSC 93 -2220-E-007-029 and CIC U18-93B-07a)