Crypto Quantique launches TuRiNG test suite for PUF randomness in IoT
Crypto Quantique, a provider of quantum-driven security for the Internet of Things (IoT), has announced the development of a randomness test suite tailored specifically for physical unclonable functions (PUFs). The suite, called TuRiNG, addresses the challenges of testing PUFs, which are increasingly used in semiconductors for secure, regenerable random number generation. The numbers underpin device security, providing a basis for device identities and cryptographic key generation.
Unlike traditional random number generators (RNGs), PUFs produce a fixed-length output, making existing tests inadequate for determining randomness, which is a requirement for a secure device root-of-trust (RoT). The new test suite adapts existing tests from the NIST 800-22 suite, making them suitable for the characteristics of PUFs, such as spatial dependencies and limited output length.
The suite introduces a test to ensure the independence of PUF outputs, which is important for maintaining cryptographic security by identifying correlated outputs. It is designed to be both comprehensive and practical, ensuring that PUFs meet randomness requirements without excessive data demands and involves running tests in different data orderings to account for potential spatial correlations in PUF outputs.
By reducing the number of required bits for certain tests, the suite allows for more efficient testing, minimising the risk of misrepresenting PUF quality. This development is aiming to change the way randomness is validated in PUFs, offering a reliable method for ensuring the security of cryptographic systems in IoT devices.
Crypto Quantique’s TuRiNG open-source test suite is available as a free GitHub download at https://github.com/cryptoquantique/puf-randomness-test, from where a detailed technical white paper can also be downloaded.