Generates a 256-bit random number derived from the startup states of a dedicated SRAM. The nonce service provides the user with the ability to strengthen the NRBG of the User Cryptoprocessor random bit generator by providing an alternate entropy source to use as additional seed data in its DRBG functions.
NONCE = KeyTree256(PUK, 0, PUFSEED)
Where, PUFSEED is a 256-bit conditioned true random output of the SRAM-PUF. PUK is a 256-bit device-generated nonce set in the factory.
To generate maximum entropy and forward and backward resistance, the SRAM-PUF is automatically power-cycled before generating the seed.
| System Service Descriptor Bit Field | Value | Description |
|---|---|---|
| 15:7 | MBOXADDR[10:2] | Mailbox address. See Table 2. |
| 6:0 | 21H | Nonce service command |
The following table lists the Nonce Service Mailbox Format.
| Offset | Length (bytes) | Parameter | Direction | Description |
|---|---|---|---|---|
| 0 | 32 | NONCE | Output | Generated nonce |