This work addresses the limitations of conventional hardware random number generators—namely, single-source entropy and weak resilience against environmental attacks—by proposing a unified PUF-TRNG architecture that synergistically integrates static path-delay variation (SiRF PUF) and dynamic measurement noise from a time-to-digital converter (TDC). Methodologically, it introduces a soft-data-driven duplex-sponge structure for entropy extraction and post-processing, augmented with a key regeneration mechanism to enhance robustness against voltage and temperature fluctuations. Implemented on a ZYBO Z7-10 FPGA, the design passes full NIST SP 800-22, AIS-31, and DieHarder test suites, achieving a minimum entropy of 7.98 bits/bit and a throughput of 12.4 Mbps—significantly outperforming state-of-the-art counterparts. To the best of our knowledge, this is the first work to jointly model and efficiently fuse intrinsic static entropy from PUFs with dynamic noise from TRNGs, establishing an engineering-feasible paradigm for high-security, high-robustness on-chip randomness generation.

Hardware security primitives including True Random Number Generators (TRNG) and Physical Unclonable Functions (PUFs) are central components to establishing a root of trust in microelectronic systems. In this paper, we propose a unified PUF-TRNG architecture that leverages a combination of the static entropy available in a strong PUF called the shift-register, reconvergent-fanout (SiRF) PUF, and the dynamic entropy associated with random noise present in path delay measurements. The SiRF PUF uses an engineered netlist containing a large number of paths as the source of static entropy, and a time-to-digital-converter (TDC) as a high-resolution, embedded instrument for measuring path delays, where measurement noise serves as the source of dynamic entropy. A novel data postprocessing algorithm is proposed based on a modified duplex sponge construction. The sponge function operates on soft data, i.e., fixed point data values, to add entropy to the ensuing random bit sequences and to increase the bit generation rate. A postprocessing algorithm for reproducing PUF-generated encryption keys is also used in the TRNG to protect against temperature voltage attacks designed to subvert the random characteristics in the bit sequences. The unified PUF-TRNG architecture is implemented across multiple instances of a ZYBO Z7-10 FPGA board and extensively tested with NIST SP 800-22, NIST SP 800-90B, AIS-31, and DieHarder test suites. Results indicate a stable and robust TRNG design with excellent min-entropy and a moderate data rate.