Internet of Things (IoT) have entered our daily life. Besides the rapid growth of the IoT market, we must also pay attention to the severe condition of IoT security. Currently, the lack of IoT criteria leads to a dilemma in the design of IoT devices. Using traditional security solutions sacrifices the lightweight feature and increases the cost. Consequently, most IoT devices in current markets ignore the security issues for profits.

Based upon this background, the major concern of this thesis is to provide solutions that not only satisfy the requirement of low cost, but are also compatible with current and future cryptographic protocol change. This work consists of three parts: a lightweight secure processor, a digital True Random Number Generator (TRNG) and a discrete Gaussian sampler.

The secure processor is fundamental to IoT security. Considering the limited computation capability of IoT devices, complex software-hardware hybrid measures, such as TrustZone technology, are not cost-friendly solutions. Therefore, only hardware mechanisms are considered in this thesis. First, the division of main processor and cryptographic coprocessor are inherited from smart card devices. Additionally, the main processor is extended with minimal security features that protect the Root of Trust (RoT) of the system. Transparent encryption is applied between the communication of the main processor and the coprocessor. A corresponding protocol on using the device is proposed. A RISC-V core is extended with the proposed feature, with instruction extensions and compiler supports. The proposed architecture is able to preserve the secrets, even the device is completely compromised by a hostile attacker.

Hardware cryptographic primitives are irreplaceable components of a security system. A practical digital TRNG architecture is proposed in the second part of this thesis. Due to the inherent characteristics of digital logics, digital TRNGs are not a preferable choice in practical applications. One of the most severe problems is the bias phenomenon. In this thesis, the negative influence of metastability over jitter are studied, and the reason of uncontrollable quality of digital TRNGs is disclosed. Furthermore, a bias-bounded architecture is proposed, which leverages of the non-linear response of a Self-Timed Ring (STR) to different initial states, and uses a statistical method to suppress the bias. The experiment shows that the proposed architecture has advantages of reliability, scalability over previous architectures.

Hardware discrete Gaussian sampler is now becoming a necessary module in a security system, to keep pace with the development of cryptography. Considering a practical issue that TRNG sources in a lightweight device is limited, a compressed Cumulative Distribution Table (CDT) method to adapt for the requirements is proposed. The corresponding hardware implementation shows the competitive overall performance together with intact security features.

To protect an IoT device is an open question without standard solutions. However, the proposed works in this thesis can be a good reference when developing a secure IoT device. Engineers can fully or partially leverage the proposed modules to construct their own IoT products.