[Cryptography] TRNG review: Arduino based TRNGs

Jonathan Thornburg jthorn at astro.indiana.edu
Wed Jan 13 20:08:32 EST 2016 

On Wed, Jan 13, 2016 at 02:09:03PM -0800, Bill Cox wrote:
> As for the minimum required hardware for an Arduino, I have not built it,
> but I suspect we could do it with 1 cap and 2 resistors, using the 10-bit
> ADC, assuming we could use the PWM to force A0 to a value that keeps
> randomly flipping between 0x200 and 0x1FF, by using an RC filter on the PWM
> connected through a resistor to A0.  [[...]]

How do we know that this value *randomly* flips, as opposed to (say)
flipping in phase with residual 50/60Hz noise from the power supply?
Or in phase with the temperature of that capacitor?  Or in phase with
the temperature *difference* of those two resistors?  Or the temperature
*difference* of two "balanced" components inside the ADC, which in turn
correlates with the overall idle-time fraction (& hence CPU power dissipation)
of the system?  Or the noise from switching some address-bus circuit-board
trace which turns out to be periodic with the OS software-clock-interrupt
frequency?  Any of these *might* be random-to-an-attacker... or they might
not.

More generally, the problem with amplifying environmental noise is that
the circuit is now exquisitely sensitive to other noise sources as well.
I think you need some pretty serious power-supply regulation, RF filtering,
and thermal control, not to mention excellent analog-electrical-engineering
(e.g., the same sort of red/black signal separation used in TEMPEST hardware)
if you want to have *confidence* that this is a true source of randomness.
And (alas) I don't think that level of design & construction quality is
going to be cheap.

ciao,

-- 
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   "There was of course no way of knowing whether you were being watched
    at any given moment.  How often, or on what system, the Thought Police
    plugged in on any individual wire was guesswork.  It was even conceivable
    that they watched everybody all the time."  -- George Orwell, "1984"

More information about the cryptography mailing list