[Cryptography] TRNG review: Arduino based TRNGs

Bill Cox waywardgeek at gmail.com
Thu Jan 14 00:28:30 EST 2016


On Wed, Jan 13, 2016 at 5:08 PM, Jonathan Thornburg <
jthorn at astro.indiana.edu> wrote:

> On Wed, Jan 13, 2016 at 02:09:03PM -0800, Bill Cox wrote:
> > As for the minimum required hardware for an Arduino, I have not built it,
> > but I suspect we could do it with 1 cap and 2 resistors, using the 10-bit
> > ADC, assuming we could use the PWM to force A0 to a value that keeps
> > randomly flipping between 0x200 and 0x1FF, by using an RC filter on the
> PWM
> > connected through a resistor to A0.  [[...]]
>
> How do we know that this value *randomly* flips, as opposed to (say)
> flipping in phase with residual 50/60Hz noise from the power supply?
>

We have the same concerns here.  That's why I followed this statement with,
"I should have mentioned that such a solution would still be highly
sensitive to power supply noise.  Good engineering is still required to
ensure it is secure!".

There is always thermal noise, which can be quantified.  It is hard to
ensure that thermal noise will dominate over non-random sources.  This is
why zener noise is popular.  It starts with a larger random signal.  Even
better is ring oscillators, which in certain ideal models (lacking
inductance), are nearly immune to external influences.  I _think_ infinite
entropy multipliers are even more resistant, though time will tell.

Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160113/b72ddd8c/attachment.html>


More information about the cryptography mailing list