[Cryptography] Entropy of a diode
David Johnston
dj at deadhat.com
Sat Jul 23 17:48:12 EDT 2016
On 7/21/2016 11:02 AM, John Denker wrote:
> On 07/20/2016 02:17 PM, Kurt Roeckx wrote:
>> I'm trying to understand the entropy generated by a reversed diode
>> in avalanche breakdown mode. Does anybody know of a paper that
>> describes it, maybe talk about the distribution of the noise, the
>> effect of temperature changes, RF interference?
>>
>> I'm trying to analyze the chaoskey.
> Background remark: noise in a Zener diode is basically shot noise.
>
> Meanwhile, noise in an avalanche diode is basically shot noise,
> amplified by (you guessed it) the avalanche effect.
>
> Most importantly, if you pull random diodes off the shelf, you
> have no idea what noise you're going to get, because they're not
> designed for that. The manufacturer could "improve" the process
> tomorrow in a way that reduces the noise. If you look at a typical
> spec sheet, it doesn't mention noise at all:
> http://www.vishay.com/docs/88958/byg20d.pdf
>
> OTOH if you are talking about a diode intended and optimized for
> use as a noise source, you have to look at the spec sheet for
> that particular diode.
>
> Any book on semiconductor physics will talk about the avalanche
> effect. Any book on low-noise circuit design will talk about
> shot noise. I get 10,000 hits from
> https://scholar.google.com/scholar?q="shot+noise"+avalanche
>
> If that's not good enough, please ask a more specific question.
>
The entropy in a diode is a very open question indeed. In practice the
entropy in the diode is vast relative to anyone's cryptographic needs.
The problems are
A) Getting it out and turning it to useful random bits.
B) Knowing how much entropy is intrinsic to the diode and how much is
externally sourced that you don't want to count.
C) Knowing what kind of extractor to use
D) Knowing how to conduct online health tests, which means knowing the
failure modes.
More information about the cryptography
mailing list