[libre-riscv-dev] SoC and HWRNG
Luke Kenneth Casson Leighton
lkcl at lkcl.net
Sun Oct 7 21:29:08 BST 2018
---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
On Sun, Oct 7, 2018 at 7:40 PM Jacob Lifshay <programmerjake at gmail.com> wrote:
>
> I think that it would be a good idea to include a hardware
> random number generator in the SoC as embedded devices
> are notorious for being randomness starved on boot and
> having weak cryptographic keys as a result.
good call.
> I would suggest using something like
> https://github.com/waywardgeek/infnoise despite needing analog
> circuitry
that's ok, if it's external components. he seems to know what he's
talking about. mentions one of the statistical test programs i've
encountered.
> as it's much harder to cause the output to stop being
> random if the capacitors used for storing the state are big enough
> (1 pF should be enough assuming the thermal noise is bigger than
> 1 uV or so, which it is except at very low temperatures).
> I have built one of these on a breadboard and it seems to
> work just fine, though I haven't performed any statistical analysis on my version.
if they haven't already done so i strongly recommend checking it with
NIST.gov's "STS" package.
> Note that we won't need a particularly high data rate as we can
> use a SPRNG to produce more random numbers once we have
> mixed in several hundred random bits.
> 10kbits/s should be easily achievable.
i'm never happy with a PRNG until i've run STS on several tens of
gigabits of output. the last time i did so i actually found a bug in
one of STS's tests. i used to do tests of million-bit runs, quantity
1000, and had 9 machines in a cupboard under the stairs so it would
not take several daaaays to run :)
l.
More information about the libre-riscv-dev
mailing list