1. Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.
    Dismiss Notice

Mr RB's RNG and RNGs in general

Discussion in 'Microcontrollers' started by misterT, Nov 19, 2010.

  1. RMMM

    RMMM New Member

    Joined:
    Jan 22, 2010
    Messages:
    357
    Likes:
    3
    Location:
    Maryland
    I suppose it is always possible to separate the die from the plastic package and inspect the die for the temp sensor, but If you removed the identifying labeling on the uC, the fact that it had a thermal sensor in the uC's packaging would be rather difficult to determine.

    Replacing any set number in a RNG algorithm with the number pulled from the analog temperature sensor would add complexity.
     
    Last edited: Dec 1, 2010
  2. Mr RB

    Mr RB Well-Known Member

    Joined:
    Jul 22, 2008
    Messages:
    4,716
    Likes:
    194
    Location:
    Out there
    Thye use a detuned radio(s) to generate entropy at Random.org and release the data for people to use;
    RANDOM.ORG - The History of RANDOM.ORG

    It's an easy system to implement in theory, but radio noise can contain many repeating patterns from mains signals and computing signals. They get around this (or attempt to) by using multiple radios and a post algorithm. My preference would be to use a worse entropy source (that is easier to make and use) and a better entropy (chaotic) algorithm. Besides being a smaller neater implementation it is harder to affect with external interference.

    Nsaspook-
    Practically any level of security can be breached with enough resources thrown at it. The practical goal in most cases would be to increase the level of security so it takes a lot more effort than what the result is worth. RMMM's example with using a micro with internal sensor is right in that ball park, and a clever idea.

    Can anyone (MisterT? ;)) check my math above? It's the first time I have tried to calc a number that large (millions of decimal digits), and it doesn't help that my trusty TI is limited to 10^99.
     
  3. 3v0

    3v0 Coop Build Coordinator Forum Supporter

    Joined:
    Jul 14, 2006
    Messages:
    9,404
    Likes:
    227
    Location:
    OKLAHOMA USA
    If we are getting into the realm of what spies and their backers/governments will do to break encryption the sky is the limit.
     
  4. dave

    Dave New Member

    Joined:
    Jan 12, 1997
    Messages:
    -
    Likes:
    0


     
  5. RMMM

    RMMM New Member

    Joined:
    Jan 22, 2010
    Messages:
    357
    Likes:
    3
    Location:
    Maryland

    I agree.

    Considering what D&D enthusiasts would pay for a Good RNG equipt dice roller! So there are plenty of other applications for RNGs than government security. wikileaks anyone?
     
    Last edited: Dec 1, 2010
  6. nsaspook

    nsaspook Well-Known Member

    Joined:
    Mar 24, 2010
    Messages:
    1,141
    Likes:
    219
    Location:
    Fairview, Or
    It's actually very easy to probe chips for functions if you know what to look for. But there are methods for chip designs that can help with PRNG randomness. Physical Unclonable Function - Wikipedia, the free encyclopedia

    And there are attacks...

    http://www.electro-tech-online.com/custompdfs/2010/12/084_2PDF.pdf
     
    Last edited: Dec 1, 2010
  7. nsaspook

    nsaspook Well-Known Member

    Joined:
    Mar 24, 2010
    Messages:
    1,141
    Likes:
    219
    Location:
    Fairview, Or
    This is a simple PIC18 sram PUF routine I've used to generate a random seed (just adding the sram bytes or hashing/crc16 ) for the srand function when using rand(). It uses the eeprom area to store keys and key change data between runs.

    Code (text):
    /* get random data from sram powerup bits */
    unsigned int puf_sram(unsigned char cmode)                      // look at random SRAM data for PRNG seed
    {                                       // uses a udata section of memeory PUF_SIZE and eeprom from
    unsigned int    e;                              // 0 to 2xPUF_SIZE to store key, diff data
    static unsigned int seed=0;                         // if cmode is TRUE the stored key will be zeroed and will return 0
    unsigned char   entr_s,entr_r,entr_d;

    if (seed !=0 ) return seed;

            for (e=0; e<PUF_SIZE; e++) {
        seed = seed + sram_key[e];
        entr_s=sram_key[e];
                Busy_eep();
                entr_r = Read_b_eep ( e );          // read eeprom seed data
        entr_d = entr_s^entr_r;             // XOR to look for diff bits

        if (!cmode) {                       // cmode  will zero key data history
                 Busy_eep();
                 Write_b_eep ( e, entr_s );             // write eeprom key data
                 Busy_eep();
                 Write_b_eep ( e+PUF_SIZE, entr_d );        // write eeprom key change data
        } else {
                 Busy_eep();
                 Write_b_eep ( e, 0 );          // write zeros to  eeprom key data
        }
                ClrWdt();                           // reset the WDT timer
            }

        seed=Make_Crc16(sram_key,PUF_SIZE);     // make seed from crc16 of sram
        if (cmode) seed=0;                      // cmode return 0
        return (seed);
    }
    C18 code fragment:

    #pragma udata sdbank
    far unsigned char sram_key[PUF_SIZE];
    #pragma udata

    .......

    // puf_sram(TRUE); // set puf eeprom area to 0's
    // PORTF = ~puf_sram(FALSE);
    srand(puf_sram(FALSE));
     
    Last edited: Dec 3, 2010
  8. Mr RB

    Mr RB Well-Known Member

    Joined:
    Jul 22, 2008
    Messages:
    4,716
    Likes:
    194
    Location:
    Out there
    I updated my RNG page; Black RNG algorithm to replace those old RNG diagrams with the new proper ones.

    It also has a heap more information, covering some of the math (thanks MisterT, and you got a mention) and also discussing limitations of the RNG and optimisations for when it is used for cryptographically secure (CSPRNG) applications. I didn't update the Windows RNG software to include the CSPRNG mods yet, as I have real work happening at the moment but it is on my "to-do" list.

    However I did make a nice little prime number finder windows freeware;

    [​IMG]

    http://www.romanblack.com/Primefinder.htm

    As there seemed to be a real shortage of software (prime number finders) out there, apart from those crappy slow on-line converters full of advertising.

    My one works instantly, and finds any prime number you want up to 4.29 billion.
     
    Last edited: Dec 5, 2010
  9. nsaspook

    nsaspook Well-Known Member

    Joined:
    Mar 24, 2010
    Messages:
    1,141
    Likes:
    219
    Location:
    Fairview, Or
    I played around with the idea of a PIC sram based PUF device as a RNG and authenticator. It works but needs shielding and lots of error correction work in any practical manner without a good fuzzy extractor. Here is some C18 code and data (openoffice chart format) generated from a 1 chip, 4 key generations run. It still needs the ECC error bits from the Hamming (7,4) codes to be included in the masking data to normalize the results to help correct for bit drift. Using Reed-Solomon or LDPC ECC codes would be better for a working model as it can handle multi bit errors with ease.
     

    Attached Files:

    Last edited: Dec 10, 2010

Share This Page