[Cryptech Tech] User auditable hardware entropy source/random number generator

[Benedikt Stockebrand]

Hi Fredrik and list,

Benedikt Stockebrand <bs at stepladder-it.com> writes:

> Fredrik Thulin <fredrik at thulin.net> writes:
>
>> On Wednesday, July 23, 2014 11:11:30 AM Benedikt Stockebrand wrote:
>> [...]
>> Right. I tested a BC337 from my scrap box too, but IIRC there was at least 
>> higher amplitude noise from the 2N3904.
>
> I've got hold of some of them by now---and another set of "magic"
> Zeners---and I'll give them a try as soon as possible.

For me the 2N3904 didn't work as well as the BC337-16 throughput-wise,
but they do work---which is good, because it gives us another option.
And while re-reading this: What gain class BC337 did you use? I've had
way worse results with a BC337-40 than with the BC337-16.

However here's the real fun thing: I've just hooked up the new "magic"
Zeners to my scope (I wouldn't want to hand them out and hear that they
behave entirely differently than the ones I've used so far:-) and I got
these results:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: NewFile1.png
Type: image/png
Size: 104465 bytes
Desc: "Magic" Zener diode #1
URL: <https://lists.cryptech.is/archives/tech/attachments/20140724/00778e57/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NewFile2.png
Type: image/png
Size: 105556 bytes
Desc: "Magic" Zener diode #2
URL: <https://lists.cryptech.is/archives/tech/attachments/20140724/00778e57/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NewFile3.png
Type: image/png
Size: 80600 bytes
Desc: "Magic" Zener diode #3
URL: <https://lists.cryptech.is/archives/tech/attachments/20140724/00778e57/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NewFile4.png
Type: image/png
Size: 72116 bytes
Desc: "Magic" Zener diode #4
URL: <https://lists.cryptech.is/archives/tech/attachments/20140724/00778e57/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NewFile5.png
Type: image/png
Size: 127281 bytes
Desc: "Magic" Zener diode #5
URL: <https://lists.cryptech.is/archives/tech/attachments/20140724/00778e57/attachment-0009.png>
-------------- next part --------------

In other words, the amplitude in these samples differs rather
spectacularly.  The output speed in my test rig doesn't look quite as
bad, but in a first test they ran between 14.5 and 18.7 kB/s (using dd
on 64kB worth of data); I didn't try with an additional amplifier stage,
though.

My guess by now is that Conrad either bought components that didn't pass
QC as BCX55C6V8 types (as they are labelled), or they have been sold
some extra bad quality fakes and now try to get rid of them.

In any case, this means that if we use some sort of otherwise
undesirable property of components as a noise source, be it avalanche
effect or jitter in a ring oscillator or whatever, we better 

- do some really serious thinking about quality ("unquality"?) assurance
  on these components,

- design our circuitry and firmware to be as insensitive to these
  tolerances as possible,

- ...and otherwise make it fail safely if things get really hopeless and

- somehow ensure that a steady supply of usable components is at least
  likely in the long run.

And as soon as I get my PCBs from I'll solder up some more serious test
sets to see what sorts of components are the least troublesome.

And I thought I could consider the analog side of the job finished...


Cheers,

    Benedikt


-- 
Benedikt Stockebrand,                   Stepladder IT Training+Consulting
Dipl.-Inform.                           http://www.stepladder-it.com/

          Business Grade IPv6 --- Consulting, Training, Projects

BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/