[Cryptech Tech] Another work package: PN entropy source

Thu Mar 13 14:44:32 UTC 2014

On Thu, Mar 13, 2014 at 7:56 AM, Joachim Strömbergson
<joachim at secworks.se> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Aloha!
>
> Thanks for two good days of meetings.
>
> I would like to suggest another work package to add to the list:
>
> Design of a PN avalanche noise entropy source.
>
> The entropy source should be designed in such a way that it is easy to
> implement, compact in terms of footpring and number of components, cheap
> and robust in the sense that it shall be easy for anybody to implement a
> working entropy source that can be connected to a entropy provider core
> in the Cryptech TRNG. (Yes, Randy - I think you are right that the
> correct term is probably provider ;-)
>
> The design in the work package probably includes the A/D converter.
>
> The work package includes doing the electronic design, implement it on a
> board (for example an Arduino Shield breadboard), test it and write
> documentation including results from long term testing. The output
> includes schematics, bill of materials user guidelines as well as FPGA
> core and sw to allow somebody to extract raw entropy and assess the
> quality of the source.
>
> FredrikT has been collecting a lot of information on available on this
> type of entropy source. On the meeting Fredrik showed me some very
> interesting long term measurements that shows that a PN source quality
> can vary over time.

This is probably showing my ignorance of what entropy actually is, but
if the quality of one junction varies over time would it make sense to
have 2 (or more)? Especially if we use a multi-channel A/D? We could
use both, or, if one stops being randomly noisy we could disable it
until it becomes unpredictable enough?

Note: I have no idea what unpredictable enough *means*. Mainly I don't
want us to end up in a situation where we cannot provide entropy
because the diode has started misbehaving^w behaving...

W

> Also Fredrik pointed out that most designs does not
> adjust bias levels to keep the PN junction in a state where a lot of
> noise is created. Finally Fredrik has acquired components needed to
> start building these sources himself.
>
> For that reason I think Fredrik is an excellent candidate to do this
> work package (if he is interested - which I think he is). Also since
> dol@ has been talking a lot of how PN noise is the only usable, real
> source of entropy, I hope he will assist in providing guidance and
> recommendations on what to consider when designing, implementing and
> evaluating a really good PN entropy source.
>
> - --
> Med vänlig hälsning, Yours
>
> Joachim Strömbergson - Alltid i harmonisk svängning.
> ========================================================================
>  Joachim Strömbergson          Secworks AB          joachim at secworks.se
> ========================================================================
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBCAAGBQJTIWSrAAoJEF3cfFQkIuyN4VYP/0cH6tiTIFkXQZTvQ4sCP0ZX
> 5R7A4KqAwOjASF+BgARVxSsZCJq4ng4MqiOeiogouF+QAa6997w1gPKlD0k+rY7t
> XR8wA4nFD8Y5CLnwGxSFPkGG3dBHAwvnfKdhsmHtIh/X6SAQ0WrCi/UcUwOm5zic
> MG5gZCZuyBdcAPglNjf8UuAoVsQw8irAwJ9tXSIVn46cxcvo/JID8UlPnKdgcO+M
> 8rZv3oXVTTEa53VS7odW8B0/rVTJ1eQKYuBcieyXemeATap2kO7uxarAt/E6Cwz4
> jv6PFKn4smcHAihMfa6gtmNsYTsc22crPzZ643UuwkiTJ/6Gj2moR2mSyz3E48lE
> tCeP3vSGJiQfwc9v4juDPgY3f1Xwmbvcb70qEIs/Shq5kzmLXA3JbS/4sEFyvDNx
> Y3MzEHqEfTvi6I4+C/RPyXAdBel4XNynDKfBLJeALGZhJM5ooHXTMADwOc7HEbud
> 1t/LW0SFiz5YseOkKT8AxjSaQdHxc/lwQR7dXMYnNdFQ8tYcfW0kDzCfsnZYSCH8
> li4ckKd0QXRLEaH8PqqbG88ezne7AFmJxYVd0pI+HDYqu2orVRzOFbhp5Ktd2IzY
> rujV8PbPG6dvP7JTS2EI5mobtihjelfTvqJKm55kGq36s1tNWlq5Yazf2k29GbVf
> 6kiD/DP5dcZnwJFgIrgA
> =hVbd
> -----END PGP SIGNATURE-----
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://cryptech.is/mailman/listinfo/tech