[Cryptech Tech] Hardware entropy

[Bernd Paysan]

Am Montag, 19. Mai 2014, 12:31:09 schrieb Fredrik Thulin:
> On Friday, May 16, 2014 05:25:09 PM Bernd Paysan wrote:
> ...
> 
> > > We're more or less just about to start the work on the first
> > > implementation
> > > of an entropy source. What we're planning to do for the first
> > > implementation is a noisy diode source, external to the FPGA.
> > 
> > There are a lot of noisy internal sources, if you know where to find them
> > (this usually means misconfiguring the LUTs, because "sane" designs avoid
> > that ;-).  Of course, you can always have an external noise source+DAC,
> > and
> > once you have collected enough entropy, run a PRNG.
> > 
> > > I don't know very much about FPGAs so I can't really say anything about
> > > your idea, but I'm sure Joachim will chime in.
> > 
> > Ok.
> 
> Bernd and Joachim, thank you both for sharing your very interesting thoughts
> and ideaas with this list this weekend.
> 
> Regarding FPGA internal sources of entropy; I think I'll mostly show my
> ignorance by asking this, but I'll do it anyway with the hope to get even
> more
> interesting e-mails to read and learn from:
> From my understanding the internal entropy would be generated using
> unintented/not really standard stuff existing in FPGAs? Are there any
> potential dangers in having such a source in the Cryptech HSM?

Not quite.  I would describe that as "insane designs".  The things I'm using 
(carries as delay chain + inverter) to create a ring oscillator are standard 
components.  It's just insane design practice to wrap them into a ring 
oscillator.

You can do quite some analogue design with FPGAs, if you know how to do it.  I 
think the avalanche diode noise sorce could be done with mostly passive 
components outside the FPGA - plus the diode and maybe a charge pump (voltage 
doubling needs two schottky diodes, the rest is "digital stuff").

> I'm saying this because in my mind I wouldn't be surprised if people will
> end up building HSMs from a number of more or less different FPGAs, and it
> could be catastrophic if some of these (based on model differences, batch
> differences, optimization setting differences or whatever) would actually
> fail to produce entropy.
> 
> Of course, Cryptech has to have mechanisms to ensure the reliability of the
> entropy source(s) anyway... as you already said in other e-mails. Maybe that
> is enough to remove these concerns.

This is all in the analogue design domain, even though I'm using digital gates 
only as components.  That means the devices have to be characterized, just 
like any analogue circuit: measure the jitter, and then set the sampling 
frequency so that you really get entropy, and not just subsampling patterns.

How to measure the jitter or the quality of this ring oscillator source?  The 
ring oscillator runs at significant higher speed than the internal clock, and 
certainly also faster than the IO bandwith capability.  So you can't feed it 
out and measure it directly.  You can sample it with the clock frequency or 
some integer division of the clock frequency; that gives you a subsampling of 
the actual state.  As it is a somewhat jittery oscillator, i.e. it has some 
frequency +- some delta (through jitter), there are no frequency components 
outside this range. The subsampling is good enough if the subsample frequency 
has a larger span than the jitter delta (Shannon theoreme).  So feed the 
samples into an FFT, and you would expect a random distribution (bell curve) 
around the center frequency: that is your jitter.  The actual base frequency 
is not of interest, only the jitter is.

The actual readout frequency for the entropy source then needs to be set in 
the order of 1 sigma of the jitter; this will give something that is pretty 
close to white noise.

This sort of thing is something that can even be done by self-calibration if 
we add an FFT block to the health monitor: sample at highest possible 
frequency, do the FFT, search for the maximum amplitude, search for 1 sigma 
(~70% amplitude); set the subsample frequency based on the index difference.

-- 
Bernd Paysan
"If you want it done right, you have to do it yourself"
http://bernd-paysan.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cryptech.is/archives/tech/attachments/20140519/5a3f46b8/attachment.sig>