[Cryptech Tech] Maurer's Universal Test for Randomness

[Benedikt Stockebrand]

Hi Bill and list,

Bill Cox <waywardgeek at ciphershed.org> writes:

> The board I build back in 1998 used the breakdown voltage between a
> 2N222, which is far noisier than the zeners I tested, but
> unfortunately highly component specific. 

I couldn't find an 2N222 anywhere; do you mean a 2N2222 (NPN BJT)?

So far I'm getting similar and pretty reasonable results from a BC337-16
as well as some (mostly SMD) Zener/avalanche diodes.  Output varies IIRC
from 13 to 16 kByte/s, but with the edge detection approach that is fine
with me.

I've recently thought about trying a TVS diode instead, but didn't yet
find time to order and try some.

> I ran enough current that the resulting noise signal was a continuous
> mountain range rather than spikes separated by some amount of time,

That's what I get, but I then amplify it to near-TTL levels.  If you
look at the archives, Fredrik has done some snapshots from his scope.

> but my goal was a bit different.  My board was not mass producible
> because of the dependence on an unpredictable source.

That's a rather general problem, and it isn't limited to the avalanche
effect, either.  Somehow, engineers quite generally don't seem to like
components that behave even slightly randomly:-)

> I think focus on the avalanche effect is probably the right solution
> for this project, and just taking zero-crossings sounds manufacturable
> and reproducible.

Yep:-)

> It was 500 kbytes/second, which I derived by mixing 40 unwhitened
> bytes from the A/D through a shift register that XORed the data and
> shifted every cycle.  I didn't really need 500Kbytes/second, but I've
> always been something of a speed freak :-)

OK, I thought you had only used the LSB from it.  Yes, that sort of
speed is reasonable, but with that approach you do make assumptions
about the frequency spectrum generated; if those assumptions are wrong,
either due to component tolerance or device aging or terminal failure,
you do get partly deterministic output and don't necessarily notice it.

> I just ordered a Teensy 3.1 Arduino compatible board for my prototype.
>  It is capable of 1 Mbyte/sec transfer to the host PC over USB, so
> I'll target that bandwidth.

I'm not familiar with that board, but the Arduino Uno I have lying
around here only runs at 16 MHz, and with the MCU speed being largely
the limiting factor, that may actually result in a 20% loss of
performance over an Atmel clocked at 20 MHz.

That said, if I ever find the time I'll try to connect the generator to
the GPIO pins of a Raspberry Pi (and then somehow find a way to keep the
OS out of the way)...

>> Finally, the circuit I use intentionally amplifies the analog
>> signal from the noise source to near digital levels, so an ADC
>> wouldn't do much good here.  The reason why I do this again is to
>> compensate for tolerances of components.
>
> That's a great way to do it.  My board was a one-off.

Glad you like it---it took me some time to figure out that this approach
was reasonable.

> With care, you can get the reverse breakdown of a 2N222, when
> amplified carefully, and run at fairly high current, go generate a
> mountain range with a high unpredictable 100MHz component.

Cool.  However, here's another issue I ran into: With USB as your power
source you're supposed to draw no more than 100mA at 5V from it without
prior negotiation with the host.

> However, sensitivity to external noise sources is a major concern.

That's why I use a step-up converter to get about 13.5V (but 12V do
fine) rather than a voltage doubler/charge pump, plaster the design with
LC filters between sections, and avoid using another amplification stage
because that would be extra susceptible to external noise.

> This is one reason I want to play with the infinite noise multiplier
> circuit.  It is practically immune to external noise sources.

Cool!  I think I've found a reasonable balance with regard to that with
my design, but the less susceptible the better.


Cheers,

    Benedikt

-- 
Benedikt Stockebrand,                   Stepladder IT Training+Consulting
Dipl.-Inform.                           http://www.stepladder-it.com/

          Business Grade IPv6 --- Consulting, Training, Projects

BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/