{"id":8546,"date":"2013-06-08T10:17:58","date_gmt":"2013-06-08T14:17:58","guid":{"rendered":"http:\/\/scruss.com\/blog\/?p=8546"},"modified":"2013-06-08T10:18:15","modified_gmt":"2013-06-08T14:18:15","slug":"artisanal-hardware-random-number-generator","status":"publish","type":"post","link":"https:\/\/scruss.com\/blog\/2013\/06\/08\/artisanal-hardware-random-number-generator\/","title":{"rendered":"Artisanal Hardware Random Number Generator"},"content":{"rendered":"<p><a href=\"http:\/\/www.flickr.com\/photos\/scruss\/8986403122\/\"><img loading=\"lazy\" decoding=\"async\" title=\"Artisanal Hardware Random Number Generator\" alt=\"Artisanal Hardware Random Number Generator\" src=\"http:\/\/farm8.staticflickr.com\/7302\/8986403122_e9d699e57f_z.jpg\" width=\"640\" height=\"448\" \/><\/a><\/p>\n<p class=\"wp-caption-text\" style=\"text-align: center;\"><a href=\"http:\/\/www.flickr.com\/photos\/scruss\/8986403122\/\">Artisanal Hardware Random Number Generator<\/a> \u00e2\u20ac\u201d\u00c2\u00a0<a href=\"http:\/\/www.flickr.com\/photos\/scruss\/\">scruss<\/a><br \/>\n<span style=\"font-size: 8px;\">(<em>the Flickr page has popup notes about the circuit<\/em>.)<\/span><\/p>\n<p class=\"wp-caption flickr-desc\" style=\"text-align: left;\">Trickles out a few thousand <em>made-with-love<\/em> organic random numbers per second to the attached Arduino. The circuit is essentially Rob Seward&#8217;s <a href=\"http:\/\/robseward.com\/itp\/adv_tech\/random_generator\/\" rel=\"nofollow\">True Random Number Generator<\/a> v1 (after Will Ware, et al) which uses a MAX232 to power two reverse-biased 2N3904s to create avalanche noise. Another 2N3904 amplifies the resulting noise into something an Arduino can sample using AnalogRead(). Many modern processors include hardware RNGs (such as RdRand in recent Intel chipsets) so this circuit is just a toy now.<\/p>\n<p>My interest in random number generators didn&#8217;t just arise from <a title=\"\u00e2\u20ac\u0153Well, that was unexpected\u00e2\u20ac\u00a6\u00e2\u20ac\u009d: The Raspberry Pi\u00e2\u20ac\u2122s Hardware Random Number Generator\" href=\"http:\/\/scruss.com\/blog\/2013\/06\/07\/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator\/\" target=\"_blank\">yesterday&#8217;s post<\/a>. I&#8217;ve had various circuits breadboarded for months gathering dust, so I thought I&#8217;d pull out the most successful one and photograph it. Hardware RNGs seem to be a popular hobby electronics obsession, and there are many designs out there in variable states of \u00e2\u20ac\u0153working\u00e2\u20ac\u009d and\/or \u00e2\u20ac\u0153documented\u00e2\u20ac\u009d. I wanted one that could be powered from the 5V rail of an Arduino, and didn&#8217;t use too many expensive components. Rob&#8217;s <a href=\"http:\/\/robseward.com\/misc\/RNG2\/\">RNG Version 2<\/a> circuit and code is the basis, but I replaced the 12V external supply with the <a href=\"http:\/\/www.ti.com\/lit\/ds\/symlink\/max232.pdf\">MAX232<\/a> circuit he used in <a href=\"http:\/\/robseward.com\/itp\/adv_tech\/random_generator\/\" target=\"_blank\">version 1<\/a>.<\/p>\n<p>Perhaps the reason that there are so many RNG projects out there in various states of abandonment is that making a good, reliable hardware RNG is <strong>hard<\/strong>. Just a few of the things you have to think about are:<\/p>\n<ul>\n<li>Analogue sources of noise can fade over time; power supplies droop as capacitors age, contacts can corrode, \u00e2\u20ac\u00a6 How do you deal with this fade? If the output becomes so small, can you rely on those few bits from your A\u00e2\u2020\u2019D converter to be useful noise?<\/li>\n<li>Could someone try to attack your RNG so they can influence the results of your secure transactions? How would you detect it? How would you signal to the data user that something is amiss securely, such that an attacker couldn&#8217;t fake distress behaviour?<\/li>\n<li>What if the generator just stops? How do you flag that in a trusted \u00e2\u20ac\u0153<em>no really i mean it and it&#8217;s really me saying this not some attacker honest no<\/em>\u00e2\u20ac\u009d way? There may still be a tiny bit of noise that your circuit picks up; are you sure it&#8217;s your kind of noise, or some attacker trying to inject noise into your system? Remember, testing for real noise is exceptionally hard, and you can&#8217;t guarantee that a hardware RNG that worked today will work properly tomorrow.<\/li>\n<\/ul>\n<p>(I&#8217;d like to thank Peter Todd for providing most of those issues over a pint and a chat during from a <a href=\"http:\/\/biglumber.com\/\" target=\"_blank\">keysigning<\/a> event. Peter saved me from spending too many hours working on this by hinting that \u00e2\u20ac\u201d just maybe \u00e2\u20ac\u201d <a title=\"aka the Dunning-Kruger effect\" href=\"https:\/\/en.wikipedia.org\/wiki\/Dunning%E2%80%93Kruger_effect\" target=\"_blank\">I didn&#8217;t actually know what I was doing<\/a>\u00e2\u20ac\u00a6)<\/p>\n<p>If you want to read more on how to build a proper hardware RNG, the article \u00e2\u20ac\u0153<a title=\"from electronicdesign.com, written by Michael Hamburg of Cryptography Research: published Dec 2012\" href=\"http:\/\/electronicdesign.com\/learning-resources\/understanding-intels-ivy-bridge-random-number-generator\" target=\"_blank\">Understanding Intel&#8217;s Ivy Bridge Random Number Generator<\/a>\u00e2\u20ac\u009d and its references make a good (if very technical in places) introduction. I&#8217;m nowhere near paranoid enough to experiment further with RNG design, although I do have all the components to build an <a title=\"a cheap comparator IC that can be wired to produce a stream of digital noise\" href=\"http:\/\/www.onsemi.com\/pub_link\/Collateral\/LM393-D.PDF\" target=\"_blank\">LM393<\/a>-based <a href=\"http:\/\/www.jtxp.org\/tech\/xr232usb_en.htm\">XR232USB<\/a>\u00e2\u20ac\u00a6<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Artisanal Hardware Random Number Generator \u00e2\u20ac\u201d\u00c2\u00a0scruss (the Flickr page has popup notes about the circuit.) Trickles out a few thousand made-with-love organic random numbers per second to the attached Arduino. The circuit is essentially Rob Seward&#8217;s True Random Number Generator v1 (after Will Ware, et al) which uses a MAX232 to power two reverse-biased 2N3904s [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[7,2],"tags":[2207,2669],"class_list":["post-8546","post","type-post","status-publish","format-standard","hentry","category-computers-suck","category-goatee-stroking-musing-or-something","tag-arduino","tag-rng"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pQNZZ-2dQ","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/posts\/8546","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/comments?post=8546"}],"version-history":[{"count":4,"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/posts\/8546\/revisions"}],"predecessor-version":[{"id":8551,"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/posts\/8546\/revisions\/8551"}],"wp:attachment":[{"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/media?parent=8546"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/categories?post=8546"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/scruss.com\/blog\/wp-json\/wp\/v2\/tags?post=8546"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}