The Arduino Due does not have EEPROM so RNG saves the seed into the last page of system flash memory instead. Because the device may be restarted before the first hour expires, there is a special case in the code: the first time that the entropy pool fills up, a save will be automatically forced. This ensures that the device will not accidentally generate the same sequence of random numbers if it is restarted before the first automatic save of the seed.īy default the seed is saved once an hour, although this can be changed with RNG.setAutoSaveTime(). When the system is started next time, the previous saved seed is loaded and then deliberately overwritten with a new seed. The random number generator uses 48 bytes of space at the end of EEPROM memory to store the previous seed. We start by including the necessary libraries: To use the random number generator, both RNG and a noise source must first be initialized. On newer AVR chips, Custom Configurable Logic (CCL) is used to generate an unstable clock source which is sampled by the more predictable RTC timer.įor security-critical applications it is very important to combine the built-in entropy sources with an external noise source. Entropy accumulates very slowly and it could take several minutes before the state is sufficiently random for safe use. This is not a high quality source of entropy but it is "better than nothing" if an external noise source is not available or practical. On AVR-based Arduino platforms (Uno, Nano, Mega, etc), jitter between the watchdog timer and the main CPU clock is used to harvest some entropy using a technique similar to that described here. On the Arduino Due, the built-in True Random Number Generator (TRNG) is used to seed the random number generator in addition to any configured noise sources. Some entropy sources are built in and do not need to be provided via a NoiseSource object. Another approach is to mix multiple noise sources together to get the best of both worlds. If you are unsure which noise source to use, then I suggest TransistorNoiseSource as Rob's design has had more review. This is sufficient to create a private key for Curve25519 for example. See this page for more information on ring oscillators.įor both of the standard noise sources, the system should have enough entropy to safely generate 256 bits of key material about 3 to 4 seconds after startup. The RingOscillatorNoiseSource class attempts to make up for this by collecting more input bits for the same amount of output entropy. The ring oscillator design can run at 5V but the quality of the noise is less than for the transistor design. The transistor design needs an input voltage of 10 to 15 VDC to trigger the avalanche effect, which can sometimes be difficult in a 5V Arduino environment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |