ChaosKey

This is a hardware True Random Number Generator that attaches via USB.

The Linux Kernel, starting with version 4.1, includes source for this driver. It should be built by default in your distribution. If your using Linux + KVM to host other Linux instances, read the VirtualMachine page to see how you can configure the guests to share the host entropy source.

Version 1.0

ChaosKey is now out of production. They work great, but it took several years to sell our first production run, and shipping them from the US to other countries one at a time ended up dominating the net cost to most users. We might make more some day, but no promises!

Reflashing Firmware

To reflash the system firmware on ChaosKey, you first need to get the device into 'bootloader mode'. To do this, you must power-up ChaosKey with a jumper between GND and the Boot Loader Select pin.

Open up ChaosKey by prying the case apart. There's no glue or screws, so a thin tool or fingernail should suffice to split the case into two pieces. Once you've opened it up, you'll find the inside that looks much like this:

Connect a wire between the two red holes in the debug connector and then plug it in to your computer. It will appear as a USB modem device called AltosFlash with USB ID fffe:000a.

Use the 'ao-usbload' program, which is part of the AltOS repository and is packaged for Debian in the 'altos' package:

$ ao-usbload chaoskey-v1.0-*.elf

Version 1.0 Hardware

STM32F042 System-on-Chip ARM Cortex-M0 MCU 32k Flash 6k RAM USB 2.0 Full Speed Crystal-less operation

20V noise source AP3015A boost regulator back-to-back 3904 transistor noise

OPA356 op amp 200MHz GBP



Here's a circuit diagram of the noise source:

Version 1.0 Bits

Source code for the firmware, flash loader and a utility to pull raw bits from the noise source are available here:

AltOS Git Repository

ChaosKey Firmware version 1.6.7

ChaosKey Boot Loader version 1.6.7

Hardware designs using gEDA are available here:

ChaosKey Hardware Design Files

Version 0.3

This one uses the better noise source coupled with an op amp that provides 2MHz of bandwidth at a gain of 100, offering linear frequency response at a million samples per second.

A photo of prototype version 0.3:

Here's a circuit diagram of the noise source:

Version 0.3 uses the same hardware design as version 1.0, except that it uses a QFP package version of the processor instead of the QFN used in 1.0, and hence needs a larger circuit board.

Version 0.2

This version uses a better noise source, but the single transistor amp designed to get from the 20mV noise source to a digital value doesn't provide enough bandwidth, so the resulting signal seen by the CPU has poor frequency response.

Here's a photo of prototype version 0.2:

Version 0.2 Hardware

STM32F042 System-on-Chip ARM Cortex-M0 MCU 32k Flash 6k RAM USB 2.0 Crystal-less operation

20V noise source AP3015A boost regulator back-to-back 3904 transistor noise



Version 0.1

These are photos of prototype version 0.1:

Version 0.1 Hardware

NXP LPC11U14 System-on-Chip ARM Cortex-M0 MCU 32k Flash 6k RAM USB 2.0 8 12-bit analog inputs I2C, SPI, async serial digital I/O

ZXRE1004 zener diode noise source

MCP6L92 dual op-amp

Software