Infinite Noise TRNG

This USB key implements a Modular Entropy Multiplier based true random number generator (TRNG). Free (as in freedom and beer) drivers are available for Linux to feed /dev/random for use in cryptography, or to generate random data to a stream or file. The entire project is open-source, including the schematic and board layout. It has been tested on Linux, Raspberry Pi, and Windows.

This is the slim version, which is the model I carry in my pocket. It generates 256K bits/second of pure entropy when feeding /dev/random, and 150K bits/second when generating pure pre-whitened random data. The latest batch are red boards built by Macrofab. I then hand solder real USB pins to the board. It should be as robust as a regular USB connector. Some extra shrink wrap tubing is included in case you want to cut off the original covering to probe the board. Just slide a knife along one edge. It comes off easily.

This architecture is also known as Firebug, the name the original inventor, Peter Allan, gave it in 1999. Peter is developing his own version, called the Redoubler. I hope his version will be available on Tindie soon! It's faster than mine, easier to install, and has a cool LED that blinks when in use.

Besides being simple, low-cost, and fast, this architecture is much easier to get right than other TRNGs. It naturally defends against influence from outside signals, such as radio interference and power supply noise, making it simple to build securely, without requiring an expert in analog design. Modular Entropy Multipliers produce a provable and easily measured level of entropy based on thermal noise, closely approximated as log2(K) per output bit, where K is a gain between 1 and 2 set by two resistors around an op-amp. A "health monitor" in the driver tracks this and verifies that the output entropy is within 3% of the expected entropy.

NOTE: This TRNG requires a full-speed USB 2.0 port for timing. It may not work with a simulated USB port in a virtual-machine.

The Purpose of this TRNG

After the Snowden revelations, I feel more strongly than ever that the world needs to move away from vulnerable random number sources to something more solid, reliable, and verifiable. It is a scary world out there for random number sources! They are in the cross-hairs of hackers and governments alike.

Zener noise sources are susceptible to power supply injection. You never know for sure if you're seeing true randomness or just amplified power supply noise from them. Radio sources can be influenced by nearby transmitters, and audio sources can be effected by nearby speakers, even undetectable ultrasonic noise. Ring oscillator sources will lock to supply injected signals. Intel's DRNG appears controllable through a software based power droop attack, and Atmel's SHAXXX chips are most likely back-doored (the randomness goes away if you disable the EEPROM).

The Modular Entropy Multiplier architecture provides the best solution I have seen. It appears to be difficult to PWN without physically accessing the circuit nodes, other than attacks that would generally cause electronic circuits to fail such as huge EMI spikes, extreme heat, or sticking your finger on board traces. The world needs this.

This TRNG also demonstrates what I feel should be considered best-practices. It is low cost, reasonably fast, and has no firmware that can be used to PWN your computer. However, this new slim version has no EMI shielding, which means it would be fairly easy for an antenna near it to sense the raw output. It would be better to have EMI shielding, but this slim version is the one I prefer to carry in my pocket. Consider the OneRNG as a secure alternative if you need a more standard connector or want EMI shielding.

Software

The Windows utility runs in a command console, and can be found at infnoise/software/infnoise-win.exe. You should install this FTDI driver, though for Windows 7 and newer, it should auto-install.

Currently, there is no GUI based interface to the Infinite Noises TRNG, and you must use it through the command line. If there is demand, I will create a easier to use graphical interface. To run the infnoise utility in a Windows command console, run 'cmd' by hitting the windows key and R at the same time (Win-R) or by clicking the Start menu and then Run. Type cmd in the dialog box and hit enter. This brings up a command console. Use the 'cd' command to navigate to the directory where infnoise.exe was downloaded, typically you type 'cd C:\Users\your-user-name\Downloads'. From there type 'infnoise --debug fileName', where fileName is any file you wish to create. This will fill the file with random data until you kill the infnoise process. The available options are:

--debug - turn on some debug output --dev-random - write entropy to /dev/random instead of stdout (Linux only) --raw - do not whiten the output - useful for health monitoring --multiplier value - write 256 bits * value for each 512 bits written to the Keccak sponge --no-output - do not write random output data - useful for hardware testing

To create the infnoise executable for Linux (including Raspberry Pi), follow the build instructions in infnoise/software/README. You can clone the source with 'git clone https://github.com/waywardgeek/infnoise'. Building from source is more secure, and is recommended. Windows users can build from source using Visual Studio. The "solution" file is in infnoise/software/VisualStudio/infnoise.sln.

Volunteers to improve the code, especially on Windows are welcome! Linux is currently my primary environment.

Credits

Peter Allan has been very helpful in bringing this USB key to life, as has Paul Campbell, who is one of the OneRNG designers. Paul has launched a KickStarter campaign for OneRNG, which is already fully funded! His engineering in the device is outstanding, though it would be better if it used a Modular Entropy Multiplier :-)

Also, kudos to OSH Park, OSH Stencil, SmallBatchAssembly, DigiSpark, and Tindie! They're making this whole party possible!

Building Infinite Noise TRNGs Yourself

You can order three Infinite Noise TRNG boards from OSH Park for only $3.25, and then buy parts from Digikey and Mouser as described in the BOM. I designed this board to be cheap, not easy to assemble by hand. I use 2 QFN parts and three with 0.5mm lead pitch. If you want to build these yourself the way I do, consider uploading the infnoise.brd file to OSH Stencils and ordering a solder paste stencil for $7. I get the solder paste from SparkFun.

Compete with me, and sell Infinite Noise TRNGs!

I love making these now and then, but my day job takes 11-12 hours a day, and I don't want to spend all my weekends building and shipping these devices. I am raising my price again to lower demand and apease my wife. However, these only cost me $10 each when I make 9 at a time, before tax and shipping. You could have 1,000 built for you for about $10 each. Everything needed is on the http://github.com/waywardgeek/infnoise site. If you have time to build these, there appears to a bit of money to be made. I would in no way be offended to have others undercut my prices for this circuit. Cheap clones are welcome :-)