Random number generator
The Privacy Seed random number generator doesn’t need to be a “cryptographically secure” pseudo-random number generator (CSPRNG) …but it would be really cool if it does
State of the art of random-number generator algorithms
Most modern CSPRNG use a combination of a stream block cipher (eg. AES) with a seeding & entropy accumulation mechanism to generate its key (usually these use some hash functions eg. SHA-family).
One of the challenges of modern CSPRNG implementations is to have good non-deterministic entropy sources: Here is where the heartbeat sensor is going to be useful!
A bit of research in the ares show that a couple of openly available solutions for CSPRNG are:
- [Fortuna](https://en.wikipedia.org/wiki/Fortuna_(PRNG) algorithm that is an evolution of the Yarrow algorithm (used by MAC OS-es) designed by Bruce Schneier and Niels Ferguson. Currently FreeBSD uses this.
- ChaCha20 stream cypher designed by Daniel J. Bernstein and currently used by the Linux kernel.
Some useful links:
- ChaCha20 description in the RFC 7539
- Linux random.c and chacha20 implementations
- Randomness tests suites
- How do we know our PRNGs work properly? lecture by Vladimir Klebanov, Felix Dörre at 33C3
- Ensuring randomness article by Nick Sullivan (this in part could be misleading)
Random numbers on AVR / Arduino
The avr-libc library offers a Pseudo-Random Number Generator (PRNG) in form of a simple Linear Congruential Generator (LCG)).
Link: Random numbers on the arduino - part2
Link: Random numbers on the arduino - part1
This generation algorythm is not cryptographically secure and the leaves open the challenge to create a seed with a good amount of entropy.
A simple approach would be to just use the random()
and randomSeed()
functions provided by the arduino library (or directly AVR-libc) with the heartbeat as simple entropy source for the seed.
See: Arduino random() documentation.
To have a CSPRNG would require to port the ChaCha20 and entropy management, SHA-256 to AVR/Arduino using the Linux Kernel implementation as inspiration.
Random numbers on Rasperry Pi / Linux
Raspberry Pi uses a linux kernel therefore could be easily possible to take advantage of the ChaCha20 implementation.
One simple solution would be to use the existing implementation and RNG-tools to add an heartbeat file to the entropy sources (eg. rngd -r /path/to/heartbeat/file
).
This solution would also allow to run a simple web API/application on a pi-zero as interface.
…WORK IN PROGRESS….
Next steps
- Try interfacing the heartbeat sensor with a Raspberry Pi via I2C bus.