Random number generator

The Privacy Seed random number generator doesn’t need to be a “cryptographically secure” pseudo-random number generator (CSPRNG) …but it would be really cool if it does :sunglasses:

State of the art of random-number generator algorithms

Most modern CSPRNG use a combination of a stream block cipher (eg. AES) with a seeding & entropy accumulation mechanism to generate its key (usually these use some hash functions eg. SHA-family).

One of the challenges of modern CSPRNG implementations is to have good non-deterministic entropy sources: Here is where the heartbeat sensor is going to be useful!

A bit of research in the ares show that a couple of openly available solutions for CSPRNG are:

  • [Fortuna](https://en.wikipedia.org/wiki/Fortuna_(PRNG) algorithm that is an evolution of the Yarrow algorithm (used by MAC OS-es) designed by Bruce Schneier and Niels Ferguson. Currently FreeBSD uses this.
  • ChaCha20 stream cypher designed by Daniel J. Bernstein and currently used by the Linux kernel.

Some useful links:

  • ChaCha20 description in the RFC 7539
  • Linux random.c and chacha20 implementations
  • Randomness tests suites
  • How do we know our PRNGs work properly? lecture by Vladimir Klebanov, Felix Dörre at 33C3
  • Ensuring randomness article by Nick Sullivan (this in part could be misleading)

Random numbers on AVR / Arduino

The avr-libc library offers a Pseudo-Random Number Generator (PRNG) in form of a simple Linear Congruential Generator (LCG)).
Link: Random numbers on the arduino - part2
Link: Random numbers on the arduino - part1

This generation algorythm is not cryptographically secure and the leaves open the challenge to create a seed with a good amount of entropy.
A simple approach would be to just use the random() and randomSeed() functions provided by the arduino library (or directly AVR-libc) with the heartbeat as simple entropy source for the seed.
See: Arduino random() documentation.

To have a CSPRNG would require to port the ChaCha20 and entropy management, SHA-256 to AVR/Arduino using the Linux Kernel implementation as inspiration.

Random numbers on Rasperry Pi / Linux

Raspberry Pi uses a linux kernel therefore could be easily possible to take advantage of the ChaCha20 implementation.
One simple solution would be to use the existing implementation and RNG-tools to add an heartbeat file to the entropy sources (eg. rngd -r /path/to/heartbeat/file).

This solution would also allow to run a simple web API/application on a pi-zero as interface.


Next steps

  • Try interfacing the heartbeat sensor with a Raspberry Pi via I2C bus.