[148371] in cryptography@c2.net mail archive
[Cryptography] Fun with hardware RNGS: the Infinite Noise Multiplier
daemon@ATHENA.MIT.EDU (Bill Cox)
Thu Dec 5 23:40:36 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 05 Dec 2013 21:24:57 -0500
From: Bill Cox <waywardgeek@gmail.com>
To: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
I'm naming this circuit after my daughter. We're a whole family of
severely ADHD people!
I've been trying to crack a simple problem for a few years, thinking
about it now and then: how do you generate "true" random numbers on an
analog CMOS process designed to be "quiet"? In 1998, I built a
4-megabit/second hardware RNG that destroyed the DieHard tests back then
(I found bugs in the prof's code, rather than his code finding bugs in
my hardware). It relied on zener noise from a breakdown of a Vbe on a
N2222 transistor. Every process is different, so I had potentiometers
for tweaking gains and such. It was a sweet little board, but not
mass-production ready.
So, here's my dumb infinite noise multipier. It's a switched cap
circuit doing the following steps:
- Start with a voltage V > 0, but < Vref.
- Multiply V by 2X.
- If V > Vref, subtract Vref
- Repeat forever
The RNG output is 1 whenever we have to subtract Vref, and 0 otherwise.
If there is a tiny bit of noise way down in say the 35th bit position of
resolution, then about 35 cycles later, that noise will impact the
output signal. It really doesn't matter how quite the circuit is.
Enough cycles later, you're output will be banging around quite
randomly, kind of like some people I know.
Just some fun for the day... true RNGs in ANY process is now very simple...
Bill
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography