[148381] in cryptography@c2.net mail archive
Re: [Cryptography] Fun with hardware RNGS: the Infinite Noise
daemon@ATHENA.MIT.EDU (Bill Cox)
Sat Dec 7 16:14:50 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <52A13579.7020107@gmail.com>
Date: Sat, 7 Dec 2013 15:50:17 -0500
From: Bill Cox <waywardgeek@gmail.com>
To: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============7743876571362399422==
Content-Type: multipart/alternative; boundary=089e01175d450e2ece04ecf7e964
--089e01175d450e2ece04ecf7e964
Content-Type: text/plain; charset=ISO-8859-1
Someone asked for some more detail about the design. I've created a simple
web page describing the Infinite Noise Multiplier here:
http://dev.vinux-project.org/RNG/
Surely someone else has already invented this. Anyone know where I could
find
such a circuit described on the Internet?
Bill
On Thu, Dec 5, 2013 at 9:24 PM, Bill Cox <waywardgeek@gmail.com> wrote:
> I'm naming this circuit after my daughter. We're a whole family of
> severely ADHD people!
>
> I've been trying to crack a simple problem for a few years, thinking about
> it now and then: how do you generate "true" random numbers on an analog
> CMOS process designed to be "quiet"? In 1998, I built a 4-megabit/second
> hardware RNG that destroyed the DieHard tests back then (I found bugs in
> the prof's code, rather than his code finding bugs in my hardware). It
> relied on zener noise from a breakdown of a Vbe on a N2222 transistor.
> Every process is different, so I had potentiometers for tweaking gains and
> such. It was a sweet little board, but not mass-production ready.
>
> So, here's my dumb infinite noise multipier. It's a switched cap circuit
> doing the following steps:
>
> - Start with a voltage V > 0, but < Vref.
> - Multiply V by 2X.
> - If V > Vref, subtract Vref
> - Repeat forever
>
> The RNG output is 1 whenever we have to subtract Vref, and 0 otherwise.
> If there is a tiny bit of noise way down in say the 35th bit position of
> resolution, then about 35 cycles later, that noise will impact the output
> signal. It really doesn't matter how quite the circuit is. Enough cycles
> later, you're output will be banging around quite randomly, kind of like
> some people I know.
>
> Just some fun for the day... true RNGs in ANY process is now very simple...
>
> Bill
>
--089e01175d450e2ece04ecf7e964
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Someone asked for some more detail about the design. =A0I&=
#39;ve created a simple web page describing the Infinite Noise Multiplier h=
ere:<div><br></div><div><a href=3D"http://dev.vinux-project.org/RNG/">http:=
//dev.vinux-project.org/RNG/</a><br>
</div><div><span style=3D"font-family:arial,sans-serif;font-size:19.2000007=
62939453px;white-space:nowrap"><br></span></div><div><span style=3D"font-fa=
mily:arial,sans-serif;font-size:19.200000762939453px;white-space:nowrap">Su=
rely someone else has already invented this. =A0Anyone know where I could f=
ind</span></div>
<div><span style=3D"font-family:arial,sans-serif;font-size:19.2000007629394=
53px;white-space:nowrap">such a circuit described on the Internet?</span></=
div><div><span style=3D"font-family:arial,sans-serif;font-size:19.200000762=
939453px;white-space:nowrap"><br>
</span></div><div><span style=3D"font-family:arial,sans-serif;font-size:19.=
200000762939453px;white-space:nowrap">Bill</span></div></div><div class=3D"=
gmail_extra"><br><br><div class=3D"gmail_quote">On Thu, Dec 5, 2013 at 9:24=
PM, Bill Cox <span dir=3D"ltr"><<a href=3D"mailto:waywardgeek@gmail.com=
" target=3D"_blank">waywardgeek@gmail.com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">I'm naming this circuit after my daughte=
r. =A0We're a whole family of severely ADHD people!<br>
<br>
I've been trying to crack a simple problem for a few years, thinking ab=
out it now and then: how do you generate "true" random numbers on=
an analog CMOS process designed to be "quiet"? =A0In 1998, I bui=
lt a 4-megabit/second hardware RNG that destroyed the DieHard tests back th=
en (I found bugs in the prof's code, rather than his code finding bugs =
in my hardware). =A0It relied on zener noise from a breakdown of a Vbe on a=
N2222 transistor. =A0Every process is different, so I had potentiometers f=
or tweaking gains and such. =A0It was a sweet little board, but not mass-pr=
oduction ready.<br>
<br>
So, here's my dumb infinite noise multipier. =A0It's a switched cap=
circuit doing the following steps:<br>
<br>
- Start with a voltage V > 0, but < Vref.<br>
- Multiply V by 2X.<br>
- If V > Vref, subtract Vref<br>
- Repeat forever<br>
<br>
The RNG output is 1 whenever we have to subtract Vref, and 0 otherwise. =A0=
If there is a tiny bit of noise way down in say the 35th bit position of re=
solution, then about 35 cycles later, that noise will impact the output sig=
nal. =A0It really doesn't matter how quite the circuit is. =A0Enough cy=
cles later, you're output will be banging around quite randomly, kind o=
f like some people I know.<br>
<br>
Just some fun for the day... true RNGs in ANY process is now very simple...=
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
Bill<br>
</font></span></blockquote></div><br></div>
--089e01175d450e2ece04ecf7e964--
--===============7743876571362399422==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============7743876571362399422==--
