Random Number Generation for Cryptography

Hi,
I am trying to port existing Arduino Entropy Library for RNG
This library is using “Arduino.h” and two timers “timer1 and WDT”, which i think are not available for Photon.

To reslove Arduino.h, i tried:

  • Comment this inclusion line
  • Tried to wrap it like :
#if !defined(SPARK)
#include "arduino.h"
#endif
  • Tired to replace include from :
define ARDUINO_H
include "stdint.h"
include "stddef.h"
include "stdlib.h"

But no success… Also i think WDT and Timer1 are not available in Photon.

Please help to guide how can i port this library to Photon or any alternative library for RNG (cryptographically secure).

Best Regards,
Burhan

@Burhan, the use of WDT and Timer1 is very hardware specific to the Arduino platform. Have you looked at the random number support for the Photon?

@peekay123 , yes i have seen random number of photon, this library produce pseudo-random numbers (not real random, and generated by the process which is predictable), so not suitable for cryptographic things…

@Burhan, have you considered something like this:

http://www.atmel.com/devices/ATSHA204A.aspx

@peekay123 this is good option, but i want to remain within photon, without any extra hardware… There exists some libraries for RNG, which are based on noise generated by external electronic circuits.
I was looking for some solution that can be within Photon (Like entropy library, that is perfect for Arduino)…

@Burhan, understood. With FreeRTOS running in the background, I can’t recall if the WDT is being used. However, I just realized that the STM32F205 used on the Photon and Electron has a hardware true RNG (!) that:

RNG main features
• It delivers 32-bit random numbers, produced by an analog generator
• 40 periods of the RNG_CLK clock signal between two consecutive random numbers
• Monitoring of the RNG entropy to flag abnormal behavior (generation of stable values,
or of a stable sequence of values)
• It can be disabled to reduce power consumption

Here is an app note on its validation. You will want to look at Section 20 of the STMicro RM0033 Reference Manual for the STM. :wink:

3 Likes

@peekay123 Thanks, This is indeed what i was looking for :smiley: , CRYPT thing is also interesting in it…
I tried to find out some example which demonstrate the use of RNG, Can you see any?

@Burhan, a VERY quick search dug this up:

Might be worth looking at their code to see how the use the RNG hardware :smile:

Oh, that’s very neat. I hope we see it included in the standard library. Or at least in a third-party one, for convenience!

1 Like

I thought I remember reading that the stm32 had a RNG in hardware.

Perhaps that was only on a bigger model…

@peekay123 This is quite a help, although i had encountered Wolfssl before, but didn’t think this way :smiley: Thanks for your support. I will work on it and soon update this thread…

1 Like

Bspranger, have you read any of the previous post :wink:

1 Like

Ok, so here is the usage example , it generate 10 Random number and exit, may be useful for someone who is interested :innocent: :

#include "application.h"
#include "stm32f2xx_rng.h"
#include "stm32f2xx_rcc.h"
// Uncomment for faster debugging!
//#include "spark_disable_wlan.h"
void setup(void) {
    int LED = D7; 
    pinMode(LED, OUTPUT);
    digitalWrite(LED, HIGH); 
    Serial.begin(9600); // Make sure your serial terminal is closed before power the Photon.    
	while(!Serial.available()) { // Open serial terminal and Press ENTER.
    		SPARK_WLAN_Loop(); 
    }
	//delay(5000);
	digitalWrite(LED, LOW);
    //**Follow steps from http://www.han-ese.nl/STM32/stm32f2stdlibrary/html/stm32f2xx__rng_8c.html    
    //1. Enable The RNG controller clock using 
    RCC_AHB2PeriphClockCmd(RCC_AHB2Periph_RNG, ENABLE);
    //2.Enables or disables the RNG peripheral.
    RNG_Cmd(ENABLE );
    Serial.println("Printing Random numbers...");
    for( int i=0;i<10;i++)
    {    
		//3.Checks whether the specified RNG flag is set or not, and wait til random number is not available
		while(RNG_GetFlagStatus(RNG_FLAG_DRDY)== RESET);
		//4. read random number
		Serial.println(RNG_GetRandomNumber(),HEX);
		digitalWrite(LED, HIGH); // sets the LED on
		delay(1000);              // waits for 1 sec
		digitalWrite(LED, LOW);  // sets the LED off
		delay(1000);
    }
    Serial.println("Deinit RNG...");
    //5. deinitialize theRNG
    RNG_DeInit();  
}
void loop() {
}

(ScruffR: I’ve edited your formatting)

2 Likes

@Burhan, well done!! I am sure this will be useful to others. It would be cool to build a library from this. :smile:

1 Like

Nice! Thanks for showing people how to use this! The RNG clock is already enabled by default. See here, called here. We use it to generate the RSA keys on the Photon when it boots for the first time.

Because the Core and other hardware joining the Particle platform don’t necessarily have a cryptographically secure RNG, we by default seed the normal random() function using a secure random number from the cloud, see here called here at the end of the handshake. You can of course always reseed it using the RNG or any other source you like by calling randomSeed().

3 Likes

@zachary, we need to document these little hidden gems!

You can also directly get a random number from the hardware RNG using HAL_RNG_GetRandomNumber()

Was there ever any movement on turning this into a library? That would be awesome. I just landed here after searching for a way to run the Entropy library on Photon.

Unless you have a very specialized need, I would use HAL_RNG_GetRandomNumber() on the Photon and Electron. This uses the hardware random number generator in the STM32F205 processor. According to the data sheet:

True random number generator (RNG)
All STM32F2xxx products embed a true RNG that delivers 32-bit random numbers produced by an integrated analog circuit.

Thanks, @rickkas7. As far as I can tell that function always returns a 32-bit number, and I suspect most people need the same functionality of the Random function that can return a number within a given range. Any advice on how to best do that kind of conversion?