The Infinite Noise TRNG combines the best of two worlds. Modular entropy multiplication is used in the hardware to create provable random data.
It’s cryptographic strength is based on the SHA-3(Keccak) hashing function, implemented in software.
The hardware continously reseeds that Keccak sponge (https://keccak.team/sponge_duplex.html) to make it even more secure.
So even if an attacker could get a snapshot of the Keccak state, it’s worthless within a single cycle.
Raw data from modular entropy multiplication has certain properties (actually non-randomness) which are extremely useful:
- The device is not rapidly changing the sort of numbers it puts out, so history can be used as a guide.
- There is no special state stored in the modular entropy multiplier that could cause data to be different each clock cycle, other than on even/odd cycles.
- Bits further away are less correlated.
This allows health monitoring on the raw data. Only when its in the expected range, it is passed to the Keccak sponge.
Of course this also means you should not use the raw output for any cryptographic operations.
But you can access it directly to verify correct operation of the hardware or to apply different whitening functions,
but currently SHA-3 is the best option!
How it works
The hardware derives entropy from thermal noise, like many random number generators. What divides it from other TRNGs is the modular entropy multiplication technique.
Thermal noise of resistors is being amplified in an infinite loop to generate data – which is not totally random yet. By using modular entropy multiplication there is some correlation of adjacent bits in the stream.
Health monitoring of important parameters of the raw data-stream is implemented in the devices driver, which then uses the SHA-3 hashing function for cryptographic whitening to produce true random numbers.
There is no way to override the signal without being noticed by the driver. Of course it’s possible to influence it a bit, but because we use modular entropy multiplication, this only makes the output slightly more random.
Since by definition there are no patterns in random data, how can you know the data coming from your entropy source was not spoofed? The Infinite Noise TRNG produces this predictable level of entropy, just because it’s the only way to constantly verify the hardware is working properly. And only then will it apply whitening with the SHA3 hashing function.
It may sound daunting, but this is the key feature of this implementation, as the foreseeable (and very high) level of entropy enables the driver to monitor proper function of the device. It’s an essential feature for any trustworthy random number generator, which most available devices are lacking. Even when you can access the raw output – during operation you often don’t find a way to monitor their operation.
How To Use
There are several different ways to consume the entropy.
MEM / SHA-3
Some important aspects of modular entropy multiplication and the Keccak SHA-3 sponge used for whitening.
Links & Resources
|Drivers||Downloads & Repositories|
|Declaration of Conformity|