Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [trng]

A TRNG (True Random Number Generator) is hardware that uses nondeterministic physical processes to randomly generate numbers.

A TRNG (True Random Number Generator) is hardware that exploits non-deterministic physical processes to generate random numbers. The output may be of any distribution and the distribution is not guaranteed to be random, so output cannot be used as-is and whitening is often necessary.

People who misunderstand randomness and probability theory often believe that TRNGs are required for security. In reality, TRNGs are typically only required on systems that do not have any source of inputs where entropy can be collected, such as embedded systems or servers. On all other systems, unpredictable events such as interrupts can be used to seed a CSPRNG instead.

51 questions
14
votes
1 answer

What issues are there while using Linux's /dev/urandom for generating cryptographic keys?

As of Linux 5.1 the /dev/random no longer uses the blocking pool. There is a talk about the change on the page Removing the Linux /dev/random blocking pool I believe that Linux's blocking pool has outlived its usefulness. Linux's CRNG generates…
kelalaka
  • 49,797
  • 12
  • 123
  • 211
8
votes
4 answers

When is an RNG a CSPRNG, a CSRNG, or a TRNG?

In a recent answer to a question about CSPRNGs, it was stated that… Nondeterministic algorithms where there is no such requirement, and ideally could be replaced by a true random generator. Example: operating system random generators, where the…
Mike Edward Moras
  • 18,161
  • 12
  • 87
  • 240
7
votes
3 answers

Perform ENT / Dieharder on raw entropy or on whitenened entropy?

In this question about hardware random number generator, a discussion about the following question has been started: In order to test RNG's and entropy's quality, should test suites like ENT and Dieharder be applied on raw entropy or on whitened…
jans
  • 287
  • 1
  • 6
7
votes
3 answers

Differences between methods of hardware random number generators

I'm reading about various hardware random number generators which - among others - implement the following approaches: Analog-to-digital converter noise Johnson–Nyquist noise Reverse biased semiconductor junction Avalanche diode with optional…
jans
  • 287
  • 1
  • 6
7
votes
2 answers

Random number generator issue

I wrote a litte random generator using a geiger tube. I use a 16bit timer that overflows every ~1ms; when i get a reading form the geiger (~36count/minute), i save the current timer value as "random number". But if run the test ent i get a completly…
Lesto
  • 181
  • 5
7
votes
1 answer

Are USB TRNGs still useful given the recent /dev/(u)random merger?

I'm referencing Jason A. Donenfeld's Random number generator enhancements for Linux 5.17 and 5.18 available here. In summary:- significant outward-facing change is that /dev/random and /dev/urandom are now exactly the same thing, with no…
Paul Uszak
  • 15,905
  • 2
  • 32
  • 83
6
votes
2 answers

Are my random numbers really "bad" or is that a statistical effect which "must" happen from time to time?

My software uses a TRNG (entropy source) which is part of an MCU. A check of random numbers generated by my software, carried out by a testing authority revealed a problem, which I have to examine now: They ran my random numbers against NIST Test…
MichaelW
  • 1,517
  • 1
  • 14
  • 26
5
votes
4 answers

How to compute the dataset size required by dieharder tests?

I am trying to use the dieharder random number test suite. However, this suite requires massive amount of data (this paper claims 228GB for no rewinding for every test) for most of the tests. I'd like to understand how rewinding is implemented and…
DurandA
  • 453
  • 5
  • 22
5
votes
3 answers

Why is the output of a True Random Number Generator (TRNG) insecure after it has been compressed?

I came across the following statement regarding true random number generators (TRNG): A “P1 medium” [AIS31] true random number generator (TRNG) may not be directly used due to cryptographic reasons. Even smart cards or other advanced security…
Jordan
  • 51
  • 1
  • 3
4
votes
0 answers

Use of scrambler LFSR for randomness extraction of semi-random source

I am using a linear feedback shift register (LFSR) in a scrambler configuration as a randomness extractor for a weakly random source. This source is semi-random (aka. Santha-Vazirani source): the bits are correlated and biased (with a min-entropy of…
DurandA
  • 453
  • 5
  • 22
4
votes
2 answers

Is a LFSR sufficient for post-processing a biased TRNG?

I am building a TRNG on a FPGA based on ring oscillators. I found out that Linear Feedback Shift Registers (LFSRs) are commonly used for the post-processing of TRNGs. Here is my initial design: Let's say that the TRNG core block produces a biased…
DurandA
  • 453
  • 5
  • 22
4
votes
2 answers

Verifying randomness and uniqueness of TRNG output

We need to verify two claims about a set of numbers: They are random They are unique in the set (the set is about 200 billion (2TB bin storage)) Supposedly, the numbers were generated by a TRNG (based on a radiation detector). The TRNG itself is a…
zeridon
  • 143
  • 4
4
votes
2 answers

Usage and limitations of sponge functions for PRNG

This HRNG uses SHA3 as a sponge function (in its device driver) to inflate ots raw source output to many MByte/s. They compare this output rate to the output of other HRNG which don't use a sponge function. I'm wondering if this comparison is fair…
jans
  • 287
  • 1
  • 6
4
votes
3 answers

What is proper use of a True Random Number Generator?

Let's say I have a true random number generator TRNG. Random numbers are generated on demand from a HW-entropy source, resulting in a 32-bit random value each time it is called. I have to fill an array of 10 Bytes (=10*8 bits= 80 bits) with random…
MichaelW
  • 1,517
  • 1
  • 14
  • 26
4
votes
2 answers

Public Randomness-Based Random Number Generator using Mobile Phone?

I have an idea to create a True Random Number Generator that use randomness source from a smartphone sensors. My idea is to collect sensors data from a lot of smartphone using mobile apps and then the data is sent to the server to be processed using…
user53299
  • 49
  • 2
1
2 3 4