RANDOM NUMBER GENERATORS

  • You are here: 
  • News

Encryption Basics

On the encryption page Encryption Basics we write about encryption in general, and the problems industry face today.

Updates on the TRNG9880 Embedded Random Number Generator

We are working with an update on the TRNG9880 for embedded systems. We will include a recalibrate for the serial port communication, to make it easy to adjust the bit rate to match the host system.

Production of the TRNG9880-SMT units for embedded systems

We are investigating a simpler production method for the TRNG9880 SMT modules. On the web shop the unit is listed as "coming soon"; but we need a substantial pre-order volume to make ends meet, as production costs is basically of the NRE type.

We now reconsider all steps in the manufacturing of the modules, and as a first step we now make available samples as TRNG9880T units. We have also enabled the "Quantity" field of the web shop, to indicate the number of samples currently available for immediate shipping. The price tag for these sample units cannot go lower than EUR 20/unit.

We have a new report on how to test the TRNG9880-SMT units prior to shipping.

Testing of the TRNG9880.pdf

TRNG98 True Random Number Generators

What Is Randomness?

THE MATH BEHIND

Suppose that a source produce a sequence of numbers. Intuitively we may classify the number sequence based upon its randomness. We may say that one sequence is random, but another sequence is not considered random. But associating the concept of "randomness" to a sequence, or a source, is wrong. The randomness property should correctly be associated with the Observer of the sequence. The observer see the sequence, and try to describe it. If he cannot to this, the sequence lack a description, and we say that it is a Random sequence. (Lars Löfgren)

We should understand that the concept of randomness is relative to the analytic capability of the observer. If we do random testing on a technical system of low complexity, such as an elevator, a simple sequence such as (floor) 1,3,1,3, could be considered random relative to this system. An integer division module (software) for a micro- controller could in a similar way be tested using "random" numbers. If we know much on the internal structure of the system, we could select special numbers that is especially effective testing the system. An integer division routine, where some adjustments occur with very low probability, is known to be able pass a million random test numbers and still be wrong!

A good source of random numbers, where any structure of any kind would be difficult to obtain, is typically needed when the observer is a human, he can profit from any small deviation, and he can gain access to large amounts of random numbers to analyse on a computer. Typical examples would be encryption products and game solutions, where players play with real money.

Advantages Using a True Random Number Generator

The main advantage using a TRNG, is in its simplicity; switch on power and then comes random numbers. No need for synchronisation and most problems with secrecy of seed numbers is an order of magnitude lower. Even generating a simple seed to a pseudo random number generator could be tricky, problematic and time consuming. (To sit in a vault and roll a dice carefully 64 times etc.)

There will always be "statistics" in any practical application. A player that apply a strategy and always win (so far) might not consider the ten thousand other players with no success. There are always rumours around any game implementation, and possibly the best argument for basing security (randomness) upon a hardware generator is that it is possible to explain. You don't want to go to court and explain your pseudo random number implementation!

A related problem is that if statistical tests are applied repeatedly, the usual statistical test criteria no longer apply. If you apply a test ten thousand times, don't be surprised finding a four sigma deviation on one test. The hardware solution is also independent of the application, and the game software and the hardware generator can be tested separately if there is a problem.

Again we mention prevention of fraud. If the game server mix and work the deck of cards, it is more easy to include some extra manipulation into the server software, compared to where there should be no such operations anywhere in the code at all.

Conversion of Distribution

Flat Distribution

Random number generators typically have a binary output with a flat distribution. This distribution is easy to convert into any other specified distribution, and I give the following typical example:

Select a card of 52 randomly using an input random byte.

Divide the input number range [0..255] on the 52 cards. Since the input number have a flat distribution any such conversion will produce identical randomness quality. We have 256=4*52 + 48. To each of the 52 cards we associate 4 numbers. If the input is any of these 4*52=208 combinations, a card was randomly selected using a flat distribution. The remaining 48 combinations are not used, as it would skew the distribution. A new byte, hopefully better, is taken from the generator, and the procedure is repeated.

Tests of Randomness

We usually test the randomness of a sequence using a software package. There are several such test packages, they work similar, and usually include common test such as frequency test, long run test, pattern test, correlation test, and so on. These tests assign a property to the sequence, and then test the sequence comparing with the properties of a sequence that don't have the assumed property.

A typical issue, is that almost all these tests are very sensitive to a deviation in the 0/1 relative frequency. If an "1" bit is more common than the zero, long runs of "1111" will be more common than the "0000" run, same results for any other kind of pattern test, and a "1" will correlate with any other bit, that is also "1" more often than "0".

NOTES

2018-07-25

  1. We have an update on the TRNG98.com site.

TRNG98

Encryption Solutions

We are setting up a page on our Encryption Technology. This page is for high-end encryption, with a discussion on advanced technology and theoretical results. (Call us if you understand it's contents!)

Encryption Sheets

You may download encryption sheets, for home and recrenational encryption, from the Randomserver.

TRNG98

GAMING APPLICATIONS

In gaming applications, true random numbers are used when mixing a deck of cards or select winning numbers such as in a lottery. On-line action games also use TRNG units to guarantee that the game do not repeat itself.

Encryption Applications

The classic use of random numbers is in encryption, where numbers form the secret keys, and random settings and message fragments to prevent identical messages encrypt identically. Often messages or channels is filled with random data to prevent the enemy from identifying a communication surge/panic.

Radioactive!

Radioactive Decay Source

Atomic decay using a radioactive sample is problematic due to low speed, unless you use a strong radioactive sample, and there is also security and customs problems. Due to this almost all practical generators use some electrical effect.

We have never considered any radioactive decay generator at TRNG98; there is simply no advantage to be obtained.

Esoteric Generators

There are also esoteric generators, such as the lava lamp TRNG (waves in a bottle with dual fluids, due to heating, and sampled with a camera).