[gnuk/neug.git] / README

NeuG - a random number generator implementation (for STM32F103)

                                                           Version 0.03
                                                             2012-10-19
                                                           Niibe Yutaka
                                      Free Software Initiative of Japan

What's NeuG?
============

NeuG is a set of routines of random number generator (RNG) which is
based on physical noise.  It supports STM32F103.  It can be stand
alone USB RNG device (with main routine), too.

The name comes from Japanized English word "noidgy" (from English word
"noisy"), where many Japanese (including me) don't distinguish
pronunciations of "gee" and "zee".  NeuG includes my important letters
of "g", "n", and "u", and the word "neu" (German spelling of "new").

My primary intention was to incorporate NeuG routines into Gnuk for
random number generation, but the stand alone version could be useful
too.

Gnuk was named after my son who loved the pacifier when he was baby.
NeuG was named after my daughter, but I don't say she is noisy.


Release notes
=============

This is the fourth release of NeuG, which is still experimental.
Basic features (generating random numbers) are stable, but newly added
things like reGNUal support should be considered unstable.  Note that
you need the snapshot of ChibiOS/RT (from trunk).  This means that it
is covered by GNU GPL.  No "linking exception" option is available for
the snapshot.


FAQ
===

Q0: How NeuG device is good?
A0: I believe it's good enough if we compare to other hardware RNGs.
    If its usage is as an entropy source for RNG-tools, or use for
    computer simulations, I think that it's good enough.  I evaluated
    it with rngtest of RNG-tools, NIST STS test suite and Dieharder.
    See the directory neug/test-results/.
A0-dash: For better entropy device with embedded test, you could get
         EntropyKey.  See http://www.entropykey.co.uk/
A0-double-dash: STM32F2xx and STM32F4xx have built-in TRNG, it would
                be better for you (although the quality of randomness
                looks not that good).

Q1: How fast is NeuG device?
A1: It's more than 50 Ki-byte/second.

Q2: Should we check condition of noise sources?
A2: Yes, we should.  Three continuous tests are implemented, following
    (Draft of) NIST SP 800-90B.  Those are Repetition Count Test,
    Adaptive Proportion Test (for 64 samples), and another Adaptive
    Proportion Test (for 4096 samples).  When it detect an error (it
    is really rare, but it could occur even for normal condition), the
    generation of random bits restart again.


Targets
=======

FST-01, STBee Mini, Olimex STM32-H103, CQ-STARM, and STBee are
supported.


Souce code
==========

NeuG source code is under src/ directory.


License
=======

It is distributed under GNU General Public Licence version 3 or later
(GPLv3+).  Please see src/COPYING.


External source code
====================

To build NeuG device, we need external source code.

* chibios/  -- ChibiOS/RT 2.3.x snapshot

  Please get it from http://chibios.sourceforge.net/
  We use ChibiOS/RT as the kernel for NeuG device.


How to compile
==============

You need GNU toolchain and newlib for 'arm-none-eabi' target.

See http://github.com/uwehermann/summon-arm-toolchain/ for preparation
of GNU Toolchain for 'arm-none-eabi' target.

Change directory to `src':

  $ cd neug-VERSION/src

Then, run `configure':

  $ ./configure

Type:

  $ make

Then, we will have "neug.elf".


How to install
==============

STBee Mini and STBee
--------------------

Reset the board with "USER" switch pushed.  Type following to write
to flash:

  # cd ../tool
  # ./dfuse.py ../src/neug.hex

Then, reset the board.


Olimex STM32-H103 board
-----------------------

If you are using Olimex JTAG-Tiny, type following to invoke OpenOCD:

  $ openocd -f interface/olimex-jtag-tiny.cfg -f board/olimex_stm32_h103.cfg

Then, with another terminal, type following to write "gnuk.elf" to Flash ROM:

  $ telnet localhost 4444
  > reset halt
  > flash write_image erase neug.elf
  > reset
  > exit
  $ 



Use of NeuG device
==================

It is USB CDC ACM device.  On GNU/Linux, it can be /dev/ttyACM0 or like.
Before using /dev/ttyACM0, you need to configure its TTY discipline.

  $ stty -F /dev/ttyACM0 -echo raw

Then, you can use output of /dev/ttyACM0.

When you want to get raw output (not conditioned), you can configure:

  $ stty -F /dev/ttyACM0 parenb parodd

for raw data after filter.  For direct raw data of samples, configure:

  $ stty -F /dev/ttyACM0 parenb -parodd

And you can get conditioned output by configuring:

  $ stty -F /dev/ttyACM0 -parenb


Structure of the NeuG
=====================

Here is a figure of the circuit.

                                         Noise sources

                              /|<---+--- [ Analog input Vref ]
                16           | |<-+-|--- [ Analog input Temperature Sensor ]
             +---/-[ADC1] <==| |  | |
             |               | |<-+ |
      +-+    |                \|<---+
      | |<---+                |
 +----| |          MUX CTL >--+
 |    | |<---+
 |    +-+    |                /|
 |           |  16           | |<------- [ Analog input 0 ] (pull up to Vdd)
 |           +---/-[ADC2] <==| |
 |                           | |<------- [ Analog input 1 ] (pull up to Vdd)
 |                            \|
 |                            |
 |                 MUX CTL >--+
 |
 +------------------+         <============ (*1)
                    |
                    / 32
                    |
                    | Put 4 times to output 32-bit
                    V
            [ CRC-32 filter ]
                    |
                    |           Put 35 times to output 1120-bit
                    +---------------------------------+         <====== (*2)
                                                      |
                                                      / 32
                                                      |
                                              [ Entropy Buffer ]
                                                      |          
            +--------------+                          |
            |              |                          |
            | Conditioning |            1120          |
            | Component    |<------------/------------+
            |              |
      +-----|  Hash_df     |
      |     |    by        |
      |     |  SHA-256     |
      |     |              |
      |     |              |  128
      |     |              |<--/--+
      |     +--------------+      |
      |                           |
      +---------------------------+
      |
      / 256
      |
      v
 Random Number Output <========== (*3)



Specifying by "stty", you can get (*3) with -parenb, (*2) with parenb
parodd, and (*1) with parenb 0parodd.

STM32F103 has two built-in A/D converters.  NeuG uses A/D converters'
outputs as entropy sources.  It is considered noise of quantization
error, plus noise from power supply, etc.

We chose four analog input sources of: built-in voltage reference,
temperature sensor and two analog inputs which are pull-up to Vdd.

By a single sampling of two channel, we get 32-bit (not all 32-bit is
valid, as a A/D converter resolution is 12-bit only).  We take four
sampling of different combinations: (Vref, IN0), (Temp, IN1), (Vref,
IN1), and (Temp, IN0).  Those 32-bit * 4 is fed into CRC32 filter.

We use STM32F103's CRC32 calculation unit as a kind of filter.  We put
output of A/D converters into CRC32 calculation unit, four times, to
get 4-byte output.

Output of CRC32 filter is collected 35 times, and it becomes 1120-bit
(32 * 35).  This is the noise source bits.

We put this 1120-bit and half of previous output (128-bit) to
conditioning component.

Conditioning Component is implemented by Hash_df function which is
composed by SHA-256.  Since the noise source is not "white", signal is
whiten by this Conditioning Component.

My experience with STM32F103 and NeuG shows that noise source is
stable at least for a year.


Test results
============

See files under the directory test-results, for test result of
"rngtest" in rng-tools, NIST STS 2.1.1, and Dieharder.

For Dieharder, I correct 13GiB (it took five days and six hours
and more), and use scripts to invoke dieharder.


Read-only Git Repository
========================

You can browse at http://www.gniibe.org/gitweb?p=neug.git;a=summary

You can get it by:

  $ git clone git://www.gniibe.org/neug.git/

or

  $ git clone http://www.gniibe.org/git/neug.git/


I put ChibiOS/RT as a submodule of Git.  Please do this:

  $ git submodule init
  $ git submodule update



Information on the Web
======================

Not yet.



Your Contributions
==================

FSIJ welcomes your contributions.  Please assign your copyright
to FSIJ (if possible).
--