True Random for automatic offline address generator - page 2.

Quickseller

copper member

Activity: 2996

Merit: 2374

Quote from: SirArthur on October 12, 2021, 05:19:58 PM

Quote from: DannyHamilton on October 12, 2021, 04:07:09 PM

I suppose it depends on what attack vectors you're trying to protect against and how vulnerable you'd be if a successful attack were performed, however, the two concerns that immediately come to mind are:

1. If the radio stops working for some reason, you'll possibly be fed a repeating sequence that represents pure silence on all frequencies?

2. An attacker that is aware of your algorithm could potentially transmit a strong enough signal from close enough to your equipment to effectively overpower any "noise", resulting in a predictable set of input data.

First of, thank you for the valid and pertinent answer.
I hadn't think of #1, but I can add a response validation algorithm, either at the MCU or computer checking for patterns or repeated bytes.
As for #2, it has to be potent enough, has to "guess" when the print key would be pressed, as that the only time the random bytes are actually used, and it has to be a FM jammer, as the attacker has also to "guess" which frequency is being listen to and if or not shifted. Thus a jammer would probably render a pattern, throwing an error with the fix applied to #1 and having to running it in continuum, people around would start to complaint of bad radio reception.

Your attacker could simply broadcast on all potential channels for an extended period of time. You could potentially counter this by personally listening to the channel to confirm there is no interference, however an attacker could counter this counter by learning which channel you are listening to, and when, and using this information to learn the input to your "randomness".

It is best to have your machine create a ~~private key~~ seed in a way that is not affected by any external variable. Any external variable you use is going to open up the potential that someone will observe when you generate your seed and can look for information generated around that time.

SirArthur

member

Activity: 183

Merit: 43

1 second in loop, not 1 second only.
1 second -> change frequency -> 1 second -> change frequency... at all time the data at the pointer is being append and changed accordingly.
Microphone and camera are pretty much useless, as the place is silent, buttons are just one and spool is erased after each print. No wifi is used and ESP doesn't start wifi unless told to, also an Arduino without Wifi shield can be used.

Let's assume for the sake of the example that the seed is 100 bytes long and each 1 second capture renders 10 bytes of data, so that just after ~10 seconds (+ i2c and code loop) the system is able to return a random.
init: 00 00 00 00 00 00 //init all bytes as 0x00.
loop1: AF DE 3E 21 21 89 39 40 FF FE 00 00 00 00... //one sequence, pattern detected (00 00 00...) -> invalid
loop2: EF EA A1 00 22 11 FA 2F 1A 3B AF DE 3E 21 21 89 39 40 FF FE 00 00 00... //two sequences, pattern detected (00 00 00...) -> invalid
... and so on until the buffer is filled up at loop10.
When the buffer if full, the next loop will remove the last 10 bytes and append the new ones at the beginning of the sequence, repeating this all the time.

j2002ba2

full member

Activity: 206

Merit: 450

Quote from: SirArthur on October 12, 2021, 10:31:33 AM

For a BTC related project I need to create some addresses on automatic mode; the machine is offline, the machine prints both WiF Key and matching Address, there's minimal interaction for this, so it won't be able to pick much from its own memory in order to generate a good Random seed.
...
Do you think this solution would provide a good enough Random generator? If not, what/how do you think this can be improved?

Good enough? No. You need additional entropy sources. Use the Hardware RNG included in ESP32. Add a microphone. Add a camera. Add some buttons to be pressed. Feed all the data together with timestamps into Fortuna CSPRNG. Also a second seems too short - feed it for a minute.
If this is too much just using the Hardware RNG might be better than radio module.

Will you be around the device every time it's used?
Are you sure the printer always prints what is given?
Does the printer remember the last page(s) it printed?
Is there an "echo" from previous printed pages on the current one?
ESP32 has wifi. Maybe it has a backdoor. Can you make sure no radio wave reaches the module?

SirArthur

member

Activity: 183

Merit: 43

Quote from: DannyHamilton on October 12, 2021, 04:07:09 PM

I suppose it depends on what attack vectors you're trying to protect against and how vulnerable you'd be if a successful attack were performed, however, the two concerns that immediately come to mind are:

1. If the radio stops working for some reason, you'll possibly be fed a repeating sequence that represents pure silence on all frequencies?

2. An attacker that is aware of your algorithm could potentially transmit a strong enough signal from close enough to your equipment to effectively overpower any "noise", resulting in a predictable set of input data.

First of, thank you for the valid and pertinent answer.
I hadn't think of #1, but I can add a response validation algorithm, either at the MCU or computer checking for patterns or repeated bytes.
As for #2, it has to be potent enough, has to "guess" when the print key would be pressed, as that the only time the random bytes are actually used, and it has to be a FM jammer, as the attacker has also to "guess" which frequency is being listen to and if or not shifted. Thus a jammer would probably render a pattern, throwing an error with the fix applied to #1 and having to running it in continuum, people around would start to complaint of bad radio reception.

DannyHamilton

legendary

Activity: 3514

Merit: 4895

Quote from: SirArthur on October 12, 2021, 10:31:33 AM

For a BTC related project I need to create some addresses on automatic mode; the machine is offline, the machine prints both WiF Key and matching Address, there's minimal interaction for this, so it won't be able to pick much from its own memory in order to generate a good Random seed.
So my idea came about building a small piece of hardware using RDA5807M FM radio module under follow scheme:

Arduino/ESP(32/8266) --> gets/generates pseudo random between 880 ~ 1080, then divides by 10 -> i2c frequency set -> listen 1 second -> 2x 16 bit ADC (capture stereo output) -> sets bytes accordingly ---> repeat the process
At access: return x bytes stored, where x = amount of seed bytes.
RDA5807M is meant to be equipped with a weak or no antenna, in order to get not only music or whatever is being said at that frequency, but also get noise and interference.
A secondary pseudo random may set it to shift the frequency (+0.05 Mhz) or not.

Do you think this solution would provide a good enough Random generator? If not, what/how do you think this can be improved?

I suppose it depends on what attack vectors you're trying to protect against and how vulnerable you'd be if a successful attack were performed, however, the two concerns that immediately come to mind are:

1. If the radio stops working for some reason, you'll possibly be fed a repeating sequence that represents pure silence on all frequencies?

2. An attacker that is aware of your algorithm could potentially transmit a strong enough signal from close enough to your equipment to effectively overpower any "noise", resulting in a predictable set of input data.

SirArthur

member

Activity: 183

Merit: 43

Quote from: BringTheFuture on October 12, 2021, 10:52:23 AM

I would fart during the listen 1 second for the sake of randomness.

It doesn't listen anything on 16hz to 32khz, just between 88 and 108 Mhz, so your farts wouldn't add nothing to it.

BringTheFuture

newbie

Activity: 2

Merit: 0

I would fart during the listen 1 second for the sake of randomness.

SirArthur

member

Activity: 183

Merit: 43

For a BTC related project I need to create some addresses on automatic mode; the machine is offline, the machine prints both WiF Key and matching Address, there's minimal interaction for this, so it won't be able to pick much from its own memory in order to generate a good Random seed.
So my idea came about building a small piece of hardware using RDA5807M FM radio module under follow scheme:

Arduino/ESP(32/8266) --> gets/generates pseudo random between 880 ~ 1080, then divides by 10 -> i2c frequency set -> listen 1 second -> 2x 16 bit ADC (capture stereo output) -> sets bytes accordingly ---> repeat the process
At access: return x bytes stored, where x = amount of seed bytes.
RDA5807M is meant to be equipped with a weak or no antenna, in order to get not only music or whatever is being said at that frequency, but also get noise and interference.
A secondary pseudo random may set it to shift the frequency (+0.05 Mhz) or not.

Do you think this solution would provide a good enough Random generator? If not, what/how do you think this can be improved?

Topic: True Random for automatic offline address generator - page 2. (Read 551 times)