kbmMW safety first #2 – Hardware based random numbers

Intro

In a previous blog, I wrote about random numbers and password generators. One of the things that were shown, was that computer generated random numbers are not really random, but are calculated according from a base line (called a seed).

Different algorithms produce different quality of randomness,. Delphi’s 32 bit built in random generator was shown to be very weak, and absolutely not recommended for anything security related.

The blog post touched other algorithms that generally are considered “secure” for most purposes. However the values are still calculated and are only depending on the seed value and hence is reproducible if you know the original seed value and the number of times the algorithm has been called.

Next release of kbmMW solves that problem with support for TRNG (True Random Noise Generators). They are hardware based and they produce random noise based on random input from the real world.

within the Usually Delphi’s built in 32 bit random generator is sufficient for most tasks, like generating random numbers for some tests, or a game or something similar. However the random generator is, if one focus on security, not strong enough to be used for cryptographic uses, like password generation.

Random numbers

Using an updated version of the Random/password generator demo, included with kbmMW, I have generated 32 and 64 bit random values based on the hardware generator. The result is shown next to the previously shown randomness graphs.

 

2017-02-01-01_46_40-xbox
The 32 bit standard Delphi random plot

2017-02-01-01_48_03-xbox
The 32 bit PCG random plot

2017-02-01-01_49_17-xbox
The 32 bit Mersenne Twister random plot

2017-02-01-01_50_42-xbox
The 64 bit split mix random plot

2017-02-01-01_52_53-xbox
The 64 bit Xoroshiro 128+ random plot

2017-02-01-02_14_37-xbox
The 64 bit Xoroshiro1024 random plot

2017-02-01-02_17_03-xbox
The 64 bit Mersenne Twister random plot

32 bit HW TRNG random plot

64 bit HW TRNG random plot

You can read more about the particular HW based random noise generator that kbmMW default supports here:

Infinite Noise TRNG

Whats the drawback?

Well as it reacts to real world data, it is somewhat slower in generating massive amounts of random values. kbmMW attempts to circumvent this problem by ensuring random data is generated even when you have not asked for it. But asking for loads of random values (like these plots) do take longer time than using any of the algorithmic random versions.

It is very much possible to combine the best of the fast algorithmic generators with this HW based one, for example by seeding the algorithmic ones regularly with values produced by the HW generator.

Then you will have something approximating true randomness with the high speed provided by the algorithms.

Author: kimbomadsen

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.