#qi-hardware IRC log for Saturday, 2013-10-19

roh 15:58
ysionneauwpwrak: I'm not a really big fan of storing random numbers on the sdcard and using it as the *only* source21:29
ysionneauwhat happens if someone breaks the random number file? does the device stop working?21:30
ysionneaurefuses to do anything until the random number file is recovered?21:30
ysionneaumixing bits from hw RNG and from sdcard could be a good idea21:31
ysionneauif sdcard random file is corrupted, then use hw RNG only21:31
ysionneauanother 3rd source of entropy could be nice :)21:31
wpwrakysionneau: yes, in a "file only" scenario, if you lose the random number source, the device couldn't perform any operations that need random numbers. it could still access existing content, though21:37
wpwrakin a mixing scenario, you may or may not care if additional sources are available. depends on how much you trust the hw rng.21:38
wpwrakand yes, a 3rd source would be nice :) but they're difficult to find. e.g., my workstation produces a mere ~3 kbits per second (/dev/random), all that by "entropy harvesting"21:40
wpwraki think there should be a ban on perverts writing data sheets ...22:29
wpwrakthe kl25 clock generation (not speaking of clock distribution/dividers/gating yet) at reset alone involves four fields in three different registers. of course, there's nothing that simply says what result you'll get. and the default is a fairly odd value (~20.971 MHz)22:49
eintopfthe sd card file solution is some static entropy source22:51
eintopfput some sensors on it and mix the data22:51
wpwrakhmm, you're not subscribed to the qi-hw list, are you ?22:52
wpwrakthere's quite a bit of context: http://lists.en.qi-hardware.com/pipermail/discussion/2013-October/010335.html22:52
wpwrakand yes, mixing is part of the plan :)22:53
eintopfwpwrak: okay, but I think I am not a big help with these crazy random number generators22:58
wpwrakheh, they're fun ;-) something whose principal characteristic is that it has no characteristics23:00
eintopfwpwrak: I take a cryptology course this semester23:03
eintopfso maybe I can help you with anelok ;)23:03
wpwrakit may be a good opportunity to apply the theory on a real problem23:04
eintopfyea and we will talk about "good" prngs23:05
wpwrakhmm .. what's good about having a lot of wind is that the temperature is fairly nice. what's not so good it that it does a bit of a poltergeist impersonation with all the papers on my desk :(23:05
eintopfwhich temperature?23:08
eintopfroom temperature? :S23:08
wpwrakabout 25 C, still fairly cool 23:08
eintopftoo hot23:11
eintopfyou need something like this23:13
eintopfdon't know if your mcu can handle it :)23:13
eintopfwriting a bignum lib ;)23:14
wpwrakhot ? buenos aires gets up to about 40 C, sometimes a little more, depending on the station23:15
wpwrak"The algorithm in its native form is not suitable for cryptography" :)23:16
wpwrakand i don't want to use a PRNG. we have a fast enough hw RNG. all it needs are 1) simple statistical tests (to make sure it works), and 2) an entropy pool to blur any bias23:18
eintopfyou need "Die Hard" for 1) http://www.stat.fsu.edu/pub/diehard/23:21
eintopfthis test suite23:23
eintopfdon't know :-)23:23
eintopfbut for 1) you need a working 2)23:23
wpwraki think i'll try dieharder. that's even in debian. couldn't get easier :)23:24
eintopfyea I saw dieharder, too23:24
wpwrakno, the RNG itself should pass statistical tests. the pool is just make sure nothing happens the tests didn't catch.23:24
eintopfyou mean only the hw rng?23:25
eintopfbut the hw rng is maybe hacked from nsa23:25
wpwrakalso, there are two types of tests: 1) lab tests (dieharder and such). they're extensive and resource-hungry. their purpose is to make sure the RNG design is correct. 2) run-time tests. their purpose is to make sure the RNG works right now. they can't find any of the subtle flaws the lab tests should reveal. but they can stop the device from using a RNG that is suffering a dramatic hardware flaw.23:27
wpwrakthe lab tests are there to try to find any NSA "contributions"23:27
wpwrakthe entropy pool messes things up a little more, to make it hard to exploit anything the lab tests didn't find23:28
eintopfand 1) is for low battery tests?23:28
wpwrakand if we have an "entropy assist" (the external file, which is basically an OTP), that can obscure things further23:28
wpwrak1) is just the RNG. might try with different voltages, though that shouldn't matter much since the RF chips works at 1.8 V anyway, which is even below the minimum voltage the rest of the circuit is designed for (2.0 V)23:29
eintopfrf chips, then you can use the rssi for entropy ;)23:30
wpwrakwell, i think it does something like this23:30
wpwraki.e., you have to turn on the receiver for the RNG to work23:31
eintopfthe mcu with hw rng has the rf chip?23:31
wpwrakno, the RF chip (with RNG) is a separate item23:31
eintopfah ok23:31
wpwrakit's an Atmel AT86RF23223:31
eintopfoh i know the at86rf230 :P23:32
wpwrakunfortunately, the MCU doesn't have an RNG. it's love to have one there, too.23:32
wpwrakactually, you know the 231 ;-)23:32
eintopfbut the 231 has no rng?23:32
wpwrak231/2/3 are very similar23:32
wpwrakthe 231 has one too23:32
eintopfoh cool, didn't notice this23:33
wpwrakthe 232 is cheaper than the 231, that's why i'm using it here. it lacks a few features we don't need anyway, e.g., some non-standard speeds and some RF front-end options23:33
eintopfso I can turn the atusb stick to an cryptostick23:33
wpwrakyeah, you could. i may actually use atusb as rf dongle for anelok23:34
eintopfqi-bot: thanks23:34
wpwrakheh ;-)23:34
eintopfyou have an usb host on anelok?23:34
eintopfso you use 2.0 V23:35
wpwrakkinda. yes. it'll need an external (passive) adapter23:35
eintopfso I would say no :)23:35
wpwrakanelok has USB OTG but doesn't provide USB power. that would be a bit too hard on the poor little coin cell23:36
eintopfbut maybe you can charge the anelok over usb23:36
eintopfthat would be nice23:36
eintopfthere exists some rechargeable little coin cells?23:37
eintopfoh yes :)23:38
wpwraktrain arriving in buenos aires: http://www.infobae.com/2013/10/19/1517401-exclusivo-asi-fue-el-choque-once23:39
wpwrakthe fun part is around 0:30. that was about 13 hours ago, a few blocks from where i live.23:39
eintopfI remember my old grandpa which have some injections with many of little coin cells23:39
eintopfdon't know what he doing with the coin cells there23:40
wpwrak(charge) naw, no rechargeable battery. they're just a mess and don't make sense for such a device.23:40
wpwrakcoin cell injections ? is your grandfather an android ? :)23:40
eintopfhe put coin cells in a injection23:40
eintopfand put some wire on it23:41
wpwrakhm, sounds weird :)23:42
eintopfwpwrak: the train didn't stop :/23:42
wpwrakwell, eventually it did ... only some 80 wounded, no dead23:44
wpwrakless than two years, a similar accident at exactly the same place cost more than 50 lives23:44
wpwraks/years/years ago/23:44
eintopfyou should not drive with the train23:44
eintopfbut back to anelok, so the anelok has the at86rf232 so it could run 6lowpan on it ;)23:45
wpwrakback then, the buffers (prellbock) didn't move at all (because of catastrophically incorrect maintenance), so the train basically smashed into an unmovable obstacle23:46
eintopfah, I know what you mean23:46
wpwrakthis time, the buffers visibly did yield. alas. they didn't quite stop the train either. maybe they'll get it right the third time ...23:46
wpwrakand no, i don't take trains around here :)23:46
eintopfmaybe they have a poor real time os23:47
wpwrakwell, one thing they don't have are any safety mechanisms. those trains can ignore stop signals all day long and nothing happens.23:48
wpwrakthey also derail on at least a weekly basis23:49
eintopfok, when you take a train... you need to seat in the middle23:50
wpwrakoh course, they go only very very slowly (i think never more than 60 km/h), so most derailments are harmless. except for the service interruption, of course.23:50
wpwraknaw, if i ever take such a train, i need a shrink. urgently ;-)23:51
eintopfwpwrak: so I can download your cad files for anelok, look for your hardware components and I can try to build a own?23:52
wpwraksure. it's all there23:53
wpwrakand the pcb is actually DIY-friendly :)23:53
eintopfwhat's a pcb? :(23:53
eintopfprinted circuit board23:54
eintopfyour wires are too small23:54
eintopfyou weld lines which a wide of my hair23:55
wpwrakhmm, if you have very thick hair, you're close. traces are about 0.2 mm / 8 mil.23:58
wpwrakbut the soldering isn't excessively difficult23:59
eintopfyea you gave me your led toy document23:59
--- Sun Oct 20 201300:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!