Entropy harvesting from physical sensors

Finding entropy sources is a major issue to design non-deterministic random generators for headless devices. Our goal is to evaluate a collection of sensors (e.g. thermometer, accelerometer, magnetometer) as potential sources of entropy. A challenge in the analysis of these sources is the estimation of min-entropy. We have followed the NIST recommendations to obtain pessimistic estimations from the dataset collected during our campaign of experiments. The most interesting sensors of our study are: the accelerometer, the magnetometer, the vibration sensor and the internal clock. Contrary to previous results, we observe far less entropy than it was expected before. Other sensors which measures phenomena with high inertia such as the temperature or air pressure provide very little entropy.

[1]  Ross Ihaka,et al.  Cryptographic Randomness from Air Turbulence in Disk Drives , 1994, CRYPTO.

[2]  Benny Pinkas,et al.  Analysis of the Linux random number generator , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[3]  Carl M. Ellison,et al.  Entropy Sources , 2011, Encyclopedia of Cryptography and Security.

[4]  Nitesh Saxena,et al.  Accelerometers and randomness: perfect together , 2011, WiSec '11.

[5]  Ronen Shaltiel,et al.  True Random Number Generators Secure in a Changing Environment , 2003, CHES.

[6]  Eric Wustrow,et al.  Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices , 2012, USENIX Security Symposium.

[7]  Donald E. Eastlake,et al.  Randomness Requirements for Security , 2005, RFC.

[8]  Ian Goldberg,et al.  Randomness and the Netscape browser , 1996 .

[9]  Claude Castelluccia,et al.  TinyRNG: A Cryptographic Random Number Generator for Wireless Sensors Network Nodes , 2007, 2007 5th International Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks and Workshops.

[10]  Cédric Lauradoux,et al.  Online Entropy Estimation for Non-Binary Sources and Applications on iPhone , 2011 .

[11]  Paul C. Kocher,et al.  The intel random number generator , 1999 .

[12]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[13]  Shai Halevi,et al.  A model and architecture for pseudo-random generation with applications to /dev/random , 2005, CCS '05.

[14]  Bruce Schneier,et al.  Practical cryptography , 2003 .

[15]  J.D. Golic,et al.  New Methods for Digital Generation and Postprocessing of Random Data , 2006, IEEE Transactions on Computers.