Sunday 17 August 2014

Cheap Entropy: Using your RTL-SDR as a hardware entropy source

Okay.... so this is my 10th attempt at starting a regular blog... I swear I'll keep with it this time.

Entropy is important. Whether you are using a block cipher or a stream cipher the foundation of your key's strength is quality of the random number generator used as an entropy source.

For almost a hundred years one time pad encryption has been used by military, diplomatic and intelligence services. With the notable exception of the KGB and other services occasionally duplicating pads (tut tut naughty naughty) and barring the possibility of a Vernam cipher break hidden in a Fort Meade basement, OTP is the closest you can get to unbreakable encryption. When moving really sensitive stuff the gold standard is still a big block of entropy and OTP encryption.

So how do they get all the entropy for all those one time pads? One of the best sources of entropy is atmospheric radio noise. Since the 1930s a sampling of radio noise across a very wide bandwidth has been used by governments as an entropy source to create one time pads or to seed keying of other crypto systems. I've used a big multi-gigabyte block of entropy acquired from one of these military entropy sources for OTP and as the seed for a lot of my crypto in the past.

So when RTL-SDRs came on the market back in 2012 my first thought was "Oooh! a cheap homemade radio noise RNG!". RTL-SDRs are USB TV tuners based on the RTL2832U chipset. Rather than building a different tuner for each market's frequencies, Realtek built a cheap wide-band software defined radio, wrote the TV tuner in software and then built millions of units for less $1 a piece. So we can just turn the RTL-SDR on, sample everything it can see and instead of a tv tuner we have an ultra wide-band radio entropy source! Before reinventing the wheel I did a quick search and found Paul Warren's RTL-Entropy.

So today I was installing ArchLinux on one of my computers and decided it would be probably be a good idea to document a few things I usually do. And if I do that, I might as well just stick my documentation on a blog in the hope it's useful to someone else.

You will need:

An RTL-SDR For laptops or mobile systems I like these mini rtl-sdr | for fixed systems I like these which I can hook to the building antenna.

The rtl-sdr package for your distro

libcap for your distro

OpenSSL for your distro

rng-tools for your distro

Here's how to set rngd to use your rtl-sdr using systemd (Arch, Fedora, RedHat etc.).

Here's the .service:

 /usr/lib/systemd/system/rngd.service
 ---------------------------------------------------------------------------------------------------------------
[Unit]
Description=Hardware RNG Entropy Gatherer Daemon

[Service]
EnvironmentFile=/etc/conf.d/rngd
ExecStartPre=/usr/bin/rtl_entropy -s 4M -b
ExecStart=/usr/bin/rngd -f $RNGD_OPTS
ExecStopPost=/usr/bin/killall rtl_entropy

[Install]
WantedBy=multi-user.target

 Here's the config:

/etc/conf.d/rngd
 ---------------------------------------------------------------------------------------------------------------
RNGD_OPTS="-o /dev/random -r /var/run/rtl_entropy.fifo -W95%"

So that's it! Just plug in your SDR, systemctl enable rngd , systemctl start rngd and watch /dev/random fill up.

--cros13


4 comments:

  1. Thanks! more tutorials on otp would be welcomed!

    ReplyDelete
  2. Interesting discussion of this n EEV blog: http://www.eevblog.com/forum/chat/generating-random-numbers/

    ReplyDelete
  3. Am I being obtuse if I ask... can this source of entropy be used by 2 different communicators to generate the same OTP based on an agreed-upon channel within their use of RTL-SDR - and thus have an unbreakable cipher between them for a given communication?

    ReplyDelete
    Replies
    1. OK it seems that I am rudimentally re-discovering stream ciphers here...

      Delete