Skip to content

sys/entropy_source: add new module for entropy sources#14324

Merged
leandrolanzieri merged 1 commit intoRIOT-OS:masterfrom
PeterKietzmann:pr_add_entropy_source
Dec 1, 2020
Merged

sys/entropy_source: add new module for entropy sources#14324
leandrolanzieri merged 1 commit intoRIOT-OS:masterfrom
PeterKietzmann:pr_add_entropy_source

Conversation

@PeterKietzmann
Copy link
Member

@PeterKietzmann PeterKietzmann commented Jun 21, 2020
edited
Loading

Contribution description

This PR adds an entropy_source module which acts as a place to implement different entropy sources as submodules. Currently, an ADC based source and a zero entropy source (for testing only!) are implemented. Additionally, a common component provides functionality that is usable for all. Sources can optionally enable health tests (executed during runtime) and output conditioning.

Output values can be used directly to create low-requirement seeds, or they can be used to feed more advanced "high level" entropy handlers that accumulate values of multiple entropy sources. More information can be found in the module documentation.

I have an other entropy source lying around that bases on jitters between differently clocked timers, that I will PR afterwards. As an immediate next step, I will provide a PR that adds an advanced entropy module which deals with multiple sources and can be used for cryptographic purposes (seed generation).

Open Aspects

I marked the PR as WIP because some aspects are not yet decided and implemented:

  • Expose configuration options to kconfig.
  • Do we want to run startup tests on module initialization?
  • Do we need to return the "estimated" amount of entropy per request? The estimate would fully base on the parameters given by configuration.
  • Do we want a more advanced conditioning component next to the van Neumann extractor? An alternative would be a cryptographic hash function. This might unnecessarily bloat the module for non-crypto purposes and it might be duplicate when used with cryptographic "high level" entropy implementations that include cryptographic derivation functions anyway.

Testing procedure

  • Read and understand the high level documentation.
  • make doc build the doxygen documentation.
  • Execute the provided test on a BOARD and on native and compare the results with the expected results in the README.
  • Play around with the default configuration values here and here. Re-run the test. For the ADC source, connect an exposed ADC pin to Vcc or GND and see how the error messages behave. Eventually increase the number of dumped samples, see how the output values are affected. With conditioning enabled, see how the measured runtime is affected.

Issues/PRs references

#3425, #4294, #5153

@PeterKietzmann PeterKietzmann added State: WIP State: The PR is still work-in-progress and its code is not in its final presentable form yet Type: new feature The issue requests / The PR implemements a new feature for RIOT Area: security Area: Security-related libraries and subsystems Area: sys Area: System labels Jun 21, 2020
@PeterKietzmann PeterKietzmann force-pushed the pr_add_entropy_source branch from 5a669ba to 8f87374 Compare June 21, 2020 16:07
@PeterKietzmann PeterKietzmann force-pushed the pr_add_entropy_source branch from 139e45e to a709baa Compare June 22, 2020 12:05
@miri64
Copy link
Member

miri64 commented Jun 22, 2020

Seems similar to what I tried to do in #5153. Might be beneficial to have a look at @d00616's comments there.

@miri64
Copy link
Member

miri64 commented Jun 22, 2020

Is there planned to be a way to mix entropy sources to increase the entropy? Thinking about stuff like timer (#3425), register, stack, and radio states here.

@kaspar030
Copy link
Contributor

kaspar030 commented Jun 22, 2020

There's also #4294, whose discussion might be useful.

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jun 22, 2020

@miri64, @kaspar030 thanks for the pointers. I've added the PRs/issues as references in the above description and I've double checked the discussions. As far as I see, all concerns that can be covered, are covered by this PR. Did you have a specific aspect in mind?

Some more comments:

  • This module only provides access to different entropy sources. How PRNG seeds are generated is not in the scope of this PR and will follow afterwards.
  • Mixing different entropy sources is of particular interest in crypto contexts and I will provide a solution for that. Other (lightweight) "mixers" might be implemented next to it, if needed.
  • An event based entropy collector (sys: random: add entropy collector #4294) could be one other entropy source.

@miri64
Copy link
Member

miri64 commented Jun 23, 2020

[…] Did you have a specific aspect in mind?

No, mainly wanted to point out past discussions so the insights from them don't get lost as you did not reference them before.

leandrolanzieri
leandrolanzieri reviewed Jun 30, 2020
View reviewed changes
Copy link
Contributor

@leandrolanzieri leandrolanzieri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here are some initial comments

@PeterKietzmann PeterKietzmann force-pushed the pr_add_entropy_source branch from a709baa to 2e8be20 Compare July 2, 2020 12:58
@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jul 2, 2020

@leandrolanzieri many thanks for your review! Please have a look at my latest commits.

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jul 6, 2020

@leandrolanzieri I have added some more changes (as discussed offline). Would you take an other look?

leandrolanzieri
leandrolanzieri reviewed Jul 6, 2020
View reviewed changes
sys/include/entropy_source/adc_noise.h Outdated
#define ENTROPY_SOURCE_ADC_RES ADC_RES_10BIT
#endif

#if IS_ACTIVE(CONFIG_ENTROPY_SOURCE_ADC_LINE)
Copy link
Contributor

@leandrolanzieri leandrolanzieri Jul 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not a boolean symbol:

Suggested change
#if IS_ACTIVE(CONFIG_ENTROPY_SOURCE_ADC_LINE)
#if defined(CONFIG_ENTROPY_SOURCE_ADC_LINE)

Copy link
Contributor

@leandrolanzieri leandrolanzieri Jul 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one has not been addressed yet

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jul 6, 2020

@leandrolanzieri thanks again! Please have a look at the last commits.

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jul 6, 2020

@leandrolanzieri I've pushed a commit addressing some minor leftovers. May I squash to clean up a bit?

@leandrolanzieri
Copy link
Contributor

leandrolanzieri commented Jul 6, 2020

May I squash to clean up a bit?

Go ahead

@PeterKietzmann PeterKietzmann force-pushed the pr_add_entropy_source branch from e2350af to a0faf17 Compare July 6, 2020 14:12
@PeterKietzmann PeterKietzmann added CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR and removed State: WIP State: The PR is still work-in-progress and its code is not in its final presentable form yet labels Jul 6, 2020
@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jul 8, 2020

It is not accurate. (i) It summarizes the methods described in [4] (14 pages research paper) and [5] (27 pages educational book chapter) in 4 short paragraphs. (ii) They do not even consider the problem we are discussing here: where does initial entropy come from and how to estimate the amount of contained entropy bits. The pure fact that you distribute entropy over pools does not relive the need for initial entropy at all.

@maribu
Copy link
Member

maribu commented Jul 8, 2020

The pure fact that you distribute entropy over pools does not relive the need for initial entropy at all.

When constantly reseeding/rekeying, it does guarantee that eventually a reseed/rekeying will happen that for any given adversary contains enough entropy to counter the attack. This is one of the few approaches where you actually get a guarantee without any dubious assumptions.

But as I said, this approach will not work for long lived key material. (Said so two times before...)

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Jul 8, 2020
edited
Loading

Why the plethora of elaborations? Regarding the API, let's wait for some more opinions. Further, I understand:

  • You cannot provide a runtime estimator.
  • You are bothered by the min. entropy metric. Maybe I didn't make it clear, but actually the used entropy metric refers to the minimum of all entropy estimates performed by NIST 800-90B. I can try to precise it in the documentation and macro name but this won't change the implementation.

All considerations for the accumulator should be made there while a single entropy source should provide an estimate about its contributed entropy per sample.

maribu
maribu reviewed Jul 8, 2020
View reviewed changes
@tcschmidt
Copy link
Member

tcschmidt commented Nov 20, 2020

This discussion seems to have gotten lost in personal opinions and scientifically unjustified claims. I suggest that we stick to the facts in this highly rigorous regime of entropy generation. Hence I propose that arguments accounted as valid remain restricted to rigorous (peer-reviewed) scientific sources. This means: No accountance of personal feelings nor of Wikipedia.

leandrolanzieri
leandrolanzieri reviewed Nov 25, 2020
View reviewed changes
maribu
maribu reviewed Nov 25, 2020
View reviewed changes
@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Nov 26, 2020

@maribu, @leandrolanzieri thanks for bringing this up again. I've addressed your comments, rebased to master and added minor cleanups. Please have a look at my latest commits.

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Nov 27, 2020

Anything missing? May I squash?

@leandrolanzieri
Copy link
Contributor

leandrolanzieri commented Nov 27, 2020

Anything missing? May I squash?

From my side all comments were addressed

@maribu
Copy link
Member

maribu commented Nov 27, 2020

Anything missing?

My comments are all addressed.

May I squash?

Sure.

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Nov 30, 2020

Squashed. CI has passed.

@miri64
Copy link
Member

miri64 commented Dec 1, 2020

Ping @maribu @leandrolanzieri?

leandrolanzieri
leandrolanzieri reviewed Dec 1, 2020
View reviewed changes
Copy link
Contributor

@leandrolanzieri leandrolanzieri left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a minor comment on configuration I found while testing. Please squash directly @PeterKietzmann. Otherwise I've run the test application both on native and on a nucleo-f401re and the output looks correct according to the instructions. I tested the effects of the conditioning when the line is set to fixed voltages and floating.

Keep in mind that the results are platform-specific.

ADC pin floating with conditioning and health tests 
2020-12-01 14:52:57,597 # ADC noise source entropy/sample: 65536 [2^16 * bit / sample]
2020-12-01 14:52:57,600 # ADC noise source entropy/sample: 1 [bit / sample]
2020-12-01 14:52:57,601 # 75
2020-12-01 14:52:57,602 # 47
2020-12-01 14:52:57,602 # 6c
2020-12-01 14:52:57,602 # 81
2020-12-01 14:52:57,602 # 0b
2020-12-01 14:52:57,603 # 99
2020-12-01 14:52:57,603 # b6
2020-12-01 14:52:57,604 # 76
2020-12-01 14:52:57,604 # 82
2020-12-01 14:52:57,604 # 92
2020-12-01 14:52:57,605 # 01
2020-12-01 14:52:57,605 # c8
2020-12-01 14:52:57,605 # b5
2020-12-01 14:52:57,606 # 61
2020-12-01 14:52:57,606 # db
2020-12-01 14:52:57,607 # 78
2020-12-01 14:52:57,607 # d6
2020-12-01 14:52:57,608 # 2d
2020-12-01 14:52:57,608 # d2
2020-12-01 14:52:57,608 # b1
2020-12-01 14:52:57,609 # e8
2020-12-01 14:52:57,610 # 94
2020-12-01 14:52:57,610 # f8
2020-12-01 14:52:57,611 # 87
2020-12-01 14:52:57,611 # a9
2020-12-01 14:52:57,611 # 78
2020-12-01 14:52:57,611 # 0b
2020-12-01 14:52:57,611 # b3
2020-12-01 14:52:57,612 # 35
2020-12-01 14:52:57,612 # da
2020-12-01 14:52:57,613 # 27
2020-12-01 14:52:57,614 # be
2020-12-01 14:52:57,615 # ea
2020-12-01 14:52:57,616 # 75
2020-12-01 14:52:57,616 # c2
2020-12-01 14:52:57,617 # 4d
2020-12-01 14:52:57,618 # 8f
2020-12-01 14:52:57,618 # 58
2020-12-01 14:52:57,619 # 94
2020-12-01 14:52:57,619 # 0c
2020-12-01 14:52:57,619 # b0
2020-12-01 14:52:57,619 # 81
2020-12-01 14:52:57,619 # c4
2020-12-01 14:52:57,620 # 78
2020-12-01 14:52:57,620 # 6a
2020-12-01 14:52:57,620 # 92
2020-12-01 14:52:57,620 # e0
2020-12-01 14:52:57,620 # b6
2020-12-01 14:52:57,620 # d8
2020-12-01 14:52:57,620 # 6d
2020-12-01 14:52:57,621 # 1e
2020-12-01 14:52:57,621 # 4a
2020-12-01 14:52:57,621 # a0
2020-12-01 14:52:57,621 # cc
2020-12-01 14:52:57,622 # e0
2020-12-01 14:52:57,622 # 4f
2020-12-01 14:52:57,623 # d6
2020-12-01 14:52:57,623 # 2b
2020-12-01 14:52:57,623 # 90
2020-12-01 14:52:57,624 # 32
2020-12-01 14:52:57,624 # f0
2020-12-01 14:52:57,625 # 92
2020-12-01 14:52:57,625 # 2f
2020-12-01 14:52:57,625 # 69
2020-12-01 14:52:57,630 # 1e
2020-12-01 14:52:57,631 # bc
2020-12-01 14:52:57,632 # d3
2020-12-01 14:52:57,632 # 64
2020-12-01 14:52:57,633 # 63
2020-12-01 14:52:57,633 # b9
2020-12-01 14:52:57,633 # 70
2020-12-01 14:52:57,634 # a6
2020-12-01 14:52:57,634 # 99
2020-12-01 14:52:57,634 # 47
2020-12-01 14:52:57,635 # b8
2020-12-01 14:52:57,635 # e3
2020-12-01 14:52:57,635 # 2a
2020-12-01 14:52:57,635 # b2
2020-12-01 14:52:57,635 # 0d
2020-12-01 14:52:57,635 # 97
2020-12-01 14:52:57,636 # da
2020-12-01 14:52:57,636 # 82
2020-12-01 14:52:57,636 # 5e
2020-12-01 14:52:57,636 # d4
2020-12-01 14:52:57,636 # 6e
2020-12-01 14:52:57,636 # d4
2020-12-01 14:52:57,637 # cc
2020-12-01 14:52:57,637 # d0
2020-12-01 14:52:57,637 # 2d
2020-12-01 14:52:57,637 # 9b
2020-12-01 14:52:57,637 # 34
2020-12-01 14:52:57,637 # e2
2020-12-01 14:52:57,638 # 2d
2020-12-01 14:52:57,638 # 7c
2020-12-01 14:52:57,638 # c1
2020-12-01 14:52:57,638 # 4e
2020-12-01 14:52:57,639 # c9
2020-12-01 14:52:57,639 # 66
2020-12-01 14:52:57,639 # ba
2020-12-01 14:52:57,640 # a4
2020-12-01 14:52:57,640 # ca
2020-12-01 14:52:57,640 # 07
2020-12-01 14:52:57,640 # 5b
2020-12-01 14:52:57,641 # e8
2020-12-01 14:52:57,641 # 4b
2020-12-01 14:52:57,641 # 0d
2020-12-01 14:52:57,641 # 3e
2020-12-01 14:52:57,642 # 59
2020-12-01 14:52:57,642 # 6b
2020-12-01 14:52:57,642 # 70
2020-12-01 14:52:57,643 # 2d
2020-12-01 14:52:57,643 # 72
2020-12-01 14:52:57,644 # e1
2020-12-01 14:52:57,644 # 78
2020-12-01 14:52:57,644 # 78
2020-12-01 14:52:57,644 # 4a
2020-12-01 14:52:57,644 # e9
2020-12-01 14:52:57,645 # a2
2020-12-01 14:52:57,645 # 57
2020-12-01 14:52:57,645 # ac
2020-12-01 14:52:57,645 # f8
2020-12-01 14:52:57,646 # 46
2020-12-01 14:52:57,647 # 64
2020-12-01 14:52:57,648 # 6b
2020-12-01 14:52:57,648 # 17
2020-12-01 14:52:57,648 # 86
2020-12-01 14:52:57,648 # 53
2020-12-01 14:52:57,649 # 1f
2020-12-01 14:52:57,652 # ADC noise request 64 Bytes returned: 0. Time: 4123us

When the pin is connected to GND we can observe some health test errors in the sampling and an increment in the time needed to gather an array of samples (thus also it can be seen that time is variable in this configuration):

ADC pin to GND with conditioning and health tests 
2020-12-01 14:55:34,998 # ADC noise source entropy/sample: 65536 [2^16 * bit / sample]
2020-12-01 14:55:35,003 # ADC noise source entropy/sample: 1 [bit / sample]
2020-12-01 14:55:35,003 # c9
2020-12-01 14:55:35,004 # 69
2020-12-01 14:55:35,004 # 98
2020-12-01 14:55:35,005 # e9
2020-12-01 14:55:35,005 # 52
2020-12-01 14:55:35,006 # a6
2020-12-01 14:55:35,007 # 32
2020-12-01 14:55:35,007 # 1c
2020-12-01 14:55:35,007 # 3d
2020-12-01 14:55:35,007 # ab
2020-12-01 14:55:35,007 # 74
2020-12-01 14:55:35,008 # 74
2020-12-01 14:55:35,008 # e2
2020-12-01 14:55:35,010 # c5
2020-12-01 14:55:35,011 # 5c
2020-12-01 14:55:35,011 # d6
2020-12-01 14:55:35,012 # c9
2020-12-01 14:55:35,012 # 6c
2020-12-01 14:55:35,012 # b1
2020-12-01 14:55:35,012 # 8e
2020-12-01 14:55:35,012 # e5
2020-12-01 14:55:35,012 # cd
2020-12-01 14:55:35,013 # 74
2020-12-01 14:55:35,014 # 9a
2020-12-01 14:55:35,014 # 52
2020-12-01 14:55:35,014 # 73
2020-12-01 14:55:35,014 # eb
2020-12-01 14:55:35,015 # e6
2020-12-01 14:55:35,016 # 55
2020-12-01 14:55:35,019 # ADC noise single request 29/64: -6
2020-12-01 14:55:35,019 # 2c
2020-12-01 14:55:35,020 # 85
2020-12-01 14:55:35,020 # 8b
2020-12-01 14:55:35,020 # 72
2020-12-01 14:55:35,021 # 62
2020-12-01 14:55:35,021 # d6
2020-12-01 14:55:35,021 # 2d
2020-12-01 14:55:35,022 # e0
2020-12-01 14:55:35,022 # a6
2020-12-01 14:55:35,024 # 15
2020-12-01 14:55:35,024 # 4d
2020-12-01 14:55:35,024 # 86
2020-12-01 14:55:35,024 # 92
2020-12-01 14:55:35,024 # e6
2020-12-01 14:55:35,025 # 4d
2020-12-01 14:55:35,025 # a4
2020-12-01 14:55:35,026 # c3
2020-12-01 14:55:35,027 # e0
2020-12-01 14:55:35,028 # e5
2020-12-01 14:55:35,028 # 70
2020-12-01 14:55:35,029 # 56
2020-12-01 14:55:35,029 # e6
2020-12-01 14:55:35,032 # ADC noise single request 52/64: -6
2020-12-01 14:55:35,032 # 9a
2020-12-01 14:55:35,035 # ADC noise single request 54/64: -6
2020-12-01 14:55:35,035 # 38
2020-12-01 14:55:35,035 # 22
2020-12-01 14:55:35,036 # c6
2020-12-01 14:55:35,036 # 3a
2020-12-01 14:55:35,037 # 78
2020-12-01 14:55:35,037 # 38
2020-12-01 14:55:35,038 # 98
2020-12-01 14:55:35,041 # ADC noise single request 62/64: -6
2020-12-01 14:55:35,042 # ad
2020-12-01 14:55:35,048 # d3
2020-12-01 14:55:35,048 # 58
2020-12-01 14:55:35,049 # 66
2020-12-01 14:55:35,049 # 2e
2020-12-01 14:55:35,049 # 59
2020-12-01 14:55:35,049 # b6
2020-12-01 14:55:35,051 # e4
2020-12-01 14:55:35,051 # 66
2020-12-01 14:55:35,051 # a2
2020-12-01 14:55:35,052 # 57
2020-12-01 14:55:35,052 # 54
2020-12-01 14:55:35,052 # 57
2020-12-01 14:55:35,052 # e2
2020-12-01 14:55:35,052 # 2a
2020-12-01 14:55:35,052 # 9e
2020-12-01 14:55:35,052 # 85
2020-12-01 14:55:35,052 # 1b
2020-12-01 14:55:35,053 # 4e
2020-12-01 14:55:35,053 # d3
2020-12-01 14:55:35,053 # aa
2020-12-01 14:55:35,054 # e8
2020-12-01 14:55:35,054 # 91
2020-12-01 14:55:35,054 # ea
2020-12-01 14:55:35,054 # 23
2020-12-01 14:55:35,055 # 3d
2020-12-01 14:55:35,056 # b2
2020-12-01 14:55:35,056 # e1
2020-12-01 14:55:35,057 # 8c
2020-12-01 14:55:35,057 # 63
2020-12-01 14:55:35,057 # 53
2020-12-01 14:55:35,057 # 79
2020-12-01 14:55:35,058 # 1a
2020-12-01 14:55:35,058 # 3a
2020-12-01 14:55:35,058 # f5
2020-12-01 14:55:35,058 # b0
2020-12-01 14:55:35,058 # 5c
2020-12-01 14:55:35,058 # 69
2020-12-01 14:55:35,058 # c3
2020-12-01 14:55:35,059 # d1
2020-12-01 14:55:35,059 # d4
2020-12-01 14:55:35,059 # d2
2020-12-01 14:55:35,059 # e1
2020-12-01 14:55:35,060 # d1
2020-12-01 14:55:35,061 # 68
2020-12-01 14:55:35,062 # 2e
2020-12-01 14:55:35,062 # ad
2020-12-01 14:55:35,062 # 74
2020-12-01 14:55:35,062 # 2c
2020-12-01 14:55:35,062 # 39
2020-12-01 14:55:35,062 # 55
2020-12-01 14:55:35,062 # 39
2020-12-01 14:55:35,063 # 59
2020-12-01 14:55:35,063 # 53
2020-12-01 14:55:35,063 # e3
2020-12-01 14:55:35,064 # b4
2020-12-01 14:55:35,064 # 0b
2020-12-01 14:55:35,064 # ce
2020-12-01 14:55:35,065 # aa
2020-12-01 14:55:35,065 # 94
2020-12-01 14:55:35,065 # 2f
2020-12-01 14:55:35,065 # 55
2020-12-01 14:55:35,065 # 51
2020-12-01 14:55:35,065 # b3
2020-12-01 14:55:35,066 # e8
2020-12-01 14:55:35,070 # ADC noise request 64 Bytes returned: 0. Time: 6389us

Connecting the ADC to 3.3 V shows some health test errors and getting multiple samples at the end also fails due to the repetition health test failing:

ADC pin to 3.3 V with conditioning and health tests 
2020-12-01 15:33:51,585 # ADC noise source entropy/sample: 1 [2^16 * bit / sample]
2020-12-01 15:33:51,590 # ADC noise source entropy/sample: 0.000015 [bit / sample]
2020-12-01 15:33:51,591 # ad
2020-12-01 15:33:51,591 # 63
2020-12-01 15:33:51,592 # 06
2020-12-01 15:33:51,593 # 8b
2020-12-01 15:33:51,594 # 9d
2020-12-01 15:33:51,594 # 09
2020-12-01 15:33:51,594 # 87
2020-12-01 15:33:51,595 # b2
2020-12-01 15:33:51,595 # 7c
2020-12-01 15:33:51,595 # 07
2020-12-01 15:33:51,596 # 1d
2020-12-01 15:33:51,596 # 9b
2020-12-01 15:33:51,596 # 2d
2020-12-01 15:33:51,596 # e2
2020-12-01 15:33:51,596 # 34
2020-12-01 15:33:51,597 # d5
2020-12-01 15:33:51,598 # c1
2020-12-01 15:33:51,598 # 23
2020-12-01 15:33:51,598 # 2e
2020-12-01 15:33:51,598 # 54
2020-12-01 15:33:51,599 # b8
2020-12-01 15:33:51,599 # 71
2020-12-01 15:33:51,600 # 3c
2020-12-01 15:33:51,600 # dc
2020-12-01 15:33:51,600 # e3
2020-12-01 15:33:51,601 # ec
2020-12-01 15:33:51,601 # d2
2020-12-01 15:33:51,602 # e1
2020-12-01 15:33:51,602 # 86
2020-12-01 15:33:51,603 # db
2020-12-01 15:33:51,603 # 2a
2020-12-01 15:33:51,603 # 8e
2020-12-01 15:33:51,604 # 5c
2020-12-01 15:33:51,604 # 78
2020-12-01 15:33:51,604 # d0
2020-12-01 15:33:51,605 # 3e
2020-12-01 15:33:51,606 # 51
2020-12-01 15:33:51,606 # 5a
2020-12-01 15:33:51,606 # a3
2020-12-01 15:33:51,607 # c2
2020-12-01 15:33:51,607 # 93
2020-12-01 15:33:51,607 # 41
2020-12-01 15:33:51,608 # cb
2020-12-01 15:33:51,608 # c5
2020-12-01 15:33:51,608 # 78
2020-12-01 15:33:51,609 # aa
2020-12-01 15:33:51,610 # f3
2020-12-01 15:33:51,611 # d2
2020-12-01 15:33:51,611 # f1
2020-12-01 15:33:51,611 # 29
2020-12-01 15:33:51,611 # 4b
2020-12-01 15:33:51,612 # 06
2020-12-01 15:33:51,615 # ADC noise single request 52/64: -3
2020-12-01 15:33:51,616 # f0
2020-12-01 15:33:51,616 # ba
2020-12-01 15:33:51,616 # aa
2020-12-01 15:33:51,616 # 2d
2020-12-01 15:33:51,617 # 4c
2020-12-01 15:33:51,617 # 74
2020-12-01 15:33:51,617 # 73
2020-12-01 15:33:51,621 # ADC noise single request 60/64: -3
2020-12-01 15:33:51,621 # 8a
2020-12-01 15:33:51,621 # 9f
2020-12-01 15:33:51,625 # ADC noise single request 63/64: -3
2020-12-01 15:33:51,630 # a3
2020-12-01 15:33:51,631 # 0d
2020-12-01 15:33:51,631 # 7a
2020-12-01 15:33:51,631 # ea
2020-12-01 15:33:51,632 # 58
2020-12-01 15:33:51,632 # b1
2020-12-01 15:33:51,632 # c3
2020-12-01 15:33:51,632 # 0b
2020-12-01 15:33:51,633 # 1d
2020-12-01 15:33:51,633 # 4f
2020-12-01 15:33:51,633 # b4
2020-12-01 15:33:51,633 # 65
2020-12-01 15:33:51,634 # c5
2020-12-01 15:33:51,634 # a3
2020-12-01 15:33:51,634 # 4a
2020-12-01 15:33:51,635 # 8f
2020-12-01 15:33:51,636 # b4
2020-12-01 15:33:51,636 # 61
2020-12-01 15:33:51,636 # c7
2020-12-01 15:33:51,637 # 1c
2020-12-01 15:33:51,637 # a6
2020-12-01 15:33:51,637 # f1
2020-12-01 15:33:51,637 # c9
2020-12-01 15:33:51,637 # 0e
2020-12-01 15:33:51,637 # 2e
2020-12-01 15:33:51,637 # d5
2020-12-01 15:33:51,638 # 95
2020-12-01 15:33:51,638 # 65
2020-12-01 15:33:51,639 # 35
2020-12-01 15:33:51,640 # 9a
2020-12-01 15:33:51,640 # 16
2020-12-01 15:33:51,640 # dc
2020-12-01 15:33:51,640 # aa
2020-12-01 15:33:51,640 # d8
2020-12-01 15:33:51,640 # 95
2020-12-01 15:33:51,640 # d2
2020-12-01 15:33:51,640 # 4d
2020-12-01 15:33:51,641 # b4
2020-12-01 15:33:51,641 # 36
2020-12-01 15:33:51,641 # f4
2020-12-01 15:33:51,641 # 70
2020-12-01 15:33:51,642 # 4c
2020-12-01 15:33:51,643 # 95
2020-12-01 15:33:51,644 # 9e
2020-12-01 15:33:51,644 # 45
2020-12-01 15:33:51,644 # b5
2020-12-01 15:33:51,644 # a2
2020-12-01 15:33:51,644 # 97
2020-12-01 15:33:51,645 # e3
2020-12-01 15:33:51,645 # 98
2020-12-01 15:33:51,645 # 72
2020-12-01 15:33:51,645 # 2c
2020-12-01 15:33:51,645 # e7
2020-12-01 15:33:51,645 # c8
2020-12-01 15:33:51,646 # c3
2020-12-01 15:33:51,646 # 15
2020-12-01 15:33:51,646 # f2
2020-12-01 15:33:51,647 # 65
2020-12-01 15:33:51,647 # d1
2020-12-01 15:33:51,647 # 15
2020-12-01 15:33:51,647 # c7
2020-12-01 15:33:51,647 # e2
2020-12-01 15:33:51,648 # f1
2020-12-01 15:33:51,648 # 64
2020-12-01 15:33:51,653 # ADC noise request 64 Bytes returned: -3. Time: 5387us

When the conditioning is removed the time to gather the array is reduced (and constant across multiple runs) but we can see that values have bias:

ADC pin to GND without conditioning and health tests 
2020-12-01 15:01:34,825 # ADC noise source entropy/sample: 1 [2^16 * bit / sample]
2020-12-01 15:01:34,830 # ADC noise source entropy/sample: 0.000015 [bit / sample]
2020-12-01 15:01:34,831 # 96
2020-12-01 15:01:34,831 # 08
2020-12-01 15:01:34,831 # 00
2020-12-01 15:01:34,831 # 28
2020-12-01 15:01:34,832 # 49
2020-12-01 15:01:34,832 # 85
2020-12-01 15:01:34,832 # 85
2020-12-01 15:01:34,833 # 10
2020-12-01 15:01:34,833 # 00
2020-12-01 15:01:34,833 # 02
2020-12-01 15:01:34,834 # 90
2020-12-01 15:01:34,834 # 02
2020-12-01 15:01:34,834 # 00
2020-12-01 15:01:34,835 # 01
2020-12-01 15:01:34,835 # 81
2020-12-01 15:01:34,835 # 14
2020-12-01 15:01:34,836 # 20
2020-12-01 15:01:34,836 # 81
2020-12-01 15:01:34,836 # 52
2020-12-01 15:01:34,837 # a9
2020-12-01 15:01:34,837 # 20
2020-12-01 15:01:34,838 # a2
2020-12-01 15:01:34,838 # 42
2020-12-01 15:01:34,838 # 80
2020-12-01 15:01:34,838 # 15
2020-12-01 15:01:34,838 # 08
2020-12-01 15:01:34,839 # 49
2020-12-01 15:01:34,839 # c2
2020-12-01 15:01:34,839 # 80
2020-12-01 15:01:34,840 # 04
2020-12-01 15:01:34,841 # 02
2020-12-01 15:01:34,841 # 0c
2020-12-01 15:01:34,841 # 59
2020-12-01 15:01:34,842 # 08
2020-12-01 15:01:34,842 # 81
2020-12-01 15:01:34,843 # 90
2020-12-01 15:01:34,843 # a0
2020-12-01 15:01:34,843 # 22
2020-12-01 15:01:34,843 # 10
2020-12-01 15:01:34,843 # 22
2020-12-01 15:01:34,843 # 85
2020-12-01 15:01:34,844 # 04
2020-12-01 15:01:34,844 # 61
2020-12-01 15:01:34,844 # 05
2020-12-01 15:01:34,844 # 0a
2020-12-01 15:01:34,845 # 02
2020-12-01 15:01:34,846 # 85
2020-12-01 15:01:34,846 # 00
2020-12-01 15:01:34,846 # 06
2020-12-01 15:01:34,846 # 92
2020-12-01 15:01:34,846 # 10
2020-12-01 15:01:34,846 # 20
2020-12-01 15:01:34,847 # 50
2020-12-01 15:01:34,847 # 34
2020-12-01 15:01:34,847 # 40
2020-12-01 15:01:34,848 # 44
2020-12-01 15:01:34,848 # e5
2020-12-01 15:01:34,848 # 80
2020-12-01 15:01:34,849 # 02
2020-12-01 15:01:34,849 # 00
2020-12-01 15:01:34,849 # 90
2020-12-01 15:01:34,850 # 09
2020-12-01 15:01:34,850 # 90
2020-12-01 15:01:34,850 # 50
2020-12-01 15:01:34,852 # 4a
2020-12-01 15:01:34,854 # 00
2020-12-01 15:01:34,855 # 14
2020-12-01 15:01:34,855 # 44
2020-12-01 15:01:34,855 # 00
2020-12-01 15:01:34,856 # 20
2020-12-01 15:01:34,856 # 02
2020-12-01 15:01:34,856 # 22
2020-12-01 15:01:34,856 # 48
2020-12-01 15:01:34,857 # 00
2020-12-01 15:01:34,858 # 20
2020-12-01 15:01:34,859 # 8a
2020-12-01 15:01:34,859 # 22
2020-12-01 15:01:34,860 # 88
2020-12-01 15:01:34,861 # 05
2020-12-01 15:01:34,861 # 05
2020-12-01 15:01:34,862 # 04
2020-12-01 15:01:34,862 # 26
2020-12-01 15:01:34,862 # 08
2020-12-01 15:01:34,863 # 10
2020-12-01 15:01:34,863 # 22
2020-12-01 15:01:34,863 # 48
2020-12-01 15:01:34,863 # 56
2020-12-01 15:01:34,863 # a8
2020-12-01 15:01:34,864 # 41
2020-12-01 15:01:34,864 # 02
2020-12-01 15:01:34,864 # 00
2020-12-01 15:01:34,864 # 08
2020-12-01 15:01:34,864 # 0a
2020-12-01 15:01:34,865 # 01
2020-12-01 15:01:34,865 # 85
2020-12-01 15:01:34,865 # 05
2020-12-01 15:01:34,865 # 18
2020-12-01 15:01:34,865 # 54
2020-12-01 15:01:34,865 # 00
2020-12-01 15:01:34,866 # 44
2020-12-01 15:01:34,866 # 40
2020-12-01 15:01:34,866 # 08
2020-12-01 15:01:34,866 # 20
2020-12-01 15:01:34,866 # 08
2020-12-01 15:01:34,866 # 20
2020-12-01 15:01:34,867 # 40
2020-12-01 15:01:34,867 # 00
2020-12-01 15:01:34,867 # 10
2020-12-01 15:01:34,867 # 03
2020-12-01 15:01:34,867 # 04
2020-12-01 15:01:34,867 # 49
2020-12-01 15:01:34,867 # 00
2020-12-01 15:01:34,868 # 0d
2020-12-01 15:01:34,868 # 48
2020-12-01 15:01:34,868 # 80
2020-12-01 15:01:34,868 # 31
2020-12-01 15:01:34,868 # 80
2020-12-01 15:01:34,868 # 41
2020-12-01 15:01:34,868 # 84
2020-12-01 15:01:34,869 # 42
2020-12-01 15:01:34,869 # 00
2020-12-01 15:01:34,869 # 4a
2020-12-01 15:01:34,869 # 12
2020-12-01 15:01:34,869 # 28
2020-12-01 15:01:34,869 # 1e
2020-12-01 15:01:34,869 # 00
2020-12-01 15:01:34,870 # 22
2020-12-01 15:01:34,871 # 41
2020-12-01 15:01:34,875 # ADC noise request 64 Bytes returned: 0. Time: 1970us

@PeterKietzmann
Copy link
Member Author

PeterKietzmann commented Dec 1, 2020

@leandrolanzieri I've addressed your comment. Thanks for the intensive testing. Seems like a good collection of tests that you executed and the results are expected. They point out the properties (and problems) of ADC samples and features of this PR in terms of health testing and conditioning.

@leandrolanzieri leandrolanzieri added Reviewed: 1-fundamentals The fundamentals of the PR were reviewed according to the maintainer guidelines Reviewed: 2-code-design The code design of the PR was reviewed according to the maintainer guidelines Reviewed: 3-testing The PR was tested according to the maintainer guidelines Reviewed: 4-code-style The adherence to coding conventions by the PR were reviewed according to the maintainer guidelines Reviewed: 5-documentation The documentation details of the PR were reviewed according to the maintainer guidelines labels Dec 1, 2020
leandrolanzieri
leandrolanzieri approved these changes Dec 1, 2020
View reviewed changes
Copy link
Contributor

@leandrolanzieri leandrolanzieri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The proposed entropy source, conditioning and health tests look good. Also, having the test application is a good starting point for a developer to assess if the ADC noise (and in the future others) entropy source fits its use case, with a given configuration. Documentation is good and the warnings discussed throughout the PR were included. I provided some tests results showing that the implementation is working as expected.

ACK!

@leandrolanzieri leandrolanzieri added this to the Release 2021.01 milestone Dec 1, 2020
@leandrolanzieri
Copy link
Contributor

leandrolanzieri commented Dec 1, 2020

And GO!

@leandrolanzieri leandrolanzieri merged commit 2fc12c8 into RIOT-OS:master Dec 1, 2020
@PeterKietzmann PeterKietzmann mentioned this pull request Dec 17, 2020
Merged
@PeterKietzmann PeterKietzmann mentioned this pull request Nov 12, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@miri64 miri64 miri64 left review comments

@maribu maribu maribu left review comments

@leandrolanzieri leandrolanzieri leandrolanzieri approved these changes

@mtausig mtausig Awaiting requested review from mtausig

@fjmolinas fjmolinas Awaiting requested review from fjmolinas

@aabadie aabadie Awaiting requested review from aabadie aabadie is a code owner

@MichelRottleuthner MichelRottleuthner Awaiting requested review from MichelRottleuthner MichelRottleuthner is a code owner

@smlng smlng Awaiting requested review from smlng

@cgundogan cgundogan Awaiting requested review from cgundogan

@jia200x jia200x Awaiting requested review from jia200x jia200x is a code owner

Assignees

No one assigned

Labels

Area: security Area: Security-related libraries and subsystems Area: sys Area: System CI: ready for build If set, CI server will compile all applications for all available boards for the labeled PR Reviewed: 1-fundamentals The fundamentals of the PR were reviewed according to the maintainer guidelines Reviewed: 2-code-design The code design of the PR was reviewed according to the maintainer guidelines Reviewed: 3-testing The PR was tested according to the maintainer guidelines Reviewed: 4-code-style The adherence to coding conventions by the PR were reviewed according to the maintainer guidelines Reviewed: 5-documentation The documentation details of the PR were reviewed according to the maintainer guidelines Type: new feature The issue requests / The PR implemements a new feature for RIOT

Projects

None yet

Milestone

Release 2021.01

Development

Successfully merging this pull request may close these issues.

6 participants

@PeterKietzmann @miri64 @kaspar030 @leandrolanzieri @maribu @tcschmidt