Contiki-NG
|
Files | |
file | cc2538-sram-seeder.c |
SRAM-based CSPRNG seeder. | |
file | cc2538-sram-seeder.h |
SRAM-based CSPRNG seeder. | |
file | iq-seeder.c |
I/Q data-based seeder. | |
file | iq-seeder.h |
I/Q data-based seeder. | |
Data Structures | |
struct | csprng_seed |
This is the structure of a seed. More... | |
Functions | |
void | cc2538_sram_seeder_seed (void) |
This function will feed the CSPRNG with a new seed. | |
void | csprng_feed (struct csprng_seed *new_seed) |
Mixes a new seed with the current one. | |
bool | csprng_rand (uint8_t *result, unsigned len) |
Generates a cryptographic random number. | |
static uint8_t | mul_gf_256 (uint8_t a, uint8_t b) |
Performs a multiplication within GF(256) | |
static void | extract (uint8_t *target, uint8_t *source) |
Toeplitz matrix-based extractor. | |
void | iq_seeder_seed (void) |
This function will feed the CSPRNG with a new seed. | |
Expands a truly random seed into a stream of pseudo-random numbers.
In contrast to a normal PRNG, a CSPRNG generates a stream of pseudo-random numbers that is indistinguishable from the uniform distribution to a computationally-bounded adversary who does not know the seed.
void cc2538_sram_seeder_seed | ( | void | ) |
This function will feed the CSPRNG with a new seed.
Its implementation leverages the fact that SRAM cells are partly random due to manufacturing variations. For randomness extraction, this function uses the well-known von Neumann extractor. Note that this function can only be called at start up and only if LPM_CONF_MAX_PM >= LPM_PM2.
Definition at line 66 of file cc2538-sram-seeder.c.
References csprng_feed(), and csprng_seed::u8.
Referenced by soc_init().
void csprng_feed | ( | struct csprng_seed * | new_seed | ) |
Mixes a new seed with the current one.
new_seed | Pointer to the new seed. This function is called at start up and/or at runtime by what we call a "seeder". Seeders generate seeds in arbi- trary ways and feed this CSPRNG with their generated seeds. |
Definition at line 61 of file csprng.c.
References csprng_seed::key, csprng_seed::state, and csprng_seed::u8.
Referenced by cc2538_sram_seeder_seed(), iq_seeder_seed(), and platform_init_stage_one().
bool csprng_rand | ( | uint8_t * | result, |
unsigned | len ) |
Generates a cryptographic random number.
result | The place to store the generated cryptographic random number. |
len | The length of the cryptographic random number to be generated. We use output feedback mode (OFB) for generating cryptographic pseudo-random numbers [RFC 4086]. A potential problem with OFB is that OFB at some point enters a cycle. However, the expected cycle length given a random key and a random state is about 2^127 in our case [Davies and Parkin, The Average Cycle Size of The Key Stream in Output Feedback Encipherment]. |
Definition at line 84 of file csprng.c.
References csprng_seed::key, and csprng_seed::state.
|
static |
Toeplitz matrix-based extractor.
For theory, see [Skorski, True Random Num- ber Generators Secure in a Changing Environment: Improved Security Bounds]
Definition at line 99 of file iq-seeder.c.
References mul_gf_256().
void iq_seeder_seed | ( | void | ) |
This function will feed the CSPRNG with a new seed.
Many manuals of radio chips from Texas Instruments suggest using I/Q data (Cartesian representations of the received signal) for generating true random numbers. This function follows this suggestion and extracts seeds from I/Q data. However, since those manuals state that I/Q data is not uniformly distributed, this function does not use I/Q data directly as seeds, but first applies an extractor function. Note that this function can only be called at start up.
Definition at line 142 of file iq-seeder.c.
References csprng_feed(), csprng_seed::key, and csprng_seed::state.
Referenced by init().