Project update 9 of 10
Free Entropy Service, libinfnoise and OpenSSL
Version 0.3.0 of the Infinite Noise driver - featuring a shared library, libinfnoise - has finally been released. Read on to see what you can do with it.
Free Entropy API
A free online entropy service featuring a Raspberry Pi with an Infinite Noise TRNG has launched. In a real data-center!
Backers of the "Support Us" pledge already had exclusive access to an early version of this service. Now it’s open for everyone. Only a simple CAPTCHA verification is required to get access.
As of writing this update, the service still runs on the Raspberry Pi hosted by PCExtreme.nl, a dutch hosting provider who started the first (free) Raspberry Pi hosting in 2013. Unfortunately they decided to discontinue pi-hosting by end of this year, so the service will have to move soon.
It was a great experiment having this Raspberry Pi (1B) together with a very early prototype of the Infinite Noise TRNG in a real data-center.
Luckily I already had backup Raspberry Pi (2B) hosted somewhere else and they also agreed to plug in an Infinite Noise, so it is ready to take over when PCExtreme pulls the plug. Since the Raspberry Pi 2 is a lot faster, the service will also become a lot more responsive.
Try it out now on: https://rng.13-37.org
libinfnoise
In order to make the Infinite Noise usable on as many platforms as possible, I started a refactoring to libinfnoise, a shared C library that can be used to integrate the Infinite Noise TRNG more easily.
Usage examples are available on Github under software/examples/libinfnoise.
// initialize device
bool initInfnoise(struct infnoise_context *context, char *serial, bool keccak, bool debug);
// reads data in chunks of 64-128 bytes, depending on multiplier
uint32_t readData(struct infnoise_context *context, uint8_t *result, bool raw, uint32_t outputMultiplier);
// returns a struct listing the connected (FTDI) devices.
devlist_node listUSBDevices(char **message);
The new released driver version 0.3.0 is also based on this interface (but statically linked).
It may not be as efficient as the last release, but in the long run it did not show any difference to the previous version. You can check out the test results for version 0.3.0 here (results only) and here (results and sample data).
My first attempts to generate lots of bindings/wrappers for different languages failed on the complex datatypes required for libftdi. Theoretically this should be pretty straightforward - but in reality I’m struggling with some things here…
Any suggestions are very welcome! Please open issues on GitHub or drop me a line if you have an idea.
OpenSSL RNG
An early backer already developed an OpenSSL engine based on libinfnoise. Tested on Linux and Mac!
Using this, OpenSSL will use the Infinite Noise TRNG as it’s primary entropy source using this engine - not just seeding the internal PRNG.
Check out his GitHub repo for the OpenSSL engine and instructions on how to build it. You may also need to compile OpenSSL with engine support to make it work.
He actually came up with it before libinfnoise was finished and we’ve had a very successful collaboration finishing both. So now it is a great proof of concept.
Thank you so much, Thomás!
Windows/Mac/*BSD
Up to now I’ve focused on the libinfnoise development - as it’s the most sustainable solution to provide a stable interface to build upon, which already turned out in the OpenSSL engine making it much more useful on Mac.
Thank you all for your pull requests for better MacOS and *BSD support. I’m still working on getting some of those into the CI pipeline to build packages. I don’t use MacOS or even anything BSD-like on a regular basis, so there’s a lot to learn on my side.
Also special thanks to jj1bdx for his Windows and FreeBSD forks! Note that this FreeBSD implementation requires an experimental entropy injection device driver, also written by him.
There are still some open ends from the campaign updates. Including - but not limited to:
- FT240 decapping (sorry, no progress so far)
- Gitian Building for Infinite Noise drivers (needs your help)
- development for Windows & Android
- LitePlacer reviews & mods
- upcoming software releases
- some more stress testing
I will not explore every topic in project updates, but on my 13-37.org. So make sure to visit from time to time. Or watch the GitHub repo for activity.
Important updates, like security issues or new integrations will also be announced in these project updates.
Thank you all for your support and trust!