15:58 <roh>

21:29 <ysionneau> wpwrak: I'm not a really big fan of storing random numbers on the sdcard and using it as the *only* source

21:30 <ysionneau> what happens if someone breaks the random number file? does the device stop working?

21:30 <ysionneau> refuses to do anything until the random number file is recovered?

21:31 <ysionneau> mixing bits from hw RNG and from sdcard could be a good idea

21:31 <ysionneau> if sdcard random file is corrupted, then use hw RNG only

21:31 <ysionneau> another 3rd source of entropy could be nice :)

21:33 <ysionneau> gn8!

21:37 <wpwrak> ysionneau: yes, in a "file only" scenario, if you lose the random number source, the device couldn't perform any operations that need random numbers. it could still access existing content, though

21:38 <wpwrak> in a mixing scenario, you may or may not care if additional sources are available. depends on how much you trust the hw rng.

21:40 <wpwrak> and yes, a 3rd source would be nice :) but they're difficult to find. e.g., my workstation produces a mere ~3 kbits per second (/dev/random), all that by "entropy harvesting"

22:29 <wpwrak> i think there should be a ban on perverts writing data sheets ...

22:49 <wpwrak> the kl25 clock generation (not speaking of clock distribution/dividers/gating yet) at reset alone involves four fields in three different registers. of course, there's nothing that simply says what result you'll get. and the default is a fairly odd value (~20.971 MHz)

22:51 <eintopf> the sd card file solution is some static entropy source

22:51 <eintopf> put some sensors on it and mix the data

22:52 <wpwrak> hmm, you're not subscribed to the qi-hw list, are you ?

22:52 <wpwrak> there's quite a bit of context: http://lists.en.qi-hardware.com/pipermail/discussion/2013-October/010335.html

22:53 <wpwrak> and yes, mixing is part of the plan :)

22:58 <eintopf> wpwrak: okay, but I think I am not a big help with these crazy random number generators

23:00 <wpwrak> heh, they're fun ;-) something whose principal characteristic is that it has no characteristics

23:03 <eintopf> wpwrak: I take a cryptology course this semester

23:03 <eintopf> so maybe I can help you with anelok ;)

23:04 <wpwrak> it may be a good opportunity to apply the theory on a real problem

23:05 <eintopf> yea and we will talk about "good" prngs

23:05 <wpwrak> hmm .. what's good about having a lot of wind is that the temperature is fairly nice. what's not so good it that it does a bit of a poltergeist impersonation with all the papers on my desk :(

23:08 <eintopf> which temperature?

23:08 <eintopf> room temperature? :S

23:08 <wpwrak> about 25 C, still fairly cool

23:11 <eintopf> too hot

23:13 <eintopf> http://en.wikipedia.org/wiki/Mersenne_twister

23:13 <eintopf> you need something like this

23:13 <eintopf> don't know if your mcu can handle it :)

23:14 <eintopf> writing a bignum lib ;)

23:15 <wpwrak> hot ? buenos aires gets up to about 40 C, sometimes a little more, depending on the station

23:16 <wpwrak> "The algorithm in its native form is not suitable for cryptography" :)

23:18 <wpwrak> and i don't want to use a PRNG. we have a fast enough hw RNG. all it needs are 1) simple statistical tests (to make sure it works), and 2) an entropy pool to blur any bias

23:19 <eintopf> oh

23:21 <eintopf> you need "Die Hard" for 1) http://www.stat.fsu.edu/pub/diehard/

23:21 <eintopf> or

23:23 <eintopf> http://csrc.nist.gov/groups/ST/toolkit/rng/documentation_software.html

23:23 <eintopf> this test suite

23:23 <eintopf> don't know :-)

23:23 <eintopf> but for 1) you need a working 2)

23:24 <wpwrak> i think i'll try dieharder. that's even in debian. couldn't get easier :)

23:24 <eintopf> yea I saw dieharder, too

23:24 <wpwrak> no, the RNG itself should pass statistical tests. the pool is just make sure nothing happens the tests didn't catch.

23:25 <eintopf> you mean only the hw rng?

23:25 <eintopf> but the hw rng is maybe hacked from nsa

23:27 <wpwrak> also, there are two types of tests: 1) lab tests (dieharder and such). they're extensive and resource-hungry. their purpose is to make sure the RNG design is correct. 2) run-time tests. their purpose is to make sure the RNG works right now. they can't find any of the subtle flaws the lab tests should reveal. but they can stop the device from using a RNG that is suffering a dramatic hardware flaw.

23:27 <wpwrak> the lab tests are there to try to find any NSA "contributions"

23:28 <wpwrak> the entropy pool messes things up a little more, to make it hard to exploit anything the lab tests didn't find

23:28 <eintopf> and 1) is for low battery tests?

23:28 <wpwrak> and if we have an "entropy assist" (the external file, which is basically an OTP), that can obscure things further

23:29 <wpwrak> 1) is just the RNG. might try with different voltages, though that shouldn't matter much since the RF chips works at 1.8 V anyway, which is even below the minimum voltage the rest of the circuit is designed for (2.0 V)

23:30 <eintopf> ah

23:30 <eintopf> ok

23:30 <eintopf> rf chips, then you can use the rssi for entropy ;)

23:30 <wpwrak> well, i think it does something like this

23:31 <eintopf> ah

23:31 <wpwrak> i.e., you have to turn on the receiver for the RNG to work

23:31 <eintopf> the mcu with hw rng has the rf chip?

23:31 <wpwrak> no, the RF chip (with RNG) is a separate item

23:31 <eintopf> ah ok

23:31 <wpwrak> it's an Atmel AT86RF232

23:31 <eintopf> cool

23:32 <eintopf> oh i know the at86rf230 :P

23:32 <wpwrak> unfortunately, the MCU doesn't have an RNG. it's love to have one there, too.

23:32 <wpwrak> actually, you know the 231 ;-)

23:32 <eintopf> :o

23:32 <eintopf> but the 231 has no rng?

23:32 <wpwrak> 231/2/3 are very similar

23:32 <wpwrak> the 231 has one too

23:33 <eintopf> oh cool, didn't notice this

23:33 <wpwrak> the 232 is cheaper than the 231, that's why i'm using it here. it lacks a few features we don't need anyway, e.g., some non-standard speeds and some RF front-end options

23:33 <eintopf> so I can turn the atusb stick to an cryptostick

23:34 <wpwrak> yeah, you could. i may actually use atusb as rf dongle for anelok

23:34 <eintopf> s/to/into/

23:34 <qi-bot> eintopf meant: "so I can turn the atusb stick into an crypintostick"

23:34 <eintopf> qi-bot: thanks

23:34 <wpwrak> heh ;-)

23:34 <eintopf> you have an usb host on anelok?

23:35 <eintopf> so you use 2.0 V

23:35 <wpwrak> kinda. yes. it'll need an external (passive) adapter

23:35 <eintopf> so I would say no :)

23:35 <eintopf> oh

23:36 <wpwrak> anelok has USB OTG but doesn't provide USB power. that would be a bit too hard on the poor little coin cell

23:36 <eintopf> yea

23:36 <eintopf> but maybe you can charge the anelok over usb

23:36 <eintopf> that would be nice

23:37 <eintopf> there exists some rechargeable little coin cells?

23:38 <eintopf> oh yes :)

23:39 <wpwrak> train arriving in buenos aires: http://www.infobae.com/2013/10/19/1517401-exclusivo-asi-fue-el-choque-once

23:39 <wpwrak> the fun part is around 0:30. that was about 13 hours ago, a few blocks from where i live.

23:39 <eintopf> I remember my old grandpa which have some injections with many of little coin cells

23:40 <eintopf> don't know what he doing with the coin cells there

23:40 <wpwrak> (charge) naw, no rechargeable battery. they're just a mess and don't make sense for such a device.

23:40 <wpwrak> coin cell injections ? is your grandfather an android ? :)

23:40 <eintopf> no

23:40 <eintopf> he put coin cells in a injection

23:41 <eintopf> and put some wire on it

23:41 <eintopf> :D

23:42 <wpwrak> hm, sounds weird :)

23:42 <eintopf> wpwrak: the train didn't stop :/

23:44 <wpwrak> well, eventually it did ... only some 80 wounded, no dead

23:44 <wpwrak> less than two years, a similar accident at exactly the same place cost more than 50 lives

23:44 <eintopf> :(

23:44 <wpwrak> s/years/years ago/

23:44 <qi-bot> wpwrak meant: "less than two years ago, a similar accident at exactly the same place cost more than 50 lives"

23:44 <eintopf> you should not drive with the train

23:45 <eintopf> but back to anelok, so the anelok has the at86rf232 so it could run 6lowpan on it ;)

23:46 <wpwrak> back then, the buffers (prellbock) didn't move at all (because of catastrophically incorrect maintenance), so the train basically smashed into an unmovable obstacle

23:46 <eintopf> ah, I know what you mean

23:46 <wpwrak> this time, the buffers visibly did yield. alas. they didn't quite stop the train either. maybe they'll get it right the third time ...

23:46 <wpwrak> and no, i don't take trains around here :)

23:47 <eintopf> maybe they have a poor real time os

23:48 <eintopf> :/

23:48 <wpwrak> well, one thing they don't have are any safety mechanisms. those trains can ignore stop signals all day long and nothing happens.

23:49 <wpwrak> they also derail on at least a weekly basis

23:49 <eintopf> :o

23:50 <eintopf> ok, when you take a train... you need to seat in the middle

23:50 <wpwrak> oh course, they go only very very slowly (i think never more than 60 km/h), so most derailments are harmless. except for the service interruption, of course.

23:51 <wpwrak> naw, if i ever take such a train, i need a shrink. urgently ;-)

23:52 <eintopf> wpwrak: so I can download your cad files for anelok, look for your hardware components and I can try to build a own?

23:53 <wpwrak> sure. it's all there

23:53 <wpwrak> and the pcb is actually DIY-friendly :)

23:53 <eintopf> what's a pcb? :(

23:54 <eintopf> printed circuit board

23:54 <eintopf> ah

23:54 <eintopf> your wires are too small

23:55 <eintopf> you weld lines which a wide of my hair

23:58 <wpwrak> hmm, if you have very thick hair, you're close. traces are about 0.2 mm / 8 mil.

23:59 <wpwrak> but the soldering isn't excessively difficult

23:59 <eintopf> yea you gave me your led toy document