pw_random

Pigweed AI summary: The Pigweed pw_random module provides a user-friendly layer for random number generation in embedded systems, with practical implementations for situations where true hardware random number generation peripherals may or may not be available. The module includes libraries for both input and output of random numbers, with the ability to inject entropy to improve randomness. The xorshift* algorithm is one of the pseudo-random number generation algorithms used in the module, but it is not cryptographically secure. Future work includes implementing an entropy pool to buffer incoming entropy for

Pigweed’s pw_random module provides a generic interface for random number generators, as well as some practical embedded-friendly implementations. While this module does not provide drivers for hardware random number generators, it acts as a user-friendly layer that can be used to abstract away such hardware.

Embedded systems have the propensity to be more deterministic than your typical PC. Sometimes this is a good thing. Other times, it’s valuable to have some random numbers that aren’t predictable. In security contexts or areas where things must be marked with a unique ID, this is especially important. Depending on the project, true hardware random number generation peripherals may or may not be available. Even if RNG hardware is present, it might not always be active or accessible. pw_random provides libraries that make these situations easier to manage.

Using RandomGenerator

Pigweed AI summary: The article explains the two sides of a RandomGenerator - input and output. The output functions are simple and produce random integers or values. The input functions, called InjectEntropy, are used to seed the generator with random data to improve the randomness of the output. The article suggests that sources of entropy can be found in a system, such as noise from ADCs, to improve the randomness of the generator. However, this approach may not be sufficient for security purposes.

There’s two sides to a RandomGenerator; the input, and the output. The outputs are relatively straightforward; GetInt(T&) randomizes the passed integer reference, GetInt(T&, T exclusive_upper_bound) produces a random integer less than exclusive_upper_bound, and Get() dumps random values into the passed span. The inputs are in the form of the InjectEntropy*() functions. These functions are used to “seed” the random generator. In some implementations, this can simply be resetting the seed of a PRNG, while in others it might directly populate a limited buffer of random data. In all cases, entropy injection is used to improve the randomness of calls to Get*().

It might not be easy to find sources of entropy in a system, but in general a few bits of noise from ADCs or other highly variable inputs can be accumulated in a RandomGenerator over time to improve randomness. Such an approach might not be sufficient for security, but it could help for less strict uses.

Algorithms

Pigweed AI summary: The xorshift* algorithm is a simple pseudo-random number generation algorithm that uses exclusive OR operations on different left/right bit shifts of an integer state. Pigweed's implementation allows for entropy injection to reseed the generator, making the results less deterministic. However, it is not cryptographically secure. For more information, see the provided Wikipedia and academic paper references.

xorshift*

Pigweed AI summary: The xorshift* algorithm is a simple pseudo-random number generation algorithm that uses exclusive OR operations on different left/right bit shifts of an integer state. Pigweed's implementation allows for entropy injection to reseed the generator throughout its lifetime, making the results no longer completely deterministic based on the original seed. However, it is important to note that this generator is not cryptographically secure. For more information, references are provided.

The xorshift* algorithm is a pseudo-random number generation algorithm. It’s very simple in principle; the state is represented as an integer that, with each generation, performs exclusive OR operations on different left/right bit shifts of itself. The “*” refers to a final multiplication that is applied to the output value.

Pigweed’s implementation augments this with an ability to inject entropy to reseed the generator throughout its lifetime. When entropy is injected, the results of the generator are no longer completely deterministic based on the original seed.

Note that this generator is NOT cryptographically secure.

For more information, see:

• https://en.wikipedia.org/wiki/Xorshift

• https://www.jstatsoft.org/article/view/v008i14

• http://vigna.di.unimi.it/ftp/papers/xorshift.pdf

Future Work

Pigweed AI summary: The future work involves implementing an "entropy pool" that can collect random data when a device is idling, instead of requiring direct polling of the hardware RNG peripheral. This would improve the latency of performance-sensitive areas that require random numbers.

A simple “entropy pool” implementation could buffer incoming entropy later use instead of requiring an application to directly poll the hardware RNG peripheral when the random data is needed. This would let a device collect entropy when idling, improving the latency of potentially performance-sensitive areas where random numbers are needed.