ESP32 RNG and WiFi/BT radio-supplied entropy

-Nyan-
Posts: 1
Joined: Mon Aug 13, 2018 1:14 pm

ESP32 RNG and WiFi/BT radio-supplied entropy

Postby -Nyan- » Mon Aug 13, 2018 1:19 pm

Hey all,

I see some talk of the WiFi/BT radio noise being used to supply some entropy for the inbuilt RNG. I understand that of course you would need to enable these devices in the make menuconfig to allow for this... but what I'm unsure about is if any further action is required... Do I need to make any code to enable WiFi/BT? I'm not really using WiFi or BT in my project and am unfamiliar with how to initialize them... and all the examples I could find seem needlessly complicated for my application.

I just want to enable WiFi or BT RX, make a bunch of random numbers and put it in a queue, and shut the RX off, and do this as-needed to save any power consumption.

Anybody have thoughts or experience with this? Thanks.

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: ESP32 RNG and WiFi/BT radio-supplied entropy

Postby ESP_Angus » Tue Aug 14, 2018 12:45 am

If you're not using WiFi or Bluetooth at all, you can leverage some functionality that ESP-IDF uses in its bootloader to introduce entropy for key generation during the early boot process:
https://github.com/espressif/esp-idf/bl ... r_random.h

This header has been accidentally placed in the include_bootloader directory (only accessible by bootloader), but as the comments suggest it can be used from apps as well (provided related peripherals aren't in use).

I'll commit a change to move it over, but in the meantime you can either move it into bootloader_support/include/ yourself or take a copy and put it in your project's include/ directory.

- Call bootloader_random_enable() before you need random numbers.
- Call either bootloader_random_fill() or esp_random() to get random numbers from hardware RNG.
- Call bootloader_random_disable() once finished, and before using any RF features or I2S.

If you don't need to use RF features or I2S, you can never call bootloader_random_disable() at all. Power consumption will be slightly higher in this case (compared to no RF and bootloader_random disabled).

Depending on your requirements you may also want to look into the mbedtls ctr_drbg interface. In IDF, this uses the hardware RNG as a raw entropy source for an entropy pool, but extends this by running a block cipher (AES-256) in CTR mode. As long as enough bytes of entropy are accumulated, this can produce a stronger random stream even after the entropy source is disabled (compared to continuing to use the hardware RNG directly with RF & bootloader_random disabled).

Who is online

Users browsing this forum: No registered users and 124 guests