Infinite Noise TRNG (True Random Number Generator)

  • Sale
  • Regular price $ 35.00


Looking for a truly random number generator? Have an available USB port? Look no further.

The Infinite Noise TRNG is an affordable and secure true random number generator (TRNG). It’s based on a modular entropy multiplier technique that continuously loops over previous random output, gathering randomness from the noise of the hardware components along the way, to generate the next random output. This way it produces a constant, measurable level of entropy which is then whitened to produce true random numbers. The openness of the implementation makes it easy to inspect and verify, as all security hardware should be!

Specifications

  • USB 2.0 Interface
  • FTDI USB to Parallel Interface (FT240XQ)
  • Thermal noise generator based on resistor and op amp network
  • Current: 8mA
  • Temperature Range: 0-60C
  • Output Rate: 32kB/sec
  • Tamper proof security labels
  • Optional serial registration and verification system
  • Windows, Mac and Linux support
  • Source code available

Who Needs It and Why?

Almost any cryptographic operation relies on random numbers - and there are many different approaches to collect this entropy. For Linux systems, this is mostly done with user input and other hardware timing’s “randomness”. This approach is very slow and its performance mainly depends on the computer’s activity.

For situations where the Linux Random Pool /dev/random depletes and finally blocks, hardware random number generators like the Infinite Noise TRNG provide a secure, high performance way to feed entropy into your computer.

  • When you operate many virtual machines, lack of entropy can be a serious problem as all VMs share the host’s entropy source. The Infinite Noise will provide lots of random numbers to the host system.
  • Large web-servers doing SSL encryption can be sped up by using hardware random number generators, while making communications more secure.
  • If you operate Linux-based WiFi access points (whether using a PC, laptop, or custom hardware), they can benefit from plentiful available entropy, as WPA2 authentication relies on it.

The next big thing about random number generators is security. When you take a close look at the last 20 years of information technology, there have been dozens of security incidents with flaws in random number generators.

  • 1994: First Netscape SSL implementations using a predictable seed.
  • 2007: Reverse engineering showed that the Windows 2000/XP random number generator had a bug that makes it vulnerable. It’s been there for years.
  • 2008: Members of the CCC developed an attack overcoming a poor RNG used in MIFARE Crypto-1, which is still used in some RFID tags.
  • 2008: The random number generator used in OpenSSL had a critical bug - possibly affecting the security of all keys generated before 2008.
  • 2013: Snowden documents unveiled that the Dual_EC_DRBG algorithm has been backdoored by the NSA. Even worse - it has been recommended by the NIST and actually adopted by manufacturers (like BlackBerry)
  • 2016: The Linux driver for a very common wireless card (ath9k) appears to have a HWRNG which was not designed to be used as security device. Its just an ADC - and nobody knows where the data comes from. But one thing is for sure: It’s not very random and dominated the Linux entropy pool - which is really bad. Thats why kernel developers decided to disable it by default - but the change did not arrive in all distros yet.

In all these scenarios, the Infinite Noise TRNG helps you to generate random numbers with confidence. A good entropy source can’t help you with everything - but it’s fundamental for all secure applications.

Use Cases

The Infinite Noise TRNG is useful in any situation requiring more entropy than normally available on a typical personal computer. The Infinite Noise TRNG is a good choice if you are:

  • Building your own certificate authority
  • Administering wireless access points with WPA2
  • Running a high-traffic server with SSL enabled
  • Having fun with one-time pads
  • Replacing /dev/urandom with a more secure and faster /dev/random
  • In need of a strong password
  • Statistical sampling in scientific research

Resources

You can learn more about the product here from the manufacturer

Source code and Windows Command Line Executable

GitHub

Drivers

User Manual

Schematic

Optional Serial Verification System

 Exclusively manufactured by 13-37 Electronics