search

espressif / esp-idf

Espressif IoT Development Framework. Official development framework for Espressif SoCs.
Apache License 2.0
12.88k stars 7.08k forks source link

Make std::random_device generate true random numbers (IDFGH-10124) #11398

Open Zhu-jiatong opened 1 year ago

Zhu-jiatong commented 1 year ago

Is your feature request related to a problem?

I intended to use a real random number generator for cryptographic purposes. So, I choose std::random_device, which should be a platform independent way that is able to return real random numbers.

However, the generator produces the same value 3499211612 every time the ESP32 is powered on, which is not random.

Sketch to reproduce problem (using Arduino core):

#include <random>
void setup()
{
 Serial.begin(115200);
 ... // wait until Serial is ready;
 std::cout << std::random_device()();
}

Original post: espressif/arduino-esp32#8201

Describe the solution you'd like.

I do know that ESP32 support a hardware random number generator for producing true random numbers. Maybe using that to implement std::random_device?

Describe alternatives you've considered.

No response

Additional context.

No response

0xjakob commented 1 year ago

We'll take a look if we can integrate the RNG into std::random_device and keep you updated about the results.

If you currently want to use the random number generator of an ESP32 chip, e.g., you can refer to the Random number generation documentation page. It explains the API and the conditions that need to be met to produce real random numbers.

Please note that std::random_device does not have to produce real (i.e., non-deterministic) random numbers:

std::random_device may be implemented in terms of an implementation-defined pseudo-random number engine if a non-deterministic source (e.g. a hardware device) is not available to the implementation. In this case each std::random_device object may generate the same number sequence.

(from std::random_device cppreference page)

If you really want to use std::random_device for cryptographic purposes, I strongly recommend checking the entropy via std::random_device::entropy first. Otherwise, you may end up with insecure RNGs depending on the platform you use. For ESP32, std::random_device::entropy currently returns 0.

zikalino commented 1 year ago

@Zhu-jiatong please let us know if esp_random() works for you.

In a meanwhile we have decided improve std::random_device. This will require adding getentropy() implementation in ESP-IDF's newlib and then configuring the toolchain to use it. This patch however will be available later in Q3.

Zhu-jiatong commented 1 year ago

Thank you for your information. The esp_random()​ does work. I am looking forward to the addition of std::random_device.

From: Zim Kalinowski @.> Sent: 18 May 2023 18:02 To: espressif/esp-idf @.> Cc: Tony Zhu (Q-2020) @.>; Mention @.> Subject: Re: [espressif/esp-idf] Make std::random_device generate true random numbers (IDFGH-10124) (Issue #11398)

@Zhu-jiatonghttps://github.com/Zhu-jiatong please let us know if esp_random() works for you.

In a meanwhile we have decided improve std::random_device. This will require adding getentropy() implementation in ESP-IDF's newlib and then configuring the toolchain to use it. This patch however will be available later in Q3.

— Reply to this email directly, view it on GitHubhttps://github.com/espressif/esp-idf/issues/11398#issuecomment-1552825222, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AXQECHSXJBTRHFIJ6AOSECDXGXXUPANCNFSM6AAAAAAYBASUUA. You are receiving this because you were mentioned.Message ID: @.***>