renesas-rx / amazon-freertos

A fork/prototype of the Amazon FreeRTOS to support Renesas RX MCUs. Please refer to our wiki for more details.
https://github.com/renesas-rx/amazon-freertos/wiki
MIT License
7 stars 6 forks source link

Improve randomness #8

Open HirokiIshiguro opened 5 years ago

HirokiIshiguro commented 5 years ago

Is your feature request related to a problem? Please describe.
Now not good implementation for about randomness exist, so we added following comments. https://github.com/renesas-rx/amazon-freertos/blob/b7961308d41e3ff5e02d50943f6e355b2e9e8fa0/lib/third_party/mcu_vendor/renesas/rx_mcu_boards/amazon_freertos_common/entropy_hardware_poll.c#L38

I want to improve this.

Describe the solution you would like.
1) Update current certified project for RX65N RSK by using TRNG. 2) Keep other projects for RX MCUs boards.

And, update WARNING text in entropy_hardware_poll.c#L38.

Additional context
1) RX65N RSK has the edition including Security IP feature that has TRNG. https://www.renesas.com/us/en/products/software-tools/boards-and-kits/starter-kits/renesas-starter-kitplus-for-rx65n-2mb.html -> Renesas Starter Kit+ for RX65N-2MB Built-in Trusted Secure IP (Kit with e2 studio & E2 Lite) 2) The chip RX65N on the RX65N Cloud Kit or others do not have TRNG feature.

Renesas recommends to use the RX65N chip including Security Feature in mass production phase.

Thank you!

HirokiIshiguro commented 5 years ago

Discussed with AWS members for about randomness in: https://github.com/renesas-rx/amazon-freertos/commit/474a5ae4fb0ba875dd97df3d52dcbddfdd87b39e#r31773910

https://github.com/renesas-rx/amazon-freertos/commit/7dfa70495ef383c0a751e822cd8492b8b53ff22d#comments

HirokiIshiguro commented 5 years ago

July 2nd, 2019 scenario: -- for pseudo random 1) try shifting A/D conversion result to improve randomness 2) try storing random seed to flash in every 10 seconds, and re-storing it to pseudo random initial value 3) try SP800-22 tool to measure randomness

-- for true random (already done) 1) try export control procedure excluding encrypt/decryt feature from Trusted Secure IP driver 2) add excluding encrypt/decryt feature from Trusted Secure IP driver to Amazon FreeRTOS lib folder 3) try SP800-22 tool to measure randomness