The random app should not return TRNG entropy

Question

The random app should not return TRNG entropy

Closed this issue a year ago · 2 comments

The get_random function returns entropy from the TRNG core. It should instead use a secure Digital Random Bit Generator (DRBG) such as a Hash_DRBG or CTR_DRBG.

https://github.com/tillitis/tillitis-key1-apps/blob/dfb113101be19d7acdd544a4759b85aa8129e2d5/apps/random/main.c#L26

Answer 1 · 2022-11-15T08:39:28.000Z

In js words, we can develop the randomapp further like:

Add the same Hash_DRBG I have in the RNG stream
Add Ed25519 signing of generated data. Possibly also accept a challenge with the get random command from the host

Answer 2 · 2022-11-21T12:12:46.000Z

I think that sounds like a great improvement. Go for it!