ChaosKey

This is a hardware True Random Number Generator that attaches via USB.

The Linux Kernel, starting with version 4.1, includes source for this driver. It should be built by default in your distribution. If your using Linux + KVM to host other Linux instances, read the VirtualMachine page to see how you can configure the guests to share the host entropy source.

Version 1.0

1.0 is the first production version of ChaosKey, now available for sale in single units and packs of 10 and 25 units at Garbee and Garbee and vikings.

Reflashing Firmware

To reflash the system firmware on ChaosKey, you first need to get the device into 'bootloader mode'. To do this, you must power-up ChaosKey with a jumper between GND and the Boot Loader Select pin.

Open up ChaosKey by prying the case apart. There's no glue or screws, so a thin tool or fingernail should suffice to split the case into two pieces. Once you've opened it up, you'll find the inside that looks much like this:

Connect a wire between the two red holes in the debug connector and then plug it in to your computer. It will appear as a USB modem device called AltosFlash with USB ID fffe:000a.

Use the 'ao-usbload' program, which is part of the AltOS repository and is packaged for Debian in the 'altos' package:

$ ao-usbload chaoskey-v1.0-*.elf

Version 1.0 Hardware

  • STM32F042 System-on-Chip
    • ARM Cortex-M0 MCU
    • 32k Flash
    • 6k RAM
    • USB 2.0 Full Speed
    • Crystal-less operation
  • 20V noise source
    • AP3015A boost regulator
    • back-to-back 3904 transistor noise
  • OPA356 op amp
    • 200MHz GBP

Here's a circuit diagram of the noise source:

Version 1.0 Bits

Source code for the firmware, flash loader and a utility to pull raw bits from the noise source are available here:

AltOS Git Repository

ChaosKey Firmware version 1.6.7

ChaosKey Boot Loader version 1.6.7

Hardware designs using gEDA are available here:

ChaosKey Hardware Design Files

Version 0.3

This one uses the better noise source coupled with an op amp that provides 2MHz of bandwidth at a gain of 100, offering linear frequency response at a million samples per second.

A photo of prototype version 0.3:

Here's a circuit diagram of the noise source:

Version 0.3 uses the same hardware design as version 1.0, except that it uses a QFP package version of the processor instead of the QFN used in 1.0, and hence needs a larger circuit board.

Version 0.2

This version uses a better noise source, but the single transistor amp designed to get from the 20mV noise source to a digital value doesn't provide enough bandwidth, so the resulting signal seen by the CPU has poor frequency response.

Here's a photo of prototype version 0.2:

Version 0.2 Hardware

  • STM32F042 System-on-Chip
    • ARM Cortex-M0 MCU
    • 32k Flash
    • 6k RAM
    • USB 2.0
    • Crystal-less operation
  • 20V noise source
    • AP3015A boost regulator
    • back-to-back 3904 transistor noise

Version 0.1

These are photos of prototype version 0.1:

Version 0.1 Hardware

  • NXP LPC11U14 System-on-Chip
    • ARM Cortex-M0 MCU
    • 32k Flash
    • 6k RAM
    • USB 2.0
    • 8 12-bit analog inputs
    • I2C, SPI, async serial
    • digital I/O
  • ZXRE1004 zener diode noise source
  • MCP6L92 dual op-amp

Software

  • Firmware Features
    • AltOS is written mostly in C with some ARM assembler
  • Tools Used
    • gEDA for schematic capture and PCB layout
    • GCC compiler and source debugger
  • Licenses