The DEADBEEF RNG Example Revisited

    • A while ago we had made a blog post and a patch that showed how someone could integrate their new RNG (Random Number Generator) into our wolfCrypt library. That methodology works, but it has a fairly obvious flaw. It assumed your RNG included the DRBG (Deterministic Random Bit Generator) as part of its implementation. You see, NIST gives guidance in SP800-90C that entropy must pass through a DRBG. As such, output of the RNG should be thought of as a seed!

    Lets quickly review some of the reasons why you’d want to do this:

    • You might have an ESV-validated entropy source which would be helpful for a customer that has FIPS 140-3 requirements. Since wolfSSL is FIPS 140-3 certified, combining it with an ESV-validated entropy source is a natural fit.
    • Perhaps you have a special new RNG but do not have the man-power nor expertise to construct a cryptographic library to use it. (Rule #1: Never roll your own crypto!) In this case, integrating it with wolfSSL’s wolfCrypt library is a natural match to show real world use cases. Examples of this might be QRNGs (Quantum Random Number Generators) or any other new and interesting entropy generation methods.

      • NOTE: Because the wolfCrypt FIPS 140-3 modules were specifically validated from the start to include an external entropy-receiving callback interface (per IG 9.3.A scenario 1.b) this natural fit is possible. Take care if working with a FIPS module that was NOT validated with an external entropy-receiving callback interface per IG 9.3.A scenario 1.b, such a module would be rendered inert (no longer validated) if modified to receive entropy from an external source but not validated that way from the start!

    Integrating your product into wolfCrypt might sound difficult, but it is NOT!

    We show how easy it is by integrating a toy example of an RNG. Please see the patch that can be found as a github gist:
    https://gist.github.com/anhu/c5f94de2460aea9593de7197aea58f6f

    It is called the DEADBEEF RNG because when it is called to fill a buffer with randomness, it fills it with copies of 0xDEADBEEF. The diff is only 58 lines and is very simple to read and understand.

    NOTE: Please do not use this patch “as-is”. It is for illustrative purposes only! It provides zero randomness! It will break all your applications and libraries that link with wolfSSL because it will fail our randomness tests!

    If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
    Download wolfSSL Now