WO2020002893A1 - System and method for generating entropy values - Google Patents

System and method for generating entropy values Download PDF

Info

Publication number
WO2020002893A1
WO2020002893A1 PCT/GB2019/051775 GB2019051775W WO2020002893A1 WO 2020002893 A1 WO2020002893 A1 WO 2020002893A1 GB 2019051775 W GB2019051775 W GB 2019051775W WO 2020002893 A1 WO2020002893 A1 WO 2020002893A1
Authority
WO
WIPO (PCT)
Prior art keywords
entropy
broadcast
values
remote
source signal
Prior art date
Application number
PCT/GB2019/051775
Other languages
French (fr)
Inventor
Ibrahim Ethem BAGCI
Thomas Patrick MCGRATH
Utz Alfred Fritz ROEDIG
Ramon Bernardo GAVITO
Robert James Young
Original Assignee
Quantum Base Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Quantum Base Limited filed Critical Quantum Base Limited
Publication of WO2020002893A1 publication Critical patent/WO2020002893A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Definitions

  • the receiver of the apparatus may be arranged to receive a plurality of broadcast entropy source signals from the plurality of different remote entropy beacons, and thus may receive a plurality of sets of entropy values where each set of entropy values is obtained from one of the received entropy source signals.
  • the controller of the apparatus may be operable to generate the resultant entropy values by combining entropy values from some or all of the broadcast entropy source signals together, optionally with entropy values from another entropy source signal generated by the apparatus.
  • the one or more properties of the received broadcast entropy source signals may comprise the signal strength of the broadcast entropy source signals, channel numbers of the source signals, and header data of the source signals.
  • one of the plurality of remote entropy beacons may use a first type of entropy source to generate the entropy source signal while another of the plurality of remote entropy beacons may use a second, different, type of entropy source to generate the entropy source signal.
  • the controller of the apparatus may be operable to combine the resultant entropy values with entropy values from another entropy source signal generated by the apparatus.
  • the remote entropy beacon may comprise an entropy source.
  • the entropy source may be implemented in software, firmware, hardware, or a combination of any of software, firmware and hardware.
  • the entropy source may be a pseudo-random number generator, a quasi-random number generator, or a true-random number generator (TRNG).
  • TRNG true-random number generator
  • the entropy source may be a chaos-based TRNG.
  • the entropy source may be a noise-based TRNG.
  • the entropy source may be a quantum-based TRNG.
  • the entropy source may be a photon-based TRNG.
  • the entropy source of the apparatus and/or beacon may comprise a structure that exhibits a nondeterministic electrical output response to an electrical input.
  • the entropy source may be arranged to facilitate a challenge of the structure to generate the nondeterministic response, by facilitating an electrical measurement of an output of the structure.
  • the nondeterministic response may be derivable from that measurement.
  • the structure may comprise a resonant tunnelling diode, and preferably only a single resonant tunnelling diode. That is, while the nondeterministic response may be processed by other circuital components, the response is generated only (solely) by the structure (e.g. a single diode).
  • the transmitter of the remote entropy beacon may operate as a streaming service, such as by streaming entropy values constantly, e.g. while the beacon is powered or otherwise in a state to transmit and is provided with entropy values from an entropy source.
  • streaming entropy values may be continuously provided such they may be obtained on- demand by apparatuses within the broadcast range to the remote entropy beacon. Because the broadcast entropy value is combined with another entropy value by the apparatus, the problem of a plurality of apparatuses using the same broadcast entropy value is mitigated.
  • a method performed by a remote entropy beacon e.g. suitable for use in the system as described above in relation to the first aspect of the invention.
  • the method comprises: broadcasting an entropy source signal comprising entropy values, wherein an apparatus which receives the broadcast entropy source signal is arranged to combine the broadcast entropy values with entropy values from another entropy source signal.
  • the present invention thus provides a remote entropy beacon that broadcasts an entropy source signal comprising entropy values.
  • Figure 7 is a flow diagram for a method according to aspects of the present invention.
  • FIG. 1 there is shown a system 100 in accordance with aspects of the present invention.
  • the system 100 comprises a remote entropy beacon 101 and a plurality of apparatuses 103a-103e.
  • Five apparatuses 103a-103e are shown in Figure 1 , but it will be appreciated that the present invention is not limited to any particular number of apparatuses 103a-103e. Further, the present invention does not require that more than one apparatus 103a-103e is included, and aspects of the present invention include only one apparatus 103a being provided.
  • FIG 2 there is shown a system 200 in accordance with aspects of the present invention.
  • the system 200 is similar to the system 100 of Figure 1 and like reference numerals have been used in Figures 1 and 2 to indicate like components.
  • the system 200 of Figure 2 comprises a plurality of remote entropy beacons 101 a- 101 c.
  • Three remote entropy beacons 101 a-101 c are shown in Figure 2, but it will be appreciated that the present invention is not limited to any particular number of remote entropy beacons 101 a-101 c.
  • Five apparatuses 103a-103e are shown in Figure 2, but it will be appreciated that the present invention is not limited to any particular number of apparatuses 103a-103e. Further, the present invention does not require that more than one apparatus 103a-103e is included, and aspects of the present invention may include only one apparatus 103a.
  • the one or more properties may comprise the channel number of the broadcast entropy source signals.
  • the broadcast entropy source signals from the different remote entropy beacons 101 a, 101 b, 101 c may be transmitted on different channels, i.e. with different associated channel numbers.
  • the apparatus 103a may select the subset of the broadcast entropy source signals based on these channel numbers.
  • the apparatus 103a may use an entropy source, such as local entropy source of the apparatus 103a, to determine which broadcast entropy source signals to use, e.g. by generating random numbers and selecting the broadcast entropy source signals have channel numbers that match the generated random numbers.
  • Some of the apparatuses 103a-103e, such as the apparatus 103a may be portable apparatuses.
  • portable apparatuses include a mobile phone, tablet computer, and a laptop.
  • the portable apparatus 103a may traverse through the building/facility/campus environment and may switch between particular remote entropy beacons 101 a, 101 b, 101 c for use in generating the resultant entropy values based on the relative location of the apparatus103a to the remote entropy beacons 101 a, 101 b, 101 c. For example, as the apparatus 103a moves away from the beacon 101 a, the signal strength of the broadcast entropy source signal received from the beacon 101 a will decrease due to the inverse square law.
  • the communication channel 1 10b is untrusted as indicated by the dashed line in Figure 4. In this example, this is because a third party is able to inject data into the communication channel 1 10b, and thus manipulate the entropy source signal ultimately received by the apparatus 103.
  • aspects of the present invention enable the generation of strong random numbers without dedicated hardware and with protection against weak entropy due to fault or attack.
  • An attacker would need to take control of all of the entropy sources at once to prevent good entropy generation by the apparatus 103, which could be remote (beacons) and/or local to the apparatus, clearly very difficult to achieve. Providing a large number of entropy sources, and using multiple different types of entropy source, and thus provide very effective protection against an attacker.
  • FIG. 6 there is shown another remote entropy beacon 101 according to aspects of the present invention.
  • the remote entropy beacon 101 of Figure 6 is the same as that of the remote entropy beacon 101 of Figure 5, except that the controller 1 13 is able to transmit control signals to the entropy source 1 1 1 .
  • This enables the controller 1 13 to feedback information to the entropy source 1 1 1 so as to control the entropy source 1 1 1 .
  • the control may include changing parameters of the entropy source 1 1 1 such as to offset for changes in temperature in the entropy source 1 1 1 or any other parameter that might affect the generation of entropy by the entropy source.
  • Step S3 comprises generating, by the apparatus, resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source signal.
  • These functional elements may in some embodiments include, by way of example, components, such as software components, object- oriented software components, class components and task components, processes, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables.
  • components such as software components, object- oriented software components, class components and task components, processes, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables.
  • components such as software components, object- oriented software components, class components and task components, processes, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The system (400) comprises a remote entropy beacon (101 a-101d) comprising a transmitter arranged to broadcast an entropy source signal comprising entropy values. The system (400) comprises an apparatus (103) comprising a receiver (107) arranged to receive the broadcast entropy source signal from the remote entropy beacon (101 a-101d). The apparatus (103) further comprises a controller (107) operable to generate resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source (105), e.g. obtained from a different source to the entropy source used to generate the broadcast entropy values.

Description

SYSTEM AND METHOD FOR GENERATING ENTROPY VALUES
[0001] The present invention is directed towards a system and method for generating entropy values and in particular towards a system and method for generating entropy values by combining together entropy values from multiple entropy source signals. The entropy values may be used as random numbers.
[0002] Random numbers are important in modern systems. For example, random numbers may be important for use in computer encryption, lotteries, scientific modelling, and gambling. Current methods of generating random numbers can produce predictable results, which is not desirable. For instance, a problem of generating random numbers using some methods lies in the fact that computers used in such methods work in a predictable way, running calculations and algorithms, and producing answers based on mathematics. Even with alternative approaches, not relying solely on computer calculations or algorithms, there might still exist patterns which result, again, in a degree of predictability.
[0003] A random number generator should ideally be as non-deterministic as possible or practical in a given application. However, device limitations typically mean that it is not practical or possible to implement a robust random number generator in an apparatus, such as a personal computer, tablet computer, laptop computer, or mobile phone.
[0004] It is known to combine entropy from different entropy sources so as to help maximize the amount of entropy in a random number, such as for use in a cryptographic function. For example, US 2016/0124716 A1 to Seagate Technology LLC discloses an apparatus for generating random numbers. The apparatus derives a first multi-bit string of entropy values from a first entropy source having a first trust level and a different, second multi-bit string of entropy values from a second entropy source having a different, second trust level. The first and second multi-bit strings of entropy values are combined in relation to the associated first and second trust levels to generate a multi-bit random number. The multi-bit random number is thereafter used as an input to a cryptographic function.
[0005] It is an object of the present invention to improve on existing approaches of generating entropy source signals, or at least to provide an alternative to the existing approaches of generating entropy source signals.
[0006] According to the present invention there is provided a system, apparatus and method as set forth in the appended claims. Other features of the invention will be apparent from the dependent claims, and the description which follows.
[0007] According to a first aspect of the present invention, there is provided a system. The system comprises a remote entropy beacon comprising a transmitter arranged to broadcast an entropy source signal comprising entropy values. The system comprises an apparatus comprising a receiver arranged to receive the broadcast entropy source signal from the remote entropy beacon. The apparatus further comprises a controller operable to generate resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source, e.g. obtained from a different source to the entropy source used to generate the broadcast entropy values.
[0008] Significantly, the present invention thus provides a remote entropy beacon that broadcasts an entropy source signal comprising entropy values. Here,“broadcast” means that the entropy source signal is dispersed (over a wired or wireless communication) such that it may be received by many apparatuses. That is, the broadcast is a one-to-many transmission rather than a one-one transmission. In this way, the remote entropy beacon may broadcast the entropy source signal to one or many apparatuses. The remote entropy beacon may not be aware of the apparatuses that the signal is being broadcast to. That is, the establishment of a (one-to-one) communication session between the apparatuses and the remote entropy beacon is not required. The apparatuses may then combine the received broadcast entropy values of the broadcast entropy source signal with other entropy values obtained from another entropy source signal so as to generate the resultant entropy values. In this way, the apparatus is able to maximize the amount of entropy in the generated resultant entropy values by combining entropy from two different sources. The generated resultant entropy values may thus form a random number signal for use, e.g. in a cryptographic function. The apparatus is able to generate the resultant entropy values without establishing or needing a secure (trusted) one- to-one communication with the broadcast entropy beacon, and without requiring hardware modification to the apparatus such as by providing a more robust random number generator. The system is thus versatile and supports an ad-hoc network of beacons and apparatuses.
[0009] Here, the broadcast entropy source signal and the other entropy source signal refer to signals that contain entropy values. The entropy values may be in the form of a string of numbers. The string of numbers may be in a binary, octal, decimal, or hexadecimal number system amongst others. The string of numbers may thus be in the form of a pseudo, quasi, or true random number. The combination of the broadcast entropy values and the other entropy values may thus result in the generation of a combined string of numbers, e.g. in the form of a random number which has more entropy than the broadcast entropy values and the other entropy values individually. That is, the generated resultant entropy values are more nondeterministic than the broadcast entropy values or the other entropy values. The broadcast entropy values and the other entropy values may both comprise a multi-bit string of entropy values. The combination of the broadcast entropy values and the other entropy values may thus result in the generation of a multi-bit random number, which then may be used as an input to a cryptographic function or similar.
[0010] The other entropy source signal may be generated by the apparatus. The apparatus may comprise an entropy source for generating the other entropy source signal. The entropy source may be a software implemented entropy source signal generator, a firmware implemented entropy source signal generator, or a hardware implemented entropy source signal generator, or a combination of software and/or firmware and/or hardware.
[0011] The other entropy source signal may be received from another remote entropy beacon. That is the receiver may be arranged to receive two broadcast entropy source signals from two different remote entropy beacons.
[0012] The controller may be operable to generate the resultant entropy values by combining together the entropy values of the broadcast entropy source signal, entropy values from another entropy source signal generated by the apparatus, and entropy values from another entropy source signal received from another remote entropy beacon.
[0013] The system may comprise a plurality of apparatuses. All of the apparatuses may be arranged to receive the same broadcast entropy source signal from the remote entropy beacon. That is, all of the apparatuses may comprise a receiver arranged to receive the broadcast entropy source signal. Some or all of the apparatuses may generate resultant entropy values by combining the received broadcast entropy values from the received broadcast entropy source signal with entropy values from another entropy source signal.
[0014] The system may comprise a plurality of remote entropy beacons. Each of the remote entropy beacons may be arranged to broadcast an entropy source signal.
[0015] The receiver of the apparatus may be arranged to receive a plurality of broadcast entropy source signals from the plurality of different remote entropy beacons, and thus may receive a plurality of sets of entropy values where each set of entropy values is obtained from one of the received entropy source signals. The controller of the apparatus may be operable to generate the resultant entropy values by combining entropy values from some or all of the broadcast entropy source signals together, optionally with entropy values from another entropy source signal generated by the apparatus.
[0016] The controller may be operable to generate the resultant entropy values by combining entropy values from a subset of the broadcast entropy source signals together. The subset of the broadcast entropy source signals may be selected based on one or more properties of the received broadcast entropy source signals.
[0017] The one or more properties of the received broadcast entropy source signals may comprise the signal strength of the broadcast entropy source signals, channel numbers of the source signals, and header data of the source signals.
[0018] A predetermined number of broadcast entropy source signals with the greatest signal strength may be selected and the sets of entropy values associated with these broadcast entropy source signals may be combined together. The predetermined number may be a number greater than or equal to 2. [0019] Broadcast entropy source signals with particular channel numbers, e.g. that match random numbers generated by an entropy source associated with the apparatuses, may be selected and the sets of entropy values associated with these broadcast entropy source signals may be combined together.
[0020] Apparatuses may only select broadcast entropy source signals that identify the particular apparatuses in their metadata/header data. That is, the metadata/header data may comprise identification information for one or more of the apparatuses, and this identification information may indicate that only those apparatuses are intended to use the entropy values of the broadcast entropy source signal. The identification information may be a sequence of numbers, such as an apparatus ID.
[0021] The plurality of remote entropy beacons may be part of a broadcast network of remote entropy beacons. Each remote entropy beacon may be associated with a fixed location. The fixed location may be within a building/campus/facility environment. The apparatus may be arranged to receive broadcast entropy source signals from different ones of the remote entropy beacons based on the location of the apparatus relative to the fixed locations of the remote entropy beacons.
[0022] The plurality of remote entropy beacons may each comprise or be associated with an entropy source arranged to generate the entropy source signal. The plurality of remote entropy beacons may comprise similar or identical entropy sources which may each generate unique entropy source signals based on the starting conditions in which they are activated, for example. The plurality of remote entropy beacons may use different types of entropy sources to generate the entropy source signals. That is, one of the plurality of remote entropy beacons may use a first type of entropy source to generate the entropy source signal while another of the plurality of remote entropy beacons may use a second, different, type of entropy source to generate the entropy source signal.
[0023] The controller of the apparatus may be operable to combine the resultant entropy values with entropy values from another entropy source signal generated by the apparatus.
[0024] The apparatus may be an entropy beacon and may comprise a transmitter arranged to broadcast an entropy source signal comprising the resultant entropy values, or other entropy values generated using the resultant entropy values.
[0025] The apparatus may be a mobile device, a portable electronic device, an embedded device, a vehicle computing system (e.g., a vehicle navigation or media management system), a desktop computer, a laptop computer, a table computer, a wearable device, a workstation, or any other data processing system or computing device.
[0026] The broadcast entropy values may be combined with the other entropy values in a variety of ways, e.g. through use of a combinatorial function. In some cases, combining the broadcast entropy values with the other entropy values may comprise applying a hash function to the broadcast entropy values and the other entropy values. In some cases, combining the broadcast entropy values with the other entropy values comprises performing an exclusive-or (XOR) operation on the broadcast entropy values and the other entropy source values. Other combinatorial functions are within the scope of the present invention, such as the use of encryption functions.
[0027] The remote entropy beacon may comprise an entropy source. The entropy source may be implemented in software, firmware, hardware, or a combination of any of software, firmware and hardware. The entropy source may be a pseudo-random number generator, a quasi-random number generator, or a true-random number generator (TRNG). The entropy source may be a chaos-based TRNG. The entropy source may be a noise-based TRNG. The entropy source may be a quantum-based TRNG. The entropy source may be a photon-based TRNG.
The entropy source of the apparatus and/or beacon may comprise a structure that exhibits a nondeterministic electrical output response to an electrical input. The entropy source may be arranged to facilitate a challenge of the structure to generate the nondeterministic response, by facilitating an electrical measurement of an output of the structure. The nondeterministic response may be derivable from that measurement. The structure may comprise a resonant tunnelling diode, and preferably only a single resonant tunnelling diode. That is, while the nondeterministic response may be processed by other circuital components, the response is generated only (solely) by the structure (e.g. a single diode). The (sole) single resonant tunnelling diode may exhibit negative differential resistance and also quantum mechanical confinement, such that the resonant tunnelling diode exhibits a nondeterministic electrical output response to an electrical input as a result of the negative differential resistance and quantum mechanical confinement. The nondeterministic electrical output may be nondeterministic in that two or more voltage outputs are possible from a single current input. The nondeterministic electrical output response may be linked to a change in state of the resonant tunnelling diode from a first state to a second state and/or may comprise a change in electrical output from a first level to, or beyond, a second, threshold level; The apparatus and/or beacon may be arranged to facilitate challenges of only the resonant tunnelling diode to generate the nondeterministic responses from only that resonant tunnelling diode, by, for example, facilitating, for each challenge, an electrical measurement of an output of only that resonant tunnelling diode. The apparatus and/or beacon may be arranged to facilitate the selective input of current to the resonant tunnelling diode, and the electrical measurement of a voltage output of the resonant tunnelling diode; and the nondeterministic response for each challenge being derivable from that measurement. Further details of such an entropy source may be found in the Applicant’s own PCT Publication No. WO 2018/029440 A1 the disclosures of which are hereby incorporated by reference. [0028] The transmitter of the remote entropy beacon may be arranged to broadcast the entropy source signal over a wired or a wireless communication channel. The communication channel may be an untrusted communication channel. The communication channel may be a channel used by the apparatus and the remote entropy beacon for another purpose, such as for application data communication. The communication channel may be a dedicated channel for the communication of the broadcast entropy source signal.
[0029] The transmitter of the remote entropy beacon may be a transmit-only transmitter.
[0030] The transmitter of the remote entropy beacon may operate as a streaming service, such as by streaming entropy values constantly, e.g. while the beacon is powered or otherwise in a state to transmit and is provided with entropy values from an entropy source. Beneficially, this means that entropy values may be continuously provided such they may be obtained on- demand by apparatuses within the broadcast range to the remote entropy beacon. Because the broadcast entropy value is combined with another entropy value by the apparatus, the problem of a plurality of apparatuses using the same broadcast entropy value is mitigated. Also, because no trust is required, no handshaking is needed, and so this allows for (or makes easier) the constant generation of the signal and/or the reception of the signal by the apparatus. That is, the transmitter might not require a handshaking operation in order to function as described herein.
[0031] According to a second aspect of the invention, there is provided a method, e.g. suitable to be performed by the system as described above in relation to the first aspect of the invention. The method comprises broadcasting, by a remote entropy beacon, an entropy source signal comprising entropy values. The method comprises receiving, by an apparatus, the broadcast entropy source signal from the remote entropy beacon. The method comprises generating, by the apparatus, resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source signal.
[0032] According to a third aspect of the invention, there is provided a remote entropy beacon, e.g. suitable for use in the system as described above in relation to the first aspect of the invention. The remote entropy beacon comprises a transmitter arranged to broadcast an entropy source signal comprising entropy values. An apparatus which receives the broadcast entropy source signal is arranged to combine the broadcast entropy values with entropy values from another entropy source signal.
[0033] According to a fourth aspect of the invention, there is provided a method performed by a remote entropy beacon, e.g. suitable for use in the system as described above in relation to the first aspect of the invention. The method comprises: broadcasting an entropy source signal comprising entropy values, wherein an apparatus which receives the broadcast entropy source signal is arranged to combine the broadcast entropy values with entropy values from another entropy source signal. [0034] Significantly, the present invention thus provides a remote entropy beacon that broadcasts an entropy source signal comprising entropy values. Here,“broadcast” means that the entropy source signal is dispersed (over a wired or wireless communication) such that it may be received by many apparatuses. That is, the broadcast is a one-to-many transmission rather than a one-one transmission. In this way, the remote entropy beacon may broadcast the entropy source signal to one or many apparatuses. The remote entropy beacon may not be aware of the apparatuses that the signal is being broadcast to. That is, the establishment of a (one-to-one) communication session between the apparatuses and the remote entropy beacon is not required. The apparatuses may then combine the received broadcast entropy values of the broadcast entropy source signal with other entropy values obtained from another entropy source signal so as to generate the resultant entropy values. In this way, the apparatus is able to maximize the amount of entropy in the generated resultant entropy values by combining entropy from two different sources. The generated resultant entropy values may thus form a random number signal for use, e.g. in a cryptographic function. The apparatus is able to generate the resultant entropy values without establishing or needing a secure (trusted) one- to-one communication with the broadcast entropy beacon, and without requiring hardware modification to the apparatus such as by providing a more robust random number generator.
[0035] According to a fifth aspect of the invention, there is provided an apparatus, e.g. suitable for use in the system as described above in relation to the first aspect of the invention. The apparatus comprises a receiver arranged to receive a broadcast entropy source signal comprising entropy values from a remote entropy beacon. The apparatus comprises a controller operable to generate resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source signal.
[0036] According to a sixth aspect of the invention, there is provided a method performed by an apparatus, e.g. suitable for use in the system as described above in relation to the first aspect of the invention. The method comprises receiving a broadcast entropy source signal comprising entropy values from a remote entropy beacon. The method comprises generating resultant entropy values by combining the broadcast entropy values signal with entropy values from another entropy source signal.
[0037] Significantly, the present invention thus provides an apparatus that may receive an entropy source signal comprising entropy values and broadcast by a remote entropy beacon. Here,“broadcast” means that the entropy source signal is dispersed (over a wired or wireless communication) such that it may be received by many apparatuses. That is, the broadcast is a one-to-many transmission rather than a one-one transmission. In this way, the remote entropy beacon may broadcast the entropy source signal to one or many apparatuses. The remote entropy beacon may not be aware of the apparatuses that the signal is being broadcast to. That is, the establishment of a (one-to-one) communication session between the apparatuses and the remote entropy beacon is not required. The apparatuses may then combine the received broadcast entropy values of the broadcast entropy source signal with other entropy values obtained from another entropy source signal so as to generate the resultant entropy values. In this way, the apparatus is able to maximize the amount of entropy in the generated resultant entropy values by combining entropy from two different sources. The generated resultant entropy values may thus form a random number signal for use, e.g. in a cryptographic function. The apparatus is able to generate the resultant entropy values without establishing or needing a secure (trusted) one-to-one communication with the broadcast entropy beacon, and without requiring hardware modification to the apparatus such as by providing a more robust random number generator.
[0038] For a better understanding of the invention, and to show how embodiments of the same may be carried into effect, reference will now be made, by way of example only, to the accompanying diagrammatic drawings in which:
[0039] Figure 1 shows an example system according to aspects of the present invention;
[0040] Figure 2 shows another example system according to aspects of the present invention;
[0041] Figure 3 shows yet another example system according to aspects of the present invention;
[0042] Figure 4 shows yet another example system according to aspects of the present invention;
[0043] Figure 5 shows an example of a remote entropy beacon according to aspects of the present invention;
[0044] Figure 6 shows another example of a remote entropy beacon according to aspects of the present invention; and
[0045] Figure 7 is a flow diagram for a method according to aspects of the present invention.
[0046] Referring to Figure 1 , there is shown a system 100 in accordance with aspects of the present invention. The system 100 comprises a remote entropy beacon 101 and a plurality of apparatuses 103a-103e. Five apparatuses 103a-103e are shown in Figure 1 , but it will be appreciated that the present invention is not limited to any particular number of apparatuses 103a-103e. Further, the present invention does not require that more than one apparatus 103a-103e is included, and aspects of the present invention include only one apparatus 103a being provided.
[0047] The remote entropy beacon 101 comprises a transmitter (not shown) arranged to broadcast an entropy source signal comprising entropy values. In this example, the remote entropy beacon 101 is broadcasting the entropy source signal over a wireless communication channel, but in other examples a wired communication channel may be used. Wireless communication may give more flexibility. The communication channel may be a communication channel used by the remote entropy beacon 101 for application data communication or may be an additional channel dedicated to the communication of entropy values. The use of a dedicated communication channel may be beneficial in preventing/making it harder for an attacker to uncover the distributed entropy values.
[0048] The apparatus 103a-103e comprises a receiver (not shown) arranged to receive the broadcast entropy source signal from the remote entropy beacon 101 . The apparatus 103a- 103e further comprises a controller (not shown) operable to generate resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source signal. The combining may be performed using an XOR function, hash function, or other combinatorial function as appreciated by the skilled person.
[0049] In this example, the other entropy source signal is generated by the apparatus 103a- 103e. In particular, the apparatus 103a-103e comprises an entropy source (not shown) for generating entropy values.
[0050] In an example operation, the remote entropy beacon 101 broadcasts an entropy source signal over a communication channel such that the entropy source signal may be received by any of the apparatuses 103a-103e within the broadcast range of the beacon 101 . The apparatuses 103a-103e may selectively receive the broadcast entropy source signal and combine the received entropy values with entropy values from an internally generated entropy source signal. The resultant entropy values may be used as a random number, e.g. for cryptographic applications. The entropy source of the apparatus 103a-103e may be a weak entropy source, e.g. may a software implemented RNG. The present invention is thus able to mitigate the effect of the weak entropy source by combining entropy values from this entropy source with the received broadcast entropy values. In this way, a stronger entropy may be provided. This stronger entropy may be provided without requiring the establishment of a secure one-to-one communication session between the apparatuses 103a-103e and the beacon 101 . That is, the beacon 101 and the apparatuses 103a-103e do not need to undergo a handshaking procedure, and instead the beacon 101 broadcasts the entropy values.
[0051] Referring to Figure 2, there is shown a system 200 in accordance with aspects of the present invention. The system 200 is similar to the system 100 of Figure 1 and like reference numerals have been used in Figures 1 and 2 to indicate like components.
[0052] The system 200 of Figure 2 comprises a plurality of remote entropy beacons 101 a- 101 c. Three remote entropy beacons 101 a-101 c are shown in Figure 2, but it will be appreciated that the present invention is not limited to any particular number of remote entropy beacons 101 a-101 c. Five apparatuses 103a-103e are shown in Figure 2, but it will be appreciated that the present invention is not limited to any particular number of apparatuses 103a-103e. Further, the present invention does not require that more than one apparatus 103a-103e is included, and aspects of the present invention may include only one apparatus 103a.
[0053] The apparatuses 103a-103e comprise receivers (not shown) arranged to receive a plurality of broadcast entropy source signals from the plurality of remote entropy beacons 101 a-101 c. The apparatuses 103a-103e further comprise controllers (not shown) operable to generate resultant entropy values by combining entropy values from some or all of the plurality of broadcast entropy source signals together, or additionally with entropy values from a local entropy source of the apparatuses 103a-103e. The particular entropy source signals used may be selected based on one or more properties of the received broadcast entropy source signals.
[0054] In one example, the apparatus 103a may receive broadcast entropy source signals from two of the remote entropy beacons101 a, 101 b. The apparatus 103a in this example may then generate the resultant entropy values by combining entropy values from the two broadcast entropy source signals. The combining may be performed using an XOR function, hash function, or other combinatorial function as appreciated by the skilled person.
[0055] In one example, the apparatus 103a may receive broadcast entropy source signals from all three of the remote entropy beacons 101 a, 101 b, 101 c. The apparatus 103a may combine entropy values from all of the broadcast entropy source signals to generate the resultant entropy values, and optionally may further combine the entropy values from all of the broadcast entropy source signals with entropy values generated by a local entropy source of the apparatus 103a. The apparatus 103a may instead select a subset of the broadcast entropy source signals, such as those from remote entropy beacons 101 a and 101 b, and combine the entropy values from only the broadcast entropy source signals transmitted by those remote entropy beacons 101 a and 101 b, optionally with entropy values of the local entropy source of the apparatus 103a. The selection of the subset of the broadcast entropy source signals may be based on one or more properties of the received broadcast entropy source signals.
[0056] The one or more properties may comprise the signal strength of the broadcast entropy source signals. That is, the apparatus 103a may select a predetermined number of broadcast entropy source signals with the greatest signal strength as the subset of the broadcast entropy source signals. Rather than selecting a predetermined number of broadcast entropy sources, the apparatus 103a may select all broadcast entropy source signals having a signal strength above a predetermined level.
[0057] The one or more properties may comprise the channel number of the broadcast entropy source signals. The broadcast entropy source signals from the different remote entropy beacons 101 a, 101 b, 101 c may be transmitted on different channels, i.e. with different associated channel numbers. The apparatus 103a may select the subset of the broadcast entropy source signals based on these channel numbers. In one example of this, the apparatus 103a may use an entropy source, such as local entropy source of the apparatus 103a, to determine which broadcast entropy source signals to use, e.g. by generating random numbers and selecting the broadcast entropy source signals have channel numbers that match the generated random numbers. As a simple example, entropy signals may be broadcast on channels numbered , ‘2’, and ‘3’. An entropy source of the apparatus may generate a random number between 1 and 3 and uses this number to select which of the broadcast entropy signals to use in generating the resultant entropy values.
[0058] The one or more properties may comprise header data contained in a header of the broadcast entropy source signals. For example, the header data may identify particular apparatuses 103a, 103b, 103c that the broadcast entropy source signal is intended for, and those identified apparatuses 103a, 103b, 103c may select the broadcast source signal that identifies them in the header data.
[0059] In one example implementation of the system of Figure 2, the remote entropy beacons 101 a, 101 b, 101 c may be implemented at fixed locations within a building/facility/campus, or environment in general. The remote entropy beacons 101 a, 101 b, 101 c can thus be considered as forming a broadcast network of remote entropy beacons 101 a, 101 b, 101 c. The remote entropy beacons 101 a, 101 b, 101 c may continuously stream broadcast entropy source signals comprising entropy values that may be received by the apparatuses 103a-103e within the building/facility/campus. Some of the apparatuses 103a-103e, such as the apparatus 103a may be portable apparatuses. Some examples of portable apparatuses include a mobile phone, tablet computer, and a laptop. The portable apparatus 103a may traverse through the building/facility/campus environment and may switch between particular remote entropy beacons 101 a, 101 b, 101 c for use in generating the resultant entropy values based on the relative location of the apparatus103a to the remote entropy beacons 101 a, 101 b, 101 c. For example, as the apparatus 103a moves away from the beacon 101 a, the signal strength of the broadcast entropy source signal received from the beacon 101 a will decrease due to the inverse square law. Once the signal strength of the broadcast entropy source signal received from the beacon 101 a decreases below a predetermined value, the apparatus 103a may no longer use the broadcast entropy source signal from the beacon 101 a in generating the resultant entropy values. This effectively means that as the apparatus 103a moves out of the broadcast range of one or more of the remote entropy beacons 101 a-101 c, it may move into the broadcast range of other ones of the remote entropy beacons 101 a-101 c. This means that the apparatus 103a is able to use a selection from multiple fixed beacons 101 a-101 c dynamically as the apparatus 103a is traversed through the building/facility/environment.
[0060] Subsequently, the controller of the apparatus 103a may generate subsequent resultant entropy values by combining the resultant entropy values with other entropy values from another entropy source signal generated by the apparatus 103a. [0061] Referring to Figure 3, there is shown a system 300 according to aspects of the present invention. The system 300 is similar to the system 200 of Figure 2 and the system 100 of Figure 1 and like reference numerals have been used in Figures 1 , 2 3 to indicate like components.
[0062] In the example of Figure 3, the remote entropy beacons 101 a-101 c are able to transmit entropy source signals to other ones of the remote entropy beacons 101 a-101 c. That is, for example, the remote entropy beacon 101 b may receive entropy source signals from the remote entropy beacons 101 a, 101 c. The remote entropy beacon 101 b may combine the entropy values from one or both of these entropy source signals with entropy values generated by an entropy source (not shown) of the remote entropy beacon 101 b and broadcast the resultant entropy values to the apparatuses 103a-103e. Significantly, this enables the remote entropy beacons 101 a-101 c to increase the entropy of their broadcast signals, and helps mitigate or obviate the effect of third parties attempting to modify or manipulate the system 300. In other words, the apparatus described herein could in fact be, or become, a remote entropy beacon.
[0063] Referring to Figure 4, there is shown a system 400 according to aspects of the present invention. The system 400 is similar to the system 300 of Figure 3, the system 200 of Figure 2 and the system 100 of Figure 1 and like reference numerals have been used in Figures 1 , 2, 3, and 4 to indicate like components.
[0064] Four remote entropy beacons 101 a-101 d are shown in Figure 4, but it will be appreciated that the present invention is not limited to any particular number of remote entropy beacons 101 a-101 d. While one apparatuses 103 is shown in Figure 4, it will be appreciated that the present invention is not limited to any particular number of apparatuses 103.
[0065] The apparatus 103 comprises an entropy source 105, a controller/receiver 107 and a random number output unit 109. The controller/receiver 107 is shown as a single, integral unit in Figure 4, but it will be appreciated that the controller and the receiver may also be two separate components. The entropy source 105 in this example is untrusted, as indicated by the use of a dashed line lines in Figure 4. The entropy source 105 is untrusted because the entropy source 105 may be flawed in construction or open to external influence by, e.g., changing the temperature of the apparatus 103. The remainder of the components of the apparatus 103 are trusted as indicated by the sold lines in Figure 4.
[0066] The remote beacon 101 a is trusted as indicated by the solid line in Figure 4. This means that the entropy source of the remote beacon 101 a is trusted to generate an entropy source signal, e.g. because the entropy source is not open to manipulation by external influence. The remote entropy beacon 101 a is arranged to broadcast the entropy source signal over a communication channel 1 10a. The communication channel 1 10a is a trusted communication channel as indicated by the use of a solid line in Figure 4. [0067] The remote entropy beacon 101 b is also trusted as indicated by the solid line in Figure 4. The remote entropy beacon 101 b is arranged to broadcast the entropy source signal over a communication channel 1 10b. The communication channel 1 10b is untrusted as indicated by the dashed line in Figure 4. In this example, this is because a third party is able to inject data into the communication channel 1 10b, and thus manipulate the entropy source signal ultimately received by the apparatus 103.
[0068] The remote entropy beacon 101 c is untrusted as indicated by the dashed line in Figure 4. The remote entropy beacon 101 c is untrusted because a third party is able to manipulate the entropy source of the remote entropy beacon 101 c and thus manipulate the entropy source signal ultimately received by the apparatus 103. The remote entropy beacon 101 c is arranged to broadcast the entropy source signal over a trusted communication channel 1 10c as indicated by the solid line in Figure 4.
[0069] The remote entropy beacon 101 d is untrusted as indicated by the dashed line in Figure 4. The remote entropy beacon 101 d is untrusted because it is a compromised device that has been introduced into the broadcast network by a third party. The remote entropy beacon 101 d may thus broadcast an untrusted entropy source signal. The entropy source signal is broadcast over an untrusted communication channel 1 10d as indicated by the dashed line in Figure 4.
[0070] It will be appreciated that the example of Figure 4 comprises multiple components which are trusted and untrusted. The apparatus 103 may be unable to identify which components are trusted/untrusted, and thus may be unable to exclude untrusted components. Significantly, however, the apparatus 103 is able to mitigate for this issue by combining entropy values from multiple entropy source signals together so as to generate resultant entropy values. The combination of the multiple entropy values helps to minimise, mitigate or offset the effects of untrusted components. The controller 107 is thus able to maximize the amount of entropy for resultant entropy values, which is in turn used by the random number output unit 109 to output a random number. This maximization of the entropy is able to be achieved without requiring the apparatus 103 to negotiate a secure communication session with the remote entropy beacons 101 a-101 d, and thus provides a more versatile, and simpler system for generating entropy source signals.
[0071] In the example of Figure 4, the remote entropy beacons 101 a-101 d may comprise different types of entropy sources. This means that if one type of entropy source system is found to be flawed or generally unsatisfactory, the system is still secure because not all of the remote entropy beacons 101 a-101 d will use the same, flawed, entropy source.
[0072] The above example of Figure 4 highlights several advantages of the present invention. Strong random number generation by the apparatus 103 is not required due to the combination of the entropy values from the entropy source 105 of the apparatus 103 with entropy values received from other entropy sources. Thus, the untrusted nature of the local entropy source 105 may be mitigated for/offset without requiring potentially complex and expensive modification to the local entropy source 105. Further, a fault in an entropy source of one of the remote entropy beacons 101 a-101d does not prevent strong random number generation in the apparatuses due to the combination of entropy values from multiple sources. Further still, an attacker manipulating entropy generation in one of the remote entropy beacons 101 a-101d cannot prevent strong entropy generation in the apparatus 103. Therefore, aspects of the present invention enable the generation of strong random numbers without dedicated hardware and with protection against weak entropy due to fault or attack. An attacker would need to take control of all of the entropy sources at once to prevent good entropy generation by the apparatus 103, which could be remote (beacons) and/or local to the apparatus, clearly very difficult to achieve. Providing a large number of entropy sources, and using multiple different types of entropy source, and thus provide very effective protection against an attacker.
[0073] Referring to Figure 5, there is shown a remote entropy beacon 101 according to aspects of the present invention. The remote entropy beacon 101 comprises an entropy source 11 1. In this example, the entropy source 11 1 is a true random number generator (TRNG) that generates a continuous stream of random information.
[0074] The remote entropy beacon 101 comprises a controller 113 which reads and processes the stream of random information. The controller 113 may run a randomness extraction function in some examples. The randomness extraction function may be a Von Neumann extractor function, but other extractor functions are available and may be selected as appropriate by the skilled person. In some examples, the controller 113 is a microcontroller. This may be beneficial in some examples as it allows the stream of random information to be measured and processed using the same chip. However, the microcontroller may have low processing capabilities. Other types of controller 113 may be used such as a digital signal processing unit, a central processing unit, or a field-programmable gate array. These types of controllers 113 may require external reading circuitry to measure the stream of random information.
[0075] The remote entropy beacon 101 further comprises a transmitter 115 that receives the processed stream of random information and broadcasts the processed stream of random information as an entropy source signal comprising entropy values. The transmitter 1 15 in this example is a transmit-only transmitter, i.e. a transmitter 1 15 that is capable only of transmitting signals, not receiving them. The transmitter 115 in this particular example is a Bluetooth ® transmitter. The present invention is not limited to Bluetooth ® transmission, and other transmission protocols such as WiFi and LAN, amongst others, are within the scope of the present invention. [0076] The broadcast entropy source signal is received by the apparatuses 103a-103c, which may then combine the broadcast entropy values with entropy values obtained from another entropy source signal so as to generate resultant entropy values.
[0077] Referring to Figure 6, there is shown another remote entropy beacon 101 according to aspects of the present invention. The remote entropy beacon 101 of Figure 6 is the same as that of the remote entropy beacon 101 of Figure 5, except that the controller 1 13 is able to transmit control signals to the entropy source 1 1 1 . This enables the controller 1 13 to feedback information to the entropy source 1 1 1 so as to control the entropy source 1 1 1 . The control may include changing parameters of the entropy source 1 1 1 such as to offset for changes in temperature in the entropy source 1 1 1 or any other parameter that might affect the generation of entropy by the entropy source. This may be performed using a closed feedback loop where the entropy source 1 1 1 is controlled to actively change one or more of its parameters based on its output. This may also be performed using an open feedback loop, where the entropy source 1 1 1 is controlled to periodically run an initialisation/setup routine.
[0078] Referring to Figure 7 there is shown a method according to aspects of the present invention, and suitable for use with a system as described above.
[0079] Step S1 comprises broadcasting, by a remote entropy beacon, an entropy source signal comprising entropy values.
[0080] Step S2 comprises receiving, by an apparatus, the broadcast entropy source signal from the remote entropy beacon.
[0081] Step S3 comprises generating, by the apparatus, resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source signal.
[0082] In some examples, the present invention may be implemented in a data centre. A data centre may comprise a large number of computers, the computers may be basic computers without the capability to generator strong entropy., The present invention can provide a plurality of remote entropy beacons within the data centre that may broadcast entropy values to the computers, e.g. over a local channel. The present invention thus enables the computers of the data centre to generate strong entropy.
[0083] In some examples, the present invention may be implemented for use with Internet-Of- Things (IOT) devices. That is, the apparatuses may be IOT devices which may lack the capability to generate strong entropy. The IOT devices may, however, use entropy values received from the remote entropy beacons to generate strong entropy.
[0084] At least some of the example embodiments described herein may be constructed, partially or wholly, using dedicated special-purpose hardware. Terms such as ‘component’, ‘module’ or‘unit’ used herein may include, but are not limited to, a hardware device, such as circuitry in the form of discrete or integrated components, a Field Programmable Gate Array (FPGA) or Application Specific Integrated Circuit (ASIC), which performs certain tasks or provides the associated functionality. In some embodiments, the described elements may be configured to reside on a tangible, persistent, addressable storage medium and may be configured to execute on one or more processors. These functional elements may in some embodiments include, by way of example, components, such as software components, object- oriented software components, class components and task components, processes, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables. Although the example embodiments have been described with reference to the components, modules and units discussed herein, such functional elements may be combined into fewer elements or separated into additional elements. Various combinations of optional features have been described herein, and it will be appreciated that described features may be combined in any suitable combination. In particular, the features of any one example embodiment may be combined with features of any other embodiment, as appropriate, except where such combinations are mutually exclusive. Throughout this specification, the term“comprising” or “comprises” means including the components) specified but not to the exclusion of the presence of others.
[0085] Although a few preferred embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that various changes and modifications might be made without departing from the scope of the invention, as defined in the appended claims.
[0086] Attention is directed to all papers and documents which are filed concurrently with or previous to this specification in connection with this application and which are open to public inspection with this specification, and the contents of all such papers and documents are incorporated herein by reference.
[0087] All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and/or all of the steps of any method or process so disclosed, may be combined in any combination, except combinations where at least some of such features and/or steps are mutually exclusive.
[0088] Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise. Thus, unless expressly stated otherwise, each feature disclosed is one example only of a generic series of equivalent or similar features.
[0089] The invention is not restricted to the details of the foregoing embodiment(s). The invention extends to any novel one, or any novel combination, of the features disclosed in this specification (including any accompanying claims, abstract and drawings), or to any novel one, or any novel combination, of the steps of any method or process so disclosed.

Claims

1. A system comprising:
a remote entropy beacon comprising a transmitter arranged to broadcast an entropy source signal comprising entropy values;
an apparatus comprising: a receiver arranged to receive the broadcast entropy source signal from the remote entropy beacon; and a controller operable to generate resultant entropy values by combining the entropy values of the broadcast entropy source signal with entropy values from another entropy source signal.
2. A system as claimed in claim 1 , wherein the other entropy source signal is generated by the apparatus or received from another remote entropy beacon, and optionally wherein the controller is operable to generate the resultant entropy values by combining together the entropy values of the broadcast entropy source signal, the entropy values from another entropy source signal generated by the apparatus, and entropy values from another entropy source signal received from another remote entropy beacon.
3. A system as claimed in any preceding claim, further comprising a plurality of apparatuses, wherein all of the apparatuses are arranged to receive the same broadcast entropy source signal from the remote entropy beacon, and optionally wherein each of the apparatuses is operable to generate resultant entropy values by combining the entropy values of the broadcast entropy source signal with entropy values from the other entropy source signal.
4. A system as claimed in any preceding claim, further comprising a plurality of remote entropy beacons, wherein each of the remote entropy beacons is arranged to broadcast an entropy source signal comprising entropy values.
5. A system as claimed in claim 4, wherein the receiver of the apparatus is arranged to receive a plurality of broadcast entropy source signals from the plurality of different remote entropy beacons, and wherein the controller of the apparatus is operable to generate the resultant entropy values by combining entropy values from some or all of the broadcast entropy source signals together, optionally with entropy values from another entropy source signal generated by the apparatus.
6. A system as claimed in claim 5, wherein the controller is operable to generate the resultant entropy values by combining entropy values from a subset of the broadcast entropy source signals together, wherein the subset of the broadcast entropy source signals are selected based on one or more properties of the received broadcast entropy source signals, and optionally wherein the one or more properties of the received broadcast entropy source signals comprises the signal strength of the broadcast entropy source signals, channel numbers of the source signals, and header data of the broadcast entropy source signals.
7. A system as claimed in any of claims 5 or 6, wherein each remote entropy beacon is associated with a fixed location, and wherein the apparatus is arranged to receive broadcast entropy source signals from different ones of the remote entropy beacons based on the location of the apparatus relative to the fixed locations of the remote entropy beacons.
8. A system as claimed in any of claim 5 to 7, wherein the plurality of remote entropy beacons use different entropy generation techniques to generate the entropy source signals.
9. A system as claimed in any preceding claim, wherein the controller of the apparatus is operable to generate subsequent resultant entropy values by combining the resultant entropy values with another entropy source signal generated by the apparatus.
10. A system as claimed in any preceding claim, wherein the apparatus is an entropy beacon and comprises a transmitter arranged to broadcast an entropy source signal comprising the resultant entropy values.
1 1 . A system as claimed in any preceding claim, wherein combining the entropy values of the broadcast entropy source signal with the entropy values from the other entropy source signal comprises applying a combinatorial function to the entropy values, wherein optionally the combinatorial function is a hash function or an exclusive-or operation.
12. A system as claimed in any preceding claim, wherein the remote entropy beacon and/or the apparatus comprises an entropy source, wherein the entropy source comprises a structure that exhibits a nondeterministic electrical output response to an electrical input, wherein the entropy source is arranged to facilitate a challenge of the structure to generate a nondeterministic response, by facilitating an electrical measurement of an output of the structure, the nondeterministic response is derivable from that measurement, and optionally the structure comprises a resonant tunnelling diode, and optionally only a single resonant tunnelling diode.
13. A system as claimed in any preceding claim, wherein the transmitter of the remote entropy beacon is arranged to broadcast the entropy source signal over an untrusted communication channel, and optionally wherein the transmitter of the remote entropy beacon is a transmit-only transmitter.
14. A remote entropy beacon suitable for use in the system as claimed in any of claims 1 to
13, the remote entropy beacon comprising a transmitter arranged to broadcast an entropy source signal comprising entropy values, wherein an apparatus which receives the broadcast entropy source signal is arranged to combine the broadcast entropy values with entropy values from another entropy source signal.
15. An apparatus suitable for use in the system as claimed in any of claims 1 to 13, the apparatus comprising a receiver arranged to receive a broadcast entropy source signal comprising entropy values from a remote entropy beacon, and a controller operable to generate resultant entropy values by combining the broadcast entropy values with entropy values from another entropy source signal
PCT/GB2019/051775 2018-06-25 2019-06-24 System and method for generating entropy values WO2020002893A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB201810394A GB2575040A (en) 2018-06-25 2018-06-25 System and method for generating entropy values
GB1810394.5 2018-06-25

Publications (1)

Publication Number Publication Date
WO2020002893A1 true WO2020002893A1 (en) 2020-01-02

Family

ID=63042619

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2019/051775 WO2020002893A1 (en) 2018-06-25 2019-06-24 System and method for generating entropy values

Country Status (2)

Country Link
GB (1) GB2575040A (en)
WO (1) WO2020002893A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113037463A (en) * 2020-06-03 2021-06-25 太原理工大学 Method for generating quantum random code at high speed in real time based on chaos amplification quantum noise

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140223148A1 (en) * 2013-02-06 2014-08-07 International Business Machines Corporation Method of entropy randomization on a parallel computer
US20160124716A1 (en) 2014-10-30 2016-05-05 Seagate Technology Llc Deriving Entropy From Multiple Sources Having Different Trust Levels
US20170078087A1 (en) * 2015-09-15 2017-03-16 Global Risk Advisors Device and method for resonant cryptography
WO2018029440A1 (en) 2016-08-08 2018-02-15 Quantum Base Limited Nondeterministic response to a challenge

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9495544B2 (en) * 2013-06-27 2016-11-15 Visa International Service Association Secure data transmission and verification with untrusted computing devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140223148A1 (en) * 2013-02-06 2014-08-07 International Business Machines Corporation Method of entropy randomization on a parallel computer
US20160124716A1 (en) 2014-10-30 2016-05-05 Seagate Technology Llc Deriving Entropy From Multiple Sources Having Different Trust Levels
US20170078087A1 (en) * 2015-09-15 2017-03-16 Global Risk Advisors Device and method for resonant cryptography
WO2018029440A1 (en) 2016-08-08 2018-02-15 Quantum Base Limited Nondeterministic response to a challenge

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113037463A (en) * 2020-06-03 2021-06-25 太原理工大学 Method for generating quantum random code at high speed in real time based on chaos amplification quantum noise

Also Published As

Publication number Publication date
GB2575040A (en) 2020-01-01
GB201810394D0 (en) 2018-08-08

Similar Documents

Publication Publication Date Title
Ping et al. Designing permutation–substitution image encryption networks with Henon map
Ahmad et al. Bijective S-boxes method using improved chaotic map-based heuristic search and algebraic group structures
Gu et al. A fast image encryption method by using chaotic 3D cat maps
EP2853059B1 (en) Encryption key generation
Sayed et al. Generalized switched synchronization and dependent image encryption using dynamically rotating fractional-order chaotic systems
TWI781911B (en) Method and system for generating pseudorandom numbers
Hu et al. A uniform chaotic system with extended parameter range for image encryption
Hu et al. A true random number generator based on mouse movement and chaotic cryptography
Naif et al. Secure IOT system based on chaos-modified lightweight AES
Mondal et al. A secure image encryption scheme based on genetic operations and a new hybrid pseudo random number generator
Kayarkar et al. A survey on various data hiding techniques and their comparative analysis
Zaibi et al. Efficient and secure chaotic S‐Box for wireless sensor network
Gupta et al. Lightweight cryptography: an IoT perspective
US11997200B2 (en) Generating unique cryptographic keys from a pool of random elements
Liu et al. Chaos-based color image encryption using one-time keys and Choquet fuzzy integral
EA027214B1 (en) Method of data encryption with chaotic changes of round key based on dynamic chaos
Sathishkumar et al. A novel image encryption algorithm using pixel shuffling and base 64 encoding based chaotic block cipher (IMPSBEC)
WO2020002893A1 (en) System and method for generating entropy values
Akif et al. A new pseudorandom bits generator based on a 2D-chaotic system and diffusion property
Clemente-López et al. Experimental validation of IoT image encryption scheme based on a 5-D fractional hyperchaotic system and Numba JIT compiler
US10333699B1 (en) Generating a pseudorandom number based on a portion of shares used in a cryptographic operation
McGinthy et al. Session key derivation for low power IoT devices
Wazi et al. A secure image cryptosystem via multiple chaotic maps
Tamilselvi et al. Image encryption using pseudo random bit generator based on logistic maps with radon transform
Xu et al. Dynamical System in Chaotic Neurons with Time Delay Self‐Feedback and Its Application in Color Image Encryption

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19734490

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19734490

Country of ref document: EP

Kind code of ref document: A1