Wednesday, 29 October 2014

Part One: Airspy NOS - Questions and Answers

Today (2014-10-29) the Airspy, was available for pre-order. And I thought that I would do the same thing that I did for the HackRF One. That I would try and keep a track of any questions that I see asked on IRC and the answers given.

I though that I would make a quick log of the problems, queries along with their corresponding solutions and suggestions. And add a few extra notes of my own, if I am able. I have removed all sources of questions and answers to protect peoples privacy (what little is left of it these days).

If you are currently scratching your head, because you have never heard of an Airspy before, then you should probably go to the Airspy website.

I'll probably sort these random questions and answers into some sort of logical order when there is enough of them, Hardware, Software, GNU Radio, RF fundamentals, .... but for now I'll just leave them mixed up higgledy-piggledy in the order that I saw them asked.

Question   1: "External clock input (10 MHz to 100 MHz via MCX connector) – Ideal for phase coherent radios” what is the expected voltage ? 
Answer     1: The Clock Input for the Airspy is described on page 5 of the of Si5351C datasheet.
It is 3.3v CMOS voltage levels so, low is below 0.8v (min -0.1v) and high is over 2.0v (max 3.6v). So either a square wave or sine wave that meets this criteria. Almost anything will drive it if the voltage is less than 3.6 V P-P and more than about 2.5 V P-P if it is applied to the CLKIN pin with a series capacitor, a 100k to ground, and a roughly 100k to 3.3 volts.
Extra info  1: So a 0v to 3v square/sine wave at 10MHz would tick all the boxes, and be a good clock source. The Airspy already has a pretty good crystal in it, a 1.5 ppm, low phase noise clock. It may not be perfect for some things but it is a good clock. 

Question   2: "Airspy NOS R0 03 Aug 2014" is written on the PCB silkscreen, what exactly does NOS stand for ?
Answer     2: Nest of Spies.

Question   3: What is the input impedance of the Airspy SMA antenna port ?
Answer     3: 50 ohms

Question   4: What is maximum current that the "4.5v Bias-Tee to pwoer LNA’s and up/down-converters" can use ?
Answer     4: USB 2.0 provides a maximum of 500mA at 5 volts. The Airspy uses less than 400mA at 5 volts (2W), so that would mean that at 4.5 volts in theory the maximum Bias-Tee current would be 111mA (500mW), but there are conversion losses so it is probably closer to 100mA. If more power than this is required then a micro USB Y cable could be used with an external power supply to provide more than 500mA at 5 volts. BiasT LNA's, typically, are at a maximum 250mA for 4.5V (1.125W). So Y cable is probably required, depending on the extra hardware that needs to be powered.
Extra info  4: From http://airspy.com/wp-content/uploads/2014/11/AirSpy_NOS_PinAssignment.jpg the LDO in the Airspy could provide 250mA at 4.5 volts if a Y cable is used to increase the input power. Provided the USB ports on the computer (or external power supply) can provide enough input power.

Question   5: What is the maximum safe input power before you start to damage the Airspy. For example people are breaking the pre-amp in their HackRF One (by enabling it) and pushing more than -5dBm into it (0.1257 volt RMS).
Answer     5: May be 10 dBm (0.7071 Volt RMS) would cause physical damage, for safety stay below 0dBm (0.2236 Volt RMS).

Question   6: What is the input voltage range for ADC IN1(P9) and ADC IN2(P8) ? The LPC4370 datasheet gives the 12-bit ADCHS input as 800mV peak-to-peak in a band from 0 V to 1.2 V. So what is the band, or is the DC offset removed by input circuit and all I need to worry about is the 0.8 volt peak-to-peak ?
Answer     6: 0.8v pp centered around 0.8v

Question   7: There are three gains in the Airspy IF(VGA), Mixer and LNA, what is the best way to use these for optimal results ?
Answer     7: Set the IF(VGA) to 5, the Mixer to 10 and optimize the LNA for the best SNR (the difference between the top of the signal and the noise floor). Then adjust the IF(VGA) so the noise floor stays at -80dBFS, then use the Mixer gain for fine tuning the gain.


Question   8: How do I convert an iq file created by the airspy_rx command into a cfile ?
Answer     8: If we assume that a sample type of "-t 2" (the default) was used with the airspy_rx capture command. Then the following gnuradio flow graph, (similar to the one used by the HackRF One) will convert a default Airspy capture file to a valid cfile.

Question   9: How can I check if my external clock has been selected by the Airspy ?
Answer     9: If you read a document called Si5315 AN619, the answer is hidden within it. You can use the following command "airspy_si5351c -n 15 -r" if bits 2 and 3 are 0 (0x00) then the internal TCXO is active, if bits 2 and 3 are 1 (0x0c) then the CLKIN is active. Or a different register could be used
"airspy_si5351c -n 0 -r". If bit 4 is 0 (0x01) it is locked to an external clock and if it is 1 (0x11) it is not locked to an external clock and is using the internal TCXO.
 

Monday, 27 October 2014

Part One: Time for custom OTP generation hardware ?

I have been looking at how to generate good random numbers and also at the Raspberry Pi's maximum data throughputs rates using wifi (9.9MiB/s), ethernet (11.2MiB/s) and disk (22MiB/s). The Raspberry Pi is good at some things, but it is not very good at moving large amounts of data about really fast. If it was I'd probably look at some way of generating good random numbers and transferring in the data in via the GPIO pins. But even doing this, the GPIO pins have a limit of about 10MHz maybe, some testing would need to be done to see if this could work or if the data rate could be pushed higher (use more pins to transfer more bits in parallel).

I looked into using the BeagleBone Black, but it also only has 10/100 Ethernet (circa 11.2MiB/s). And if I made a custom board with the 324 BGA single core 720MHz-1GHz  Cortex-A8 CPU it probably would not have enough oomph to fully saturate the gigabit built into the TI AM3359 CPU. OK, even if it could generate OTP data at a gigabit per second rates, I could not easily push it to a disk at that rate, so maybe the chip is good enough. It does include a RNG Crypto Hardware Accelerator (/dev/hwrng), but I trust that about as much as I would trust the similar RNG in the Raspberry Pi. The AM3359 does have a 12-bit ADC 200KSPS inbuilt but that would be too slow to sample a noise source for random numbers to generate random numbers at any decent rate. And the chip are a little bit on the expensive side as well:
AM3359ZCZD72  1+ @ €31.47; 15+ @ €29.11; 50+ @ €27.14; 100+ @ €26.45 (April 2014).
AM3359BZCZA80 1+ @ €47.48; 10+ @ €45.20; 25+ @ €42.53; 50+ @ €40.11 (April 2014).
AM3358BZCZ672 1+ @ €39.60; 10+ @ €37.08; 25+ @ €34.98; 50+ @ €31.06 (April 2014).
AM3358BZCZ100 1+ @ €46.84; 10+ @ €44.61; 25+ @ €41.97; 50+ @ €39.59 (April 2014).
AM3357BZCZA80 1+ @ €41.97; 10+ @ €39.97; 25+ @ €37.60; 50+ @ €35.48 (April 2014).

Refer to "8.1.2 Device Nomenclature" in the AM335x datasheet for the exact meaning of the Suffix's.

The Airspy project is using a  LPC4370 ARM CPU which is slow at only 204MHz in comparison to a TI AM3359, but it does have one very nice feature a 12-bit 80MSPS ADC. It also has three ARM  cores a Cortex-M4 and two Cortex-M0's.There is a 100 BGA chip with 3 multiplexed ADC channels or a 256 BGA chip with 6 multiplexed ADC channels.
LPC4370FET100 1+ @ €10.77; 10+ @  €9.46; 25+ @ €8.43 ; 50+ @ €7.19 (April 2014)
LPC4370FET256 1+ @ €14.85; 10+ @ €12.97; 25+ @ €11.58; 50+ @ €9.86 (April 2014)

The airspy project was spawned into existence by the HackRF project which originally used a LPC4330,  well now a LPC4320 (no need to 10/100 Ethernet). This chip has the advantage of not being a BGA device, it is a 144 pin QFP, but the data, in the case of the HackRF One,  is transferred from a separate ADC to the ARM using SGPIO.

LPC4320FBD144,551 1+ @ €8.78; 10+ @ €7.55; 50+ @ €6.19; 100+ @ €4.20 (April 2014)
LPC4330FBD144,551 1+ @ €9.89; 10+ @ €8.50; 50+ @ €6.98; 100+ @ €4.43 (April 2014)


The complexity of using SGPIO and the cost of a separate high speed ADC using a LPC4320, makes the  LPC4370 with its inbuilt 80MSPS ADC look like the best overall cheapest solution for what I want to do.

The fact that the Airspy has a 80dB Spurious-free dynamic range that I could use this to amplify the noise signal from a reverse biased zanier diode or a npn transistor acting as a  germanium diode is nice. Because the noise signal needs about 40dB of gain to be usable. One problem with using the Airspy is that it is only sampling at 20MSPS and not 80MSPS. But as a open software test platform, that could be used to see if making a dedicated board with the LPC4370 BGA chip is feasible or not and it is a good easy first step. The Airspy will have two high speed ADC inputs (using a u.FL connector) for the two spare multiplexed ADC channels on the 100 BGA chip. After the initial tests these ADC ports could be used with a custom firmware to test sampling at 80MSPS, 40MSPS per channel from two shielded secure noise sources.

The main advantage of doing some testing using an Airspy would be not having to design and build a fully custom development board with this 100-256 BGA chip. Ok in the short term it may cost a bit more, but if it does not work I would still have a very useful SDR receiver. Unfortunately there is no way to push more then about 40MiB/sec through USB 2.0. So even though I could be sampling 80MSPS at 12bits (120MiB/sec), I would need to concentrate this entropy by a factor of three. And that is provisional on there being enough spare CPU headroom available to do so before transferring the sampled noise to a PC. The fact that the chip supports SIMD (ARM NEON) may make this just about possible with a good pinch of lateral thinking.


Tuesday, 21 October 2014

What is a OTP ?




A One Time Pad is a sequence of random bits. If used correctly, the one-time pad encryption is unbreakable.  The OTP or key must be random, as large as the plaintext, never reused in whole or part and kept secret.

Pros

  • unbreakable security.
  • Almost all methods for encryption today is based on the assumption that the universe will end long before the decryption can be brute forced using computing power and maths theory available now. This assumption may be wrong with the invention of quantum decryption computers, where all solutions are evaluated at once and the correct solution is resolved when the wave function is collapsed. Post publicly/privately available quantum decryption computers, OTP should still be secure if the source of the randomness is from nature.

Cons

  • High-quality random numbers are not easily generated. Even when generating the random numbers care must be taken to prevent them from being copied.
  • Distribution of OTP key basically requires a secure physical handover.
  • Access, securing and controlling who can use the OTP may not be easy.
  • Destruction of used keys may not be easy, most storages devices remove pointers to data for speed. Secure Digital cards and Solid-State drives will almost never overwrite old data, because this will  shorten the lifetime and performance of the storage device. And the written wear levelling algorithms which maintain the  3,000 to 5,000 block write cycle limit before failure of flash/SSD storage may remap blocks. And this means that even though you think that you are overwriting the same block you may actually be, and probably are, overwriting a totally different block.
  • Authentication, if the OTP was duplicated, there is no way to tell if fake messages were sent/received.
  • It is often described as unpractical, because it requires the same amount of key material as the data being transmitted.

Generation

The good

So what quantum sources are available for generating high quality random numbers.
  • Nuclear decay, when heavy atoms split into lighter elements they eject either alpha, beta or gamma radiation, or some combination. The half-life for each radioactive element is totally predictable but the actual timing of the decay events in between each half-life is totally random.
  • Shot noise, when electrons flow from one point to another in a circuit the number of electrons is not constant this is because of the discrete nature of electric charge. For instance 1 ampere of current consists of about 6.24×10^18 electrons per second; even though this number will randomly vary by several billion in any given second, such a fluctuation is minuscule compared to the current itself. The variation is temperature and frequency independent.
  • Photons, when large numbers of photons travel from one point in space to another the number of photons is not constant this is because of the discrete nature of photons. The variation is temperature and frequency independent.
  • Spontaneous parametric down-conversion  One photon enters a crystal, two photons leave, each with lower energy energy/frequency.
  • Band gap tunnelling electrons. You have a gap, you have electrons, every now and again random electrons jumps the gap.

Probably the most trusted source of  random numbers is from the timing of radioactive decay events. But even a highly radioactive isotope like C├Žsium-137 can only generate about 100 bytes a second, using four counts to generate each bit. To fill a 3TB harddisk at that rate would take about 950 years using only one generator. With a two year warranty on most 3TB harddisks today, it would have failed when the disk was still nearly empty.

The not so bad (maybe)

Non-quantum sources are also available for generating random numbers.

  • Thermal noise from a resistor, amplified to provide a random voltage source.
  • Avalanche noise generated from an avalanche diode, or Zener breakdown noise from a reverse-biased Zener diode.
  • Atmospheric noise, echoes from the big bang and RF generated by lightening strikes

  And the ugly

Some commercial hardware for generating random numbers may, or may not, use a good high quality quantum source for their randomness. They then may either feed this into a hashing algorithm (SHA1, MD5, Whirlpool) to whiten/de-bias the randomness or feed it in as the seed to a deterministic random bit generator first before feeding it into a hashing algorithm to generate more random numbers per second. These modifications have the artificial effect of making the random numbers that are output pass FIPS 140-2 Annex C and Diehard tests for randomness.

Also with no access to the real random source it is impossible to detect if any external influence is biasing it's output to mostly all ones or all zeroes. Say Eve is modifying the electricity supply phase/voltage/waveform or changing the temperature/pressure of the environment of the device or zapping it with high energy electromagnetic waves, or even a beam of neutrons, anything to bias the output towards ones or zeroes.

Storage

Never on a SSD, unless the SSD is 99.99% full at all times. Spinning rust (AKA harddisk) still offers may advantages in securing a OTP over Solid State Drive technology. The biggest of which is the ability to fully destroy used pad.

Transfer

When a transfer happens it should be a two way exchange. The reason for a two way exchange is to avoid the same two people communicating with each other using the same communal pad. One pad means that if both parties independently decided to communicate at the same time a collision would occur, where the same pad is used twice. Where as if Alice has a pad (from Bob), that is only used in only sending messages to Bob, and Bob has a pad (from Alice) that is only used in sending messages to Alice, then the same pad can not be accidentally used twice. And in using two (or more) independent OTP's  this removes any requirement for an independent, secure,  communications channel is required to synchronise the usage of a single OTP.

Correct Use

Correct use of a OTP requires the following:
  • The OTP consists of real random numbers.
  • Only two copies of the OTP exist (sender and receiver).
  • Each OTP is used only once.
  • Each copy of a OTP is destroyed immediately after use.
Method
A previously prepared OTP key is combined one bit at a time with the plaintext message to produce the ciphertext. To decipher the ciphertext, the same key would be again combined character by character, producing the plaintext.
XOR Truth Table

pi@raspberrypi ~ $ echo -n 'Hello World!' | xxd -b
0000000: 01001000 01100101 01101100 01101100 01101111 00100000  Hello
0000006: 01010111 01101111 01110010 01101100 01100100 00100001  World!                                     .
 
pi@raspberrypi ~ $ dd if=/dev/random bs=1 count=12 2>/dev/null | xxd -b
0000000: 11010101 00001110 10111111 01110001 10001010 10010100  ...q..
0000006: 00100110 01010001 01100101 10110101 10101110 11010100  &Qe...
 
pi@raspberrypi ~ $

   SENDING
   -------
   message: 0 1 0 0 1 0 0 0 0 1 1 0 0 1 0 1 ...
   OTP:     1 1 0 1 0 1 0 1 0 0 0 0 1 1 1 0 ...
   XOR      -----------------------------------
   cipher:  1 0 0 1 1 1 0 1 0 1 1 0 1 0 1 1 ...

   RECEIVING
   ---------
   cipher:  1 0 0 1 1 1 0 1 0 1 1 0 1 0 1 1 ...
   OTP:     1 1 0 1 0 1 0 1 0 0 0 0 1 1 1 0 ...  
   XOR      -----------------------------------
   message: 0 1 0 0 1 0 0 0 0 1 1 0 0 1 0 1 ...