The "randomness" is generated by reverse biasing an NPN transistor and producing entropy from the amplified "ticks" produced.  These ticks occur when electrons pass through the band gap and exit the base via quantum tunneling.  As we currently understand quantum physics, this process is entirely random and cannot be externally influenced.

By applying voltage in the wrong direction, we're essentially saturating the emitter side of the transistor.  Ideally we apply as much voltage as the transistor can take without shorting through the gap in conductivity created by an inactivated base.  Quantum tunneling allows for those electrons to randomly disappear in one place and reappear in other ("jump") with distance inversely proportional to probability.  In other words, long jumps happen far less frequently than short ones.  When one manages to jump far enough to make it across the base layer's band gap, it exits via the base pin and is sent into a pair of transistors set up as an amplifier to produce a usable signal.

Audiophiles may recognize this is a "white noise" generator circuit...and they would be correct; however, instead of feeding the signal into a mixer, we'll be converting it into binary and sending it to a computer. (That's what "white" noise is - random and across the entire frequency range.)


While it may be possible to tune the circuit to provide a nice clean 50/50 distribution of 1's and 0's, it is cryptographically just as good (and far easier) to debias the data stream algorithmically. The entropy, or "randomness", in the data is not reduced but it now lacks the increased predictability inherent to a biased stream.  Debiasing is performed by the PIC using Bruce Schneier's method from Applied Cryptography 2nd Ed. (p.425)  Two samples are taken from the input with a fixed delay in between.  The samples are XORed together and, if the result is 0, the samples are ignored and new ones obtained.  If the result is 1 then either the 1st or the 2nd bit is sent as entropy output. (Same position each time)


You won't see as high a data rate with a debiased stream as with a pure one but you usually don't need one.  The output is typically used to "seed" a psuedo-RNG which can produce arbitrary amounts of random-like data algorithmically.  This is what is typically used by modern computers with seeding data obtained from places difficult to predict or monitor remotely such as CPU temperature or local network traffic.  As long as the seed state of the PRNG is not known then its output can be trusted; however, by seeding it with truly random data, we strengthen its output from "probably safe" to "almost certainly safe".  (I say almost because weaknesses in the PRNG algorithm itself are always a possibility.)


Last Revised 30-Dec-2021