[Gllug] Questions arising from the random discussions...
Nix
nix at esperi.org.uk
Mon Aug 2 23:16:40 UTC 2010
On 2 Aug 2010, Walter Stanish said:
>> So, where does the stream for /dev/random and /dev/urandom come from and
>> what's the difference?
>>
>> Pointers and continued ramblings most welcome
>
> It may be of interest to read Documentation/hw_random.txt in /usr/src/linux
That's about Linux's support for *hardware* random number generators (that
is to say, those that need direct kernel support).
'man 7 random' is more directly relevant.
> Theory of operation:
>
> CHARACTER DEVICE. Using the standard open()
> and read() system calls, you can read random data from
> the hardware RNG device. This data is NOT CHECKED by any
> fitness tests,
Well, there is one really *useful* and *powerful* test. If you compile
the kernel with CONFIG_CRYPTO_FIPS *and* boot with the fips=1 kernel
parameter (or flip the appropriate flag under /sys), you get the awesome
statistical power of memcmp() applied to each piece of entropy extracted
to make sure it's not exactly the same as the last lot. I can't imagine
a situation in which this was the case (a really broken hardware device
flooding the pool with megabytes of identical noise might do it, but
you'd think the SHA-1 mixing would preclude it).
I think the tests the entropy key does on its random noise are a little
more rigorous (but have no direct evidence for this, not having seen the
microcode the embedded CPU is running).
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list