Jump to content
Read the Funtoo Newsletter: Summer 2023 ×

speeding up /dev/random

Recommended Posts

well long story short...  


emerge haveged

/etc/init.d/haveged start


but, word around the camp fire is this is not as cryptographic secure as a true random number generator, or as fast as a hardware rng.  what other options do i have?


my northbridge is nvidia...



on gpu rng would be sweet.


rng-tools = rngd hardware rng entropy gathering daemon



mkultra@spaceball-1 ~ $ zcat /proc/config.gz | grep -i rng


* in kernel psuedo rng....


* probably the one i need to access amd rng if i have a hardware rng


mkultra@spaceball-1 ~ $ zcat /proc/config.gz | grep -i rand


eh eh?!?!?  im starting to doubt that my processor has a rng built into it.



haveged = havege alg rng, needs patching/forking

clrngd = hardware clock rng, needs documenting, chews on the processor when entropy is low.

audio-entropyd = sound card static rng, these need rebuilding so that entropy security checks are disabled.

audio-entropyd -d hw:0 -s

-s removes checks to ensure randomness, and speeds things up


video-entropyd = video static rng...  out of the tree, needs patching to disable security checks, needs patching in general. 

timer_entropyd = timer rng, very old, probably needs patching....


check entropy available, cat /proc/sys/kernel/random/entropy_avail


dev-haskell/entropy = no, not what im looking for





when entropy + entropy + entropy are added they become more secure, not less even if 1 or two are cracked.  if 1 is cracked and runs 100x quicker than the others you're not secure.


that being said, i think my personal best option for hwrng is the video card:

code http://www.cs.ucl.ac.uk/staff/W.Langdon/ftp/gp-code/random-numbers/cuda_park-miller.tar.gz


or a hacked smoke detector.


i need to learn to program so i can make firewire rng, wifi rng, ethernet rng, fan speed rng? =P  


so ive settled on fortuna cprng, its what several bsd distros and macos use by default for /dev/random


https://github.com/ryco117/Fortunai can get this to build and send out random data, but its primitive.  it only outputs files, doesnt check entropy pool @ /dev/random doesnt have a deamon, none of it...


rngtest: bits received from input: 25600000
rngtest: FIPS 140-2 successes: 1279
rngtest: FIPS 140-2 failures: 0


however it does generate 25 million bits in less than a minute that are secure.


dieharder -f out.txt -a is running all tests against the entropy i just generated with this.




this is really becoming a log of stuff to add to the wiki





rngd is being a piece of trash over tpm...  new goodies?


TrouSerS' support tools for the Trusted Platform Modules


rngd works fine on my laptop, since the desktops also mostly the same hardware just newer stuff i figured it would stream out tons of rng goodness but doesnt.  guess ill just have to get the tpm emulator going



below floods dir with random images

ffmpeg -f rawvideo -video_size 400x320 -pixel_format yuv420p -framerate 1 -i /dev/random -ac 1 -f s16le -i /dev/random -pix_fmt yuv420p output%03d.jpg

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...