Jump to content

Recommended Posts

well long story short...  

 

emerge haveged

/etc/init.d/haveged start

 

but, word around the camp fire is this is not as cryptographic secure as a true random number generator, or as fast as a hardware rng.  what other options do i have?

 

my northbridge is nvidia...

https://developer.nvidia.com/cuRAND

 

on gpu rng would be sweet.

 

rng-tools = rngd hardware rng entropy gathering daemon

 

 

mkultra@spaceball-1 ~ $ zcat /proc/config.gz | grep -i rng
CONFIG_CRYPTO_RNG=y
CONFIG_CRYPTO_RNG2=y

 

* in kernel psuedo rng....
# CONFIG_CRYPTO_ANSI_CPRNG is not set

 

* probably the one i need to access amd rng if i have a hardware rng
# CONFIG_CRYPTO_USER_API_RNG is not set

 

mkultra@spaceball-1 ~ $ zcat /proc/config.gz | grep -i rand
CONFIG_ARCH_RANDOM=y
CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y
CONFIG_HW_RANDOM=y
CONFIG_HW_RANDOM_TIMERIOMEM=m
CONFIG_HW_RANDOM_INTEL=m
CONFIG_HW_RANDOM_AMD=m
CONFIG_HW_RANDOM_VIA=m

 

eh eh?!?!?  im starting to doubt that my processor has a rng built into it.

 

 

haveged = havege alg rng, needs patching/forking

clrngd = hardware clock rng, needs documenting, chews on the processor when entropy is low.

audio-entropyd = sound card static rng, these need rebuilding so that entropy security checks are disabled.

audio-entropyd -d hw:0 -s

-s removes checks to ensure randomness, and speeds things up

 

video-entropyd = video static rng...  out of the tree, needs patching to disable security checks, needs patching in general. 

timer_entropyd = timer rng, very old, probably needs patching....

 

check entropy available, cat /proc/sys/kernel/random/entropy_avail

 

dev-haskell/entropy = no, not what im looking for

 

https://github.com/pwarren/rtl-entropy

 

 

when entropy + entropy + entropy are added they become more secure, not less even if 1 or two are cracked.  if 1 is cracked and runs 100x quicker than the others you're not secure.

 

that being said, i think my personal best option for hwrng is the video card:

code http://www.cs.ucl.ac.uk/staff/W.Langdon/ftp/gp-code/random-numbers/cuda_park-miller.tar.gz

 

or a hacked smoke detector.

 

i need to learn to program so i can make firewire rng, wifi rng, ethernet rng, fan speed rng? =P  

 

so ive settled on fortuna cprng, its what several bsd distros and macos use by default for /dev/random

 

https://github.com/ryco117/Fortunai can get this to build and send out random data, but its primitive.  it only outputs files, doesnt check entropy pool @ /dev/random doesnt have a deamon, none of it...

 

rngtest: bits received from input: 25600000
rngtest: FIPS 140-2 successes: 1279
rngtest: FIPS 140-2 failures: 0

 

however it does generate 25 million bits in less than a minute that are secure.

 

dieharder -f out.txt -a is running all tests against the entropy i just generated with this.

 

http://www.labtestproject.com/linuxcmd/chsh.html

 

this is really becoming a log of stuff to add to the wiki

 

http://sourceforge.net/projects/prngd/files/prngd/0.9.29/

http://sourceforge.net/projects/egd/files/egd/

 

rngd is being a piece of trash over tpm...  new goodies?

http://sourceforge.net/projects/tpm-emulator.berlios/

app-crypt/tpm-tools
TrouSerS' support tools for the Trusted Platform Modules

 

rngd works fine on my laptop, since the desktops also mostly the same hardware just newer stuff i figured it would stream out tons of rng goodness but doesnt.  guess ill just have to get the tpm emulator going

 

 

below floods dir with random images

ffmpeg -f rawvideo -video_size 400x320 -pixel_format yuv420p -framerate 1 -i /dev/random -ac 1 -f s16le -i /dev/random -pix_fmt yuv420p output%03d.jpg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...