Difference in output streams.
Bryan Duffy
Bryan88 at yahoo.com
Sun Nov 13 18:08:57 GMT 2011
> Thank you.
>
> I now understand. After further inspection, my motherboard is equipped with an AMD-8111 chipset which has some sort of a TRNG built in. Either I had never noticed /dev/hwrng in prior Ubuntu releases or this is the first release where the node was created. That is not related to entropy key, but I just first noticed while poking around the /dev/ directory for the new entropy key entries.
>
> I have the dieharder package and libs installed, so I will see how the AMD-8111 chipset /dev/hwrng numbers do compared with /dev/random + Entropy Key
>
> I really like the entropy pool being kept full by the entropy key.
>
> Thank you for all of the help.
> Bryan
>
> From: Rob Kendrick <rjek at simtec.co.uk>
> To: entropykey-users at lists.simtec.co.uk
> Cc: Entropy Key Support <ekey at simtec.co.uk>
> Sent: Sunday, November 13, 2011 6:02 AM
> Subject: Re: Difference in output streams.
>
> On Sat, Nov 12, 2011 at 04:07:48PM -0800, Bryan Duffy wrote:
> > Have the Entropy Key installed and working on Ubuntu 11.10 with no apparent problems. Question about the
> > output from the various data streams available on the device sockets.
> >
> > In Linux without an entropy key /dev/random is "blocked" and released in chunks from the entropy pool as entropy is available and /dev/urandom is not blocked and is a basically a PRNG that is rekeyed (not sure how often) from the entropy pool.
> >
> > With the Entropy Key I notice there are 4 data streams:
> > 1. The new /dev/tty???? has encrypted/armoured data from the key to the entropyd,
> > 2. /dev/random seems to function the same as before, but much faster due to the Entropy Key,
> > 3. /dev/urandom seems to function from a PRNG as before, but I would assume it is getting rekeyed much more frequently, so the data should be of a better quality (is that a fair assumption?).
> > 4. /dev/hwrng which is producing data at about 4 times as fast as /dev/random.
>
> The TTY is simply the communications channel; a lot more goes over it
> than just entropy: has authentication and status information, etc.
>
> Both /dev/random and /dev/urandom share the same "pool". The difference
> is that /random blocks when that pool reaches a low watermark, and
> /urandom remixes what it already has when the pool reaches that
> watermark. This means that if the pool has enough data in it, both
> device node provide real, true entropy. With an entropy key, this means
> that /urandom almost always provides this.
>
> /hwrng is a hang-over from kernel-based RNG hardware drivers that don't
> inject into the pool that /random and /urandom use. Its performance
> varies depending on what hardware you have, and the quality of the
> output will be unknown due to none of the careful mixing and management
> that the pools for /random and /urandom perhaps not taking place.
>
> > What are the entropy qualities of these devices with Entropy Key installed?
>
> /random and /urandom are very high quality regardless of the source of
> entropy that are fed to them. The Entropy Key simply makes sure they're
> constantly fed with good data to start with, which helps /random not to
> block and /urandom to be a real RNG most of the time.
>
> > Which ones are truly random and which are rapidly keyed PRNGs?
>
> /urandom is the only "PRNG", and it is only a PRNG when the pool is low
> on entropy (see the contents of /proc/sys/kernel/random/entropy_avail; I
> believe the default low watermark for when urandom becomes a PRNG is
> 128.). Otherwise, both /random and /urandom produce real random
> numbers. I don't believe any rekeying happens there as such: my
> understanding of its inner workings is that it essentially becomes a
> stream cipher using the data already passed through it as the key.
>
> > Is /dev/hwrng direct output from the entropy key (after decrypting) or does it get modified by the kernel in some other way (mixed/rehashed)?
>
> /dev/hwrng has nothing to do with the Entropy Key. If you want direct
> output from the Entropy Key, you can configure ekeyd to dump the output
> to file or configure it to run in EGD server mode and write a small
> client to request data from it. See the configuration file in
> /etc/entropykey/
>
> > Lastly, why (maybe it's just my machine) does the /dev/hwrng output data about 4 times as fast as /dev/random if they are both being supplied by the same source of purely random data? Shouldn't they be similar is rate.
>
> As I said above, it's probably that they're not related at all; they're
> two totally different systems. /hwrng may be being provided by a system
> (such as a TPM, or other on-board device) that is not being as thorough
> in their paranoia or security as the Entropy Key or /random. It's also
> possible that the hardware that is feeding /dev/hwrng is faster: the
> Entropy Key is engineered with absolute performance as a concern that
> comes after security/correctness and price point.
>
> > I was hoping that someone could comment on these questions, and whether or not /dev/hwrng is suitable for cryptographic keys or should I stick with /dev/random?
>
> I would stick with /random, as it is a known quantity and very difficult
> to get bad results out of it, even if you wrote a program that
> constantly shoved zeros into it. If it is not fast enough for your
> needs and you have no idea what is feeding /hwrng or its quality, then
> use /random to frequently rekey a good crytographic PRNG.
>
> --
> Rob Kendrick, Support Team Lead Simtec Electronics
> Telephone: +44 (0)1772 978013 Avondale Drive, Tarleton
> Fax: +44 (0)1772 816426 Preston, Lancs, PR4 6AX, UK
> http://www.simtec.co.uk/ mailto:rjek at simtec.co.uk
>
> _______________________________________________
> EntropyKey-users mailing list
> EntropyKey-users at lists.simtec.co.uk
> http://lists.simtec.co.uk/cgi-bin/mailman/listinfo/entropykey-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.simtec.co.uk/pipermail/entropykey-users/attachments/20111113/6dd00730/attachment.html>
More information about the EntropyKey-users
mailing list