Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
/dev/random
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Entropy injection === Gutterman, Pinkas, & Reinman in March 2006 published a detailed cryptographic analysis of the Linux random number generator<ref>{{cite web |last1=Gutterman |first1=Zvi |last2=Pinkas |first2=Benny |last3=Reinman |first3=Tzachy |date=2006-03-06 |title=Analysis of the Linux Random Number Generator |url=http://www.pinkas.net/PAPERS/gpr06.pdf |url-status=live |archive-url=https://web.archive.org/web/20081003041432/http://www.pinkas.net/PAPERS/gpr06.pdf |archive-date=2008-10-03 |access-date=2013-07-03}}</ref> in which they describe several weaknesses. Perhaps the most severe issue they report is with [[embedded system|embedded]] or [[Live CD]] systems, such as routers and [[diskless node|diskless clients]], for which the bootup state is predictable and the available supply of entropy from the environment may be limited. For a system with non-volatile memory, they recommend saving some state from the RNG at shutdown so that it can be included in the RNG state on the next reboot. In the case of a router for which network traffic represents the primary available source of entropy, they note that saving state across reboots "would require potential attackers to either eavesdrop on all network traffic" from when the router is first put into service, or obtain direct access to the router's internal state. This issue, they note, is particularly critical in the case of a wireless router whose network traffic can be captured from a distance, and which may be using the RNG to generate keys for data encryption. The Linux kernel provides support for several [[hardware random number generator]]s, should they be installed. The raw output of such a device may be obtained from {{mono|/dev/hwrng}}.<ref>{{cite web | url=http://processors.wiki.ti.com/index.php/Cryptography_Users_Guide | title=Cryptography Users Guide | date=2013-06-04 | publisher=[[Texas Instruments]] | access-date=2013-07-03 | archive-date=2018-04-16 | archive-url=https://web.archive.org/web/20180416073524/http://processors.wiki.ti.com/index.php/Cryptography_Users_Guide | url-status=dead }}</ref> With Linux kernel 3.16 and newer,<ref>{{cite web|url=https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be4000bc4644d027c519b6361f5ae3bbfc52c347|title=kernel/git/torvalds/linux.git - Linux kernel source tree @ be4000bc4644d027c519b6361f5ae3bbfc52c347 "hwrng: create filler thread"|website=Git.kernel.org|access-date=18 October 2016}}</ref> the kernel itself mixes data from [[hardware random number generator]]s into {{nowrap|{{mono|/dev/random}}}} on a sliding scale based on the definable entropy estimation quality of the HWRNG. This means that no userspace daemon, such as {{mono|rngd}} from {{mono|rng-tools}}, is needed to do that job. With Linux kernel 3.17+, the VirtIO RNG was modified to have a default quality defined above 0,<ref>{{cite web|url=https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34679ec7a0c45da8161507e1f2e1f72749dfd85c|title=kernel/git/torvalds/linux.git - Linux kernel source tree @ 34679ec7a0c45da8161507e1f2e1f72749dfd85c "virtio: rng: add derating factor for use by hwrng core"|website=Git.kernel.org|access-date=18 October 2016}}</ref> and as such, is currently the only HWRNG mixed into {{nowrap|{{mono|/dev/random}}}} by default. The entropy pool can be improved by programs like {{mono|timer_entropyd}}, {{mono|haveged}}, {{mono|randomsound}} etc. With {{mono|rng-tools}}, [[hardware random number generator]]s like ''Entropy Key, etc.'' can write to {{nowrap|{{mono|/dev/random}}}}. The [[diehard tests]] programs {{mono|diehard}}, {{mono|dieharder}} and {{mono|ent}} can test these random number generators.<ref>{{cite web |url=http://www.vanheusden.com/te/timer_entropyd-0.1.tgz |title=?? |website=Vanheusden.com |access-date=2016-10-23 |archive-url=https://web.archive.org/web/20130921054659/http://www.vanheusden.com/te/timer_entropyd-0.1.tgz |archive-date=2013-09-21 |url-status=dead }}</ref><ref>{{cite web|url=https://code.google.com/p/dieharder/|title=Google Code Archive for dieharder|website=Code.google.com|access-date=18 October 2016}}</ref><ref>{{cite web|url=http://stat.fsu.edu/pub/diehard/|title=The Marsaglia Random Number CDROM including the Diehard Battery of Tests of Randomness|website=Stat.fsu.edu|access-date=2016-10-23|archive-url=https://web.archive.org/web/20160125103112/http://stat.fsu.edu/pub/diehard/|archive-date=2016-01-25|url-status=dead}}</ref><ref>{{cite web|url=https://www.gnu.org/software/hurd/user/tlecarrour/rng-tools.html|title=rng-tools|website=Gnu.org|access-date=2016-10-23}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)