This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: /dev/random does not block, emits poor entropy


On Sep 19 01:55, starlight.2013z3@binnacle.cx wrote:
> For contrast, here is a 'rngtest' run against a
> 3.1.8 Linux kernel with /dev/random enhanced by
> the output of a STMicroelectronics ST33 TPM PRNG
> (via 'rngd' v4).
> 
> bits received from input: 62380032
> FIPS 140-2 successes: 3115
> FIPS 140-2 failures: 4
> FIPS 140-2(2001-10-10) Monobit: 0
> FIPS 140-2(2001-10-10) Poker: 0
> FIPS 140-2(2001-10-10) Runs: 3
> FIPS 140-2(2001-10-10) Long run: 1
> FIPS 140-2(2001-10-10) Continuous run: 0
> input channel speed: (min=21.119; avg=42.165; max=136.844)Kibits/s
> FIPS tests speed: (min=41.374; avg=104.495; max=107.154)Mibits/s
> Program run time: 1445.324494 seconds
> 
> That's three bit runs and one long bit run
> in close to 8MB of random data.

Ok, let's compare that with the results of Cygwin's /dev/random as you
posted in your previous mail:

rngtest: bits received from input: 3088523264
rngtest: FIPS 140-2 successes: 154295
rngtest: FIPS 140-2 failures: 131


The # of bits received from input is about 49.5 times higher than what
you got from Linux' /dev/random.  So the number of events should be
divided by 49.5 for a fair comparison, right?  Lazily rounded up
I get:

                                         Linux   Cygwin/49.5
bits received from input:             62380032    62394409.4
FIPS 140-2 successes:                     3115        3117.1
FIPS 140-2 failures:                         4           2.7

The failure rate is better than on Linux.  That doesn't look bad to me.
Am I missing something?

Nevertheless I now added code to reseed the OS PRNG after each run of
512 bytes for the /dev/random emulation.  This results in even better
numbers for the price of slowing down access to /dev/random, which is
not much of a problem compared to the blocking behaviour of Linux'
/dev/random.  The new results with /dev/random are now along the
lines of:

  rngtest: bits received from input: 3059180032
  rngtest: FIPS 140-2 successes: 152857
  rngtest: FIPS 140-2 failures: 102
  [...]

which is another ~30% better result.  That should be sufficient, IMHO.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpOPBKYA4ceV.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]