Home Forums TrueRNG Hardware random number generator Speed of /dev/random with and without TrueRNG

This topic contains 0 replies, has 1 voice, and was last updated by  Netson 5 years, 7 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #2151

    Netson
    Member

    Hi, my TrueRNG just arrived today and I’ve been playing around with it.

    I’m running the following system:

    
    Distributor ID:	LinuxMint
    Description:	Linux Mint 18.3 Sylvia
    Release:	18.3
    Codename:	sylvia
    

    I’ve used the following udev rule to identify the TrueRNG (basically the original rule, but with a different name for the symlink):

    
    SUBSYSTEM=="tty", ATTRS{product}=="TrueRNG", SYMLINK+="hwrng", RUN+="/bin/stty raw -echo -ixoff -F /dev/%k speed 3000000"
    ATTRS{idVendor}=="04d8", ATTRS{idProduct}=="f5fe", ENV{ID_MM_DEVICE_IGNORE}="1"
    

    I’ve installed rng-tools and confirmed it’s running:

    
    root     12825  1.2  0.0   9512   136 ?        Ss   18:46   0:20 rngd -r /dev/hwrng
    

    Now, as for my question:
    I was curious to see how much the USB key would actually add to my entropy pool. I tested some things, like generating dhparams using openssl, both with and without the TrueRNG, but could not detect any differences in speed or blocking (none in both cases).

    So I decided on a different test and simply see how much output each device generates: /dev/hwrng vs /dev/random so to speak (if this doesn’t make any sense, please tell me, I am by no means an expert in this field).

    Test 1: using /dev/random with the TrueRNG plugged in
    timeout 10 “cat /dev/random | base64″

    Test 2: using /dev/random without the TrueRNG plugged in
    timeout 10 “cat /dev/random | base64″

    Test 3: using /dev/hwrng directly
    timeout 10 “cat /dev/hwrng | base64″

    I saved the output of these commands to simple text files to compare the size:

    Test 1: 10498048 bytes
    Test 2: 10457088 bytes
    Test 3: 663552 bytes

    The difference between tests 1 and 2 are negligible, but the last test produced significantly less random data. I understand that /dev/random pulls from many additional sources besides the TrueRNG, but I was hoping that using the TrueRNG would produce more output than it does now? Or is that just my misconception? Is it merely the randomness which is improved upon, and not just the output speed of random data?

    The main reason I started these tests was to figure out if, when I generate a set of keys or dhparams, how I can be sure that the TrueRNG is pitching in?

    Looking forward to your replies! :-)

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.