====== Random numbers: The fast and the furious ======
The expression **security = usability-1** can be interpreted in many ways. Either things become far too complicated, so that regular users just don't want to be bothered with them or the amount of energy it takes to complete a security-related task is just insane.
To wipe a 1TB (1024GB) disk with random data or prep a disk for encryption, it takes a little more than 4 days (97 hours) when utilizing /dev/urandom. Who would want to wait 4 days for a supporting task like this to finish? Just considering the energy it takes, to keep the whole system up and running, only to write random data to a disk, clearly demands higher random data bitrates without sacrificing quality. Hardware-RNG's are good alternative but not always available, so you might want to give /dev/frandom a try.
===== =====
===== Introducing /dev/frandom =====
[[http://www.billauer.co.il/frandom.html|/dev/frandom]] is a kernel module that claims to offer 10 times or more output bitrate than /dev/urandom - without a decrease of random data quality. The best way to verify this claim, is to try it out and test yourself. Just download, untar, compile and insmod the module, it usually works out-of-the-box.
make
insmod ./frandom.ko
In case of missing device nodes, create them manually:
mknod /dev/frandom c 235 11
chmod 444 /dev/frandom
mknod /dev/erandom c 235 12
chmod 444 /dev/erandom
===== Tests =====
==== ebuild for dieharder test suite ====
# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
inherit eutils autotools
DESCRIPTION="
DieHarder This is the current snapshot of the dieharder random number
tester. It encapsulates all of the Gnu Scientific Library random num-
ber generators as well as /dev/random and /dev/urandom in a single har-
ness that can time them and subject them to various tests for random-
ness. These tests are variously drawn from George Marsaglia's 'Diehard
battery of random number tests', the NIST Statistical Test Suite, and
include a few useful e.g. binning or spectral tests that I've found
doing research into random number tests or tests that I myself have
made up or that are improvements on tests from other sources.
The primary point of this tester is to make it easy to time and test
(pseudo)random number generators OR hardware or other generators.
Three examples are provided of wrapping a random number generator and
inserting it so that it is can be called via the GSL interface. An
interface is planned that would allow random numbers to be read in from
a file, allowing the tool to be used with any generator (wrappable or
not) that can generate a table of random numbers.
Another important motivation for writing dieharder is to have the
entire test code and documentation be fully Gnu Public Licensed and
hence openly available for adaptation, testing, modification, including
the addition of new tests. The primary objections I have towards
diehard and sts are not that they are or are not adequate and complete;
it is that the code is obscure and not explicitly published for reuse.
It is my hope that by providing this tool in autodocumenting source, it
makes it easy to add new tests, critique older tests, and improve the
suite in general."
HOMEPAGE="http://www.phy.duke.edu/~rgb/General/dieharder.php"
SRC_URI="http://www.phy.duke.edu/~rgb/General/dieharder/${P}.tgz"
LICENSE="GPL-2" #GPL-2-Beverage
SLOT="0"
KEYWORDS="~x86 ~amd64"
IUSE=""
DEPEND="sci-libs/gsl"
RDEPEND="${DEPEND}"
src_unpack() {
unpack ${A}
cd "${S}"
eautoreconf
}
src_compile() {
econf || die "Error: econf failed!"
emake -j1 || die "Error: emake failed!"
}
src_install() {
emake install DESTDIR="${D}" || die "Install failed"
dodoc NEWS README* NOTES
docinto "dieharder"
dodoc dieharder/README dieharder/NOTES
docinto "libdieharder"
dodoc libdieharder/README libdieharder/NOTES
}
==== urandom test results ====
cat /dev/urandom | dieharder -a -g 200
# Run Details
# Random number generator tested: stdin_input_raw
# Samples per test pvalue = 100000 (test default is 100000)
# P-values in final KS test = 100 (test default is 100)
#==================================================================
# Histogram of p-values
##################################################################
# Counting histogram bins, binscale = 0.100000
# 20| | | | | | | | | | |
# | | | | | | | | | | |
# 18| | | | | | | | | | |
# | | | | | | | | | | |
# 16| | | | | | | | | | |
# | | | | | | | | | | |
# 14| | |****| | | | | | | |
# | | |****| | |****| | | | |
# 12| | |****| | |****| | | | |
# | | |****| | |****| | | | |
# 10|****| |****|****|****|****| | |****| |
# |****|****|****|****|****|****|****|****|****| |
# 8|****|****|****|****|****|****|****|****|****| |
# |****|****|****|****|****|****|****|****|****| |
# 6|****|****|****|****|****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# 4|****|****|****|****|****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# 2|****|****|****|****|****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# |--------------------------------------------------
# | 0.1| 0.2| 0.3| 0.4| 0.5| 0.6| 0.7| 0.8| 0.9| 1.0|
#==================================================================
# Results
Kuiper KS: p = 0.97927058
Assessment: PASSED at > 5% for RGB Permutations Test
real 1m7.539s
user 0m13.536s
sys 0m51.354s
==== frandom test results ====
cat /dev/frandom | dieharder -a -g 200
# Run Details
# Random number generator tested: stdin_input_raw
# Samples per test pvalue = 100000 (test default is 100000)
# P-values in final KS test = 100 (test default is 100)
#==================================================================
# Histogram of p-values
##################################################################
# Counting histogram bins, binscale = 0.100000
# 20| | | | | | | | | | |
# | | | | | | | | | | |
# 18| | | | | | | | | | |
# | | | | | | | | | | |
# 16| | | | | | | | | | |
# | | | | | | | | | | |
# 14| | | | | | | | | | |
# | | | | | | | | | | |
# 12| | | | |****| | | | | |
# | | |****| |****|****| | |****|****|
# 10|****|****|****| |****|****| | |****|****|
# |****|****|****| |****|****| |****|****|****|
# 8|****|****|****| |****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# 6|****|****|****|****|****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# 4|****|****|****|****|****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# 2|****|****|****|****|****|****|****|****|****|****|
# |****|****|****|****|****|****|****|****|****|****|
# |--------------------------------------------------
# | 0.1| 0.2| 0.3| 0.4| 0.5| 0.6| 0.7| 0.8| 0.9| 1.0|
#==================================================================
# Results
Kuiper KS: p = 0.99947994
Assessment: PASSED at > 5% for RGB Bit Distribution Test
real 0m15.707s
user 0m13.545s
sys 0m1.947s
===== Conclusion =====
Given a good kernel entropy source (try rng-tools), /dev/frandom delivered indeed 10 times the bitrate /dev/urandom could offer. The dd to fill the disk with random data leveled at about 3 Megabytes/s random data. Although a Hardware-RNG still would be preferable, /dev/frandom can fill a gap when high random data bitrates are needed. Compared to /dev/urandom, the f in /dev/frandom deserves the attributes fast and furious.
{{tag>crypto frandom gentoo kernel linux random rng software }}
~~DISCUSSION~~