« DevRandomTest » === randomsound === * to lower the randomsound use in /dev/random (vs. mouse/keyboard moves) * we can use the following command that slows much random generation from randomsound * sudo randomsound -v -v -v -v -v -b 8 -d 8 => the quality of random data is LOWER :( === entropy pool === {{{ >> "cat uuid" fetches random from the pool, if you do many times, I guess >> you'll see the value going lower. > > > I don't understand why this would be so. Isn't the UUID some sort > of user Id? What is it such that it sucks up entropy? a New UUID is created on demand PHASE 1 : pool wasting [gr@gr random 0/0]$ cat uuid entropy_avail ee7623b7-e275-40eb-96ef-b708dd7259c4 3339 You have mail in /home/gr/Maildir/new/ [gr@gr random 2/0]$ cat uuid entropy_avail 671d3055-9860-447e-8c69-9243972af666 3142 [gr@gr random 2/0]$ cat uuid entropy_avail d11fd9bd-bc6e-43b6-b15f-8f2c8b0ea8d0 2886 [gr@gr random 2/0]$ cat uuid entropy_avail 2dbb4102-329c-4fe4-a4d0-502e83d94924 2630 [gr@gr random 2/0]$ cat uuid entropy_avail 406664b6-22ab-4add-9124-9459743680ca 2374 [gr@gr random 2/0]$ cat uuid entropy_avail 26e171f7-5071-4b2a-a66c-92e9d08ea1cf 2118 [gr@gr random 2/0]$ cat uuid entropy_avail d375b2b9-85b6-4d29-9057-bcfb649500e0 1862 [gr@gr random 2/0]$ cat uuid entropy_avail ff21f284-970f-4e4a-b905-fa1d153af005 1606 [gr@gr random 2/0]$ cat uuid entropy_avail 1e623f20-4b6a-443a-891c-6bf0c5cbb81e 1350 [gr@gr random 2/0]$ cat uuid entropy_avail 19d83562-8411-443a-8805-73d6dc4c10af 1094 [gr@gr random 2/0]$ cat uuid entropy_avail c83770cc-1034-4910-83f4-04e6563493d7 838 [gr@gr random 2/0]$ cat uuid entropy_avail b25bd9b5-6458-4ea9-9e48-edf75db28a31 618 [gr@gr random 2/0]$ cat uuid entropy_avail 21758aa6-7543-415f-82e9-00f9f8c88357 375 PHASE 2 : pool feeding with serial mouse [gr@gr random 2/0]$ cat entropy_avail 895 [gr@gr random 0/0]$ cat entropy_avail 993 [gr@gr random 0/0]$ cat entropy_avail 1058 [gr@gr random 0/0]$ cat entropy_avail 1110 [gr@gr random 0/0]$ cat entropy_avail 1158 [gr@gr random 0/0]$ cat entropy_avail 1222 [gr@gr random 0/0]$ cat entropy_avail 1277 [gr@gr random 0/0]$ cat entropy_avail 1338 [gr@gr random 0/0]$ cat entropy_avail 1370 [gr@gr random 0/0]$ cat entropy_avail 1409 [gr@gr random 0/0]$ cat entropy_avail 1439 [gr@gr random 0/0]$ cat entropy_avail 1470 [gr@gr random 0/0]$ cat entropy_avail 1500 [gr@gr random 0/0]$ cat entropy_avail 1551 [gr@gr random 0/0]$ cat entropy_avail 1606 [gr@gr random 0/0]$ cat entropy_avail 1637 [gr@gr random 0/0]$ cat entropy_avail 1669 [gr@gr random 0/0]$ cat entropy_avail 1700 [gr@gr random 0/0]$ cat entropy_avail 1733 [gr@gr random 0/0]$ cat entropy_avail 1763 [gr@gr random 0/0]$ cat entropy_avail 1828 [gr@gr random 0/0]$ cat entropy_avail 1857 [gr@gr random 0/0]$ cat entropy_avail 1897 [gr@gr random 0/0]$ cat entropy_avail 1926 [gr@gr random 0/0]$ cat entropy_avail 1953 [gr@gr random 0/0]$ cat entropy_avail 1982 [gr@gr random 0/0]$ cat entropy_avail 2024 [gr@gr random 0/0]$ cat entropy_avail 2094 [gr@gr random 0/0]$ cat entropy_avail 2128 [gr@gr random 0/0]$ cat entropy_avail 2161 [gr@gr random 0/0]$ cat entropy_avail 2215 [gr@gr random 0/0]$ cat entropy_avail 2262 [gr@gr random 0/0]$ cat entropy_avail 2294 PHASE 3 : pool draining [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,00022502 s, 178 kB/s 2980 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,00022851 s, 175 kB/s 2673 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,000223457 s, 179 kB/s 2353 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,000230946 s, 173 kB/s 2033 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,000230148 s, 174 kB/s 1713 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,000232653 s, 172 kB/s 1393 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,000225262 s, 178 kB/s 1093 [gr@gr random 0/0]$ dd if=/dev/random bs=1 count=40 of=/dev/null; cat entropy_avail 40+0 records in 40+0 records out 40 bytes (40 B) copied, 0,000231761 s, 173 kB/s 786 PHASE 5 : feeding with data [gr@gr random 0/0]$ echo "01234567890123456789" > /dev/random ; cat entropy_avail 1509 [gr@gr random 0/0]$ echo "01234567890123456789" > /dev/random ; cat entropy_avail 1509 [gr@gr random 0/0]$ echo "01234567890123456789" > /dev/random ; cat entropy_avail 1509 [gr@gr random 0/0]$ echo "01234567890123456789" > /dev/random ; cat entropy_avail 1509 [gr@gr random 0/0]$ echo "01234567890123456789" > /dev/random ; cat entropy_avail 1509 => does not work (even with ">>") PHASE 6 : strange things fetching data directly from mouse port [gr@gr random 0/0]$ cat entropy_avail; dd if=/dev/random bs=1 count=100 of=/dev/null ; cat entropy_avail; sudo dd if=/dev/psaux bs=1 count=100 of=/dev/random; cat entropy_avail 380 100+0 records in 100+0 records out 100 bytes (100 B) copied, 3,80437 s, 0,0 kB/s 0 100+0 records in 100+0 records out 100 bytes (100 B) copied, 0,392171 s, 0,3 kB/s 72 => ??? result ??? PHASE 7 : another strange stuff $ cat entropy_avail ; dd if=~/random bs=1 count=50 of=/dev/random ; cat ~/random | sha1sum > ~/random2 ; cat ~/random2 > ~/random ; cat ~/random ; cat entropy_avail 3586 44+0 records in 44+0 records out 44 bytes (44 B) copied, 0,000154139 s, 285 kB/s b6258f83abfc9757dd26f87391c146199f47ecde - 3586 => does not work :( it seems that putting data (even) looking random in /dev/random is not much of use .... note : it seems /dev/random is used to feed TCP packets }}} http://tldp.org/LDP/abs/html/randomvar.html $RANDOM from bash seeding /dev/random does not work ? http://lkml.org/lkml/2007/5/29/90 see "man 4 random" == test == dd if=/dev/urandom bs=8192 count=2000 of=BIGURANDOM openssl genrsa -rand BIGURANDOM 4096 == test2 == {{{ notes from PG My suggestion is to use plain /dev/random, and attach a mouse and move the mouse. Mouse movements produce a lot of entropy, since every single move generates an interrupt. Instead of trying to block, I would suggest to use strace to actually see what's going on, and where the random numbers really go. In my experience, /dev/random always provided enough entropy for a single 4096 Bit RSA key. The only thing, where /dev/random might get dangerous are systems that do not have a harddisk, do not have a mouse attached. (And *BSD, as Ian pointed out already) And don't forget to both check your random number generator and the resulting key-randomness here: http://www.cacert.at/random/ Here is my posting about the RSA-key-randomness check: http://lists.virus.org/cryptography-0601/msg00007.html And here is the software itself: http://www2.futureware.at/~philipp/RNGQA-light.tar.bz2 Adapt the configuration, run the software, upload your results to http://www.cacert.at/random/ }}} === Jython testing === test program : {{{ from random import *; from java.util import Date; def list_aleat(n): global s for i in range(n): s[i] = chr(randrange(256)); return s def printDate(): d = Date() # now print d, d.time, d.getTime() f=open('testrandom', 'wb') f.truncate(); printDate(); taille = 13000000 bloc = 10000 s = [0]*bloc for i in range(0,taille/bloc): randomArr = list_aleat(bloc); f.writelines(randomArr); printDate(); f.close(); }}} Example for a sample of data generated {{{ [gr@gr ~ 0/0]$ israndom testrandom -s 13000000 alphabet size : 0 compressor : bzlib sample size : 13000000 filename : testrandom ... read 13000000 samples... Emprical alphabet size : 256 bits per symbol : 8.000000 total ideal length : 104000000.000000 rounded ideal length : 104000008.000000 compressed size : 104469808.000000 randomness difference : 469800.000000 random }}} {{{ [gr@gr ~ 0/0]$ ent -c testrandom Value Char Occurrences Fraction 0 50694 0.003900 1 50526 0.003887 2 50824 0.003910 3 50354 0.003873 4 50826 0.003910 5 50825 0.003910 6 50660 0.003897 7 51080 0.003929 8 51007 0.003924 9 50655 0.003897 10 51137 0.003934 11 50798 0.003908 12 50648 0.003896 13 50813 0.003909 14 50637 0.003895 15 50917 0.003917 16 50703 0.003900 17 50664 0.003897 18 50882 0.003914 19 50546 0.003888 20 50532 0.003887 21 50646 0.003896 22 50903 0.003916 23 50503 0.003885 24 50534 0.003887 25 50786 0.003907 26 50777 0.003906 27 50602 0.003892 28 51142 0.003934 29 50822 0.003909 30 50632 0.003895 31 50601 0.003892 32 50821 0.003909 33 ! 50381 0.003875 34 " 50827 0.003910 35 # 50867 0.003913 36 $ 50846 0.003911 37 % 50621 0.003894 38 & 50828 0.003910 39 ' 50881 0.003914 40 ( 50510 0.003885 41 ) 50754 0.003904 42 * 50774 0.003906 43 + 50573 0.003890 44 , 50397 0.003877 45 - 51020 0.003925 46 . 50617 0.003894 47 / 50626 0.003894 48 0 50994 0.003923 49 1 51255 0.003943 50 2 50784 0.003906 51 3 51074 0.003929 52 4 50987 0.003922 53 5 50864 0.003913 54 6 50922 0.003917 55 7 50995 0.003923 56 8 50489 0.003884 57 9 51333 0.003949 58 : 50828 0.003910 59 ; 50849 0.003911 60 < 50488 0.003884 61 = 50990 0.003922 62 > 50516 0.003886 63 ? 50617 0.003894 64 @ 50879 0.003914 65 A 51092 0.003930 66 B 50662 0.003897 67 C 50951 0.003919 68 D 51344 0.003950 69 E 50882 0.003914 70 F 51120 0.003932 71 G 51002 0.003923 72 H 51123 0.003933 73 I 50711 0.003901 74 J 50620 0.003894 75 K 50731 0.003902 76 L 50562 0.003889 77 M 50921 0.003917 78 N 50649 0.003896 79 O 50921 0.003917 80 P 50703 0.003900 81 Q 50690 0.003899 82 R 50495 0.003884 83 S 51041 0.003926 84 T 50742 0.003903 85 U 50952 0.003919 86 V 50658 0.003897 87 W 50449 0.003881 88 X 50615 0.003893 89 Y 50933 0.003918 90 Z 50760 0.003905 91 [ 50776 0.003906 92 \ 50702 0.003900 93 ] 50125 0.003856 94 ^ 51259 0.003943 95 _ 50453 0.003881 96 ` 51344 0.003950 97 a 51116 0.003932 98 b 50769 0.003905 99 c 50964 0.003920 100 d 50565 0.003890 101 e 50330 0.003872 102 f 50926 0.003917 103 g 51078 0.003929 104 h 50742 0.003903 105 i 50934 0.003918 106 j 50674 0.003898 107 k 50976 0.003921 108 l 50806 0.003908 109 m 50824 0.003910 110 n 50691 0.003899 111 o 51025 0.003925 112 p 50835 0.003910 113 q 51141 0.003934 114 r 50766 0.003905 115 s 50844 0.003911 116 t 50955 0.003920 117 u 50342 0.003872 118 v 50631 0.003895 119 w 50818 0.003909 120 x 51102 0.003931 121 y 50776 0.003906 122 z 50933 0.003918 123 { 50542 0.003888 124 | 51183 0.003937 125 } 50983 0.003922 126 ~ 51064 0.003928 127 51097 0.003931 128 50478 0.003883 129 50916 0.003917 130 50380 0.003875 131 50885 0.003914 132 51140 0.003934 133 50422 0.003879 134 50748 0.003904 135 50600 0.003892 136 50766 0.003905 137 50761 0.003905 138 51034 0.003926 139 50767 0.003905 140 50662 0.003897 141 51086 0.003930 142 50992 0.003922 143 50997 0.003923 144 50691 0.003899 145 50872 0.003913 146 50867 0.003913 147 50736 0.003903 148 50820 0.003909 149 51012 0.003924 150 50834 0.003910 151 50832 0.003910 152 50620 0.003894 153 50948 0.003919 154 50814 0.003909 155 50566 0.003890 156 50797 0.003907 157 50812 0.003909 158 51103 0.003931 159 50938 0.003918 160 51075 0.003929 161 ▒ 50627 0.003894 162 ▒ 50997 0.003923 163 ▒ 50587 0.003891 164 ▒ 50873 0.003913 165 ▒ 50425 0.003879 166 ▒ 50563 0.003889 167 ▒ 50410 0.003878 168 ▒ 51058 0.003928 169 ▒ 50323 0.003871 170 ▒ 50486 0.003884 171 ▒ 50633 0.003895 172 ▒ 50843 0.003911 173 ▒ 50511 0.003885 174 ▒ 50905 0.003916 175 ▒ 50899 0.003915 176 ▒ 50801 0.003908 177 ▒ 50765 0.003905 178 ▒ 51003 0.003923 179 ▒ 51251 0.003942 180 ▒ 50649 0.003896 181 ▒ 50950 0.003919 182 ▒ 51131 0.003933 183 ▒ 51048 0.003927 184 ▒ 50943 0.003919 185 ▒ 50557 0.003889 186 ▒ 50701 0.003900 187 ▒ 50757 0.003904 188 ▒ 50685 0.003899 189 ▒ 51131 0.003933 190 ▒ 50656 0.003897 191 ▒ 50411 0.003878 192 ▒ 51097 0.003931 193 ▒ 51051 0.003927 194 ▒ 50590 0.003892 195 ▒ 50990 0.003922 196 ▒ 50409 0.003878 197 ▒ 50779 0.003906 198 ▒ 50681 0.003899 199 ▒ 50430 0.003879 200 ▒ 50895 0.003915 201 ▒ 50779 0.003906 202 ▒ 50776 0.003906 203 ▒ 50590 0.003892 204 ▒ 50779 0.003906 205 ▒ 50909 0.003916 206 ▒ 50779 0.003906 207 ▒ 50628 0.003894 208 ▒ 50615 0.003893 209 ▒ 50868 0.003913 210 ▒ 50758 0.003904 211 ▒ 51133 0.003933 212 ▒ 50922 0.003917 213 ▒ 51399 0.003954 214 ▒ 50650 0.003896 215 ▒ 50938 0.003918 216 ▒ 50654 0.003896 217 ▒ 50937 0.003918 218 ▒ 50563 0.003889 219 ▒ 50500 0.003885 220 ▒ 50856 0.003912 221 ▒ 50712 0.003901 222 ▒ 50606 0.003893 223 ▒ 51001 0.003923 224 ▒ 50894 0.003915 225 ▒ 50266 0.003867 226 ▒ 50589 0.003891 227 ▒ 50838 0.003911 228 ▒ 50623 0.003894 229 ▒ 50496 0.003884 230 ▒ 50731 0.003902 231 ▒ 50768 0.003905 232 ▒ 50718 0.003901 233 ▒ 51075 0.003929 234 ▒ 50434 0.003880 235 ▒ 50606 0.003893 236 ▒ 50877 0.003914 237 ▒ 50827 0.003910 238 ▒ 50728 0.003902 239 ▒ 50707 0.003901 240 ▒ 50690 0.003899 241 ▒ 50707 0.003901 242 ▒ 50532 0.003887 243 ▒ 50769 0.003905 244 ▒ 50413 0.003878 245 ▒ 50934 0.003918 246 ▒ 50561 0.003889 247 ▒ 50942 0.003919 248 ▒ 50683 0.003899 249 ▒ 50677 0.003898 250 ▒ 50949 0.003919 251 ▒ 50422 0.003879 252 ▒ 50498 0.003884 253 ▒ 50442 0.003880 254 ▒ 50559 0.003889 255 ▒ 50918 0.003917 Total: 13000000 1.000000 Entropy = 7.999986 bits per byte. Optimum compression would reduce the size of this 13000000 byte file by 0 percent. Chi square distribution for 13000000 samples is 251.04, and randomly would exceed this value 50.00 percent of the times. Arithmetic mean value of data bytes is 127.4788 (127.5 = random). Monte Carlo value for Pi is 3.141098813 (error 0.02 percent). Serial correlation coefficient is 0.000169 (totally uncorrelated = 0.0). }}} ---- . CategoryNewRootsTaskForce