From owner-freebsd-hackers@freebsd.org Wed Jul 11 13:58:47 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A35810401F3 for ; Wed, 11 Jul 2018 13:58:47 +0000 (UTC) (envelope-from ian@freebsd.org) Received: from outbound1a.eu.mailhop.org (outbound1a.eu.mailhop.org [52.58.109.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 840AA72D74 for ; Wed, 11 Jul 2018 13:58:46 +0000 (UTC) (envelope-from ian@freebsd.org) X-MHO-RoutePath: aGlwcGll X-MHO-User: 81483e65-8512-11e8-aa1a-954dbaed88ca X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Originating-IP: 67.177.211.60 X-Mail-Handler: DuoCircle Outbound SMTP Received: from ilsoft.org (unknown [67.177.211.60]) by outbound1.eu.mailhop.org (Halon) with ESMTPSA id 81483e65-8512-11e8-aa1a-954dbaed88ca; Wed, 11 Jul 2018 13:58:37 +0000 (UTC) Received: from rev (rev [172.22.42.240]) by ilsoft.org (8.15.2/8.15.2) with ESMTP id w6BDwZMJ038686; Wed, 11 Jul 2018 07:58:35 -0600 (MDT) (envelope-from ian@freebsd.org) Message-ID: <1531317515.66719.20.camel@freebsd.org> Subject: Re: Limits to seeding /dev/random | random(4) From: Ian Lepore To: Dirk-Willem van Gulik , "freebsd-hackers@freebsd.org" Date: Wed, 11 Jul 2018 07:58:35 -0600 In-Reply-To: <3A988D26-7B08-4301-8176-B0ED8A559420@webweaving.org> References: <3A988D26-7B08-4301-8176-B0ED8A559420@webweaving.org> Content-Type: text/plain; charset="windows-1251" X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jul 2018 13:58:47 -0000 On Wed, 2018-07-11 at 14:03 +0200, Dirk-Willem van Gulik wrote: > When feeding /dev/random from hardware USB devices like Bill > Woodcock’s design in PCB incarnation: > > https://13-37.org/de/shop/infinite-noise-trng/ > > Are there any caveats with regard to volume or speed of doing so ? Or > is it always a plus ?  > > Actual code at https://github.com/dirkx/infnoise/blob/master/software > /libinfnoise.c line 122: > > if ((devRandomFD = open("/dev/random",O_WRONLY)) <0) > .. error handling > > if (write(devRandomFD, bytes, length) != length)  > .. error handling > > And is there any case where length would not return the length > written — it seems that the driver traps/ignores EINT, EAGAIN and > short writes ?  > > Or should one check the entropy available in /dev/random (how?) and > hold off feeding it until it is low enough (this is what the > infinite-trng seems to do on linux). > > With kind regards, > > Dw There is no way to check the entropy available in /dev/random because the whole concept doesn't apply. Entropy isn't a limited resource that can be exhausted after the prng is seeded at boot time. When asking our prng gurus for advice on writing a device driver for an on-chip entropy source, the advice I got was basically: there's no need to feed in more entropy on an ongoing basis, but no harm in doing so either, within reason. The recommendation was to feed at or below an average rate of about 128 bits/second. Pushing in more isn't harmful, just wasteful of system resources because it doesn't make anything better. -- Ian