From owner-freebsd-current@FreeBSD.ORG Thu Sep 6 20:23:19 2012 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 64C5D1065674 for ; Thu, 6 Sep 2012 20:23:19 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) by mx1.freebsd.org (Postfix) with ESMTP id 457528FC18 for ; Thu, 6 Sep 2012 20:23:19 +0000 (UTC) Received: from epsilon.delphij.net (drawbridge.ixsystems.com [206.40.55.65]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by anubis.delphij.net (Postfix) with ESMTPSA id 183311D3DC; Thu, 6 Sep 2012 13:23:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis; t=1346962999; bh=ctpPDBGfM8F/lTPfOj4Of61keuZmx1/HbmkpIQ7gj6Y=; h=Date:From:Reply-To:To:CC:Subject:References:In-Reply-To; b=mEFQz8NgMI3IIh9LjY2ocsgZRJw0TXo8OZTy1egBFgr+e2hayluwdh8qtIBi5Ggkx TJ8emf4K4RsWPlQGOqp9ztFsF01bkvlVnyQSdJjaVf5VHMPns9ofOci6VeJSZUIOtl OdYIC6CLeDlewRpzMLTQQnoYsmafZc53qfu9QXzs= Message-ID: <50490636.40803@delphij.net> Date: Thu, 06 Sep 2012 13:23:18 -0700 From: Xin Li Organization: The freeBSD Project User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:10.0.7) Gecko/20120830 Thunderbird/10.0.7 MIME-Version: 1.0 To: Konstantin Belousov References: <20120902103406.GU33100@deviant.kiev.zoral.com.ua> In-Reply-To: <20120902103406.GU33100@deviant.kiev.zoral.com.ua> X-Enigmail-Version: 1.4.3 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: current@freebsd.org Subject: Re: Bull Mountain (IvyBridge +) random number generator X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Sep 2012 20:23:19 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09/02/12 03:34, Konstantin Belousov wrote: > It is relatively well known that Ivy Bridge CPUs (Core iX 3XXX) > have built-in hardware random number generator, which is claimed to > be both very fast and high quality. Generator is accessible using > non-privileged RDRAND instruction. It is claimed that CPU performs > sanitization of the random sequence. In particular, it seems that > paranoid AES encryption of the raw random stream, performed by our > padlock driver, is not needed for Bull Mountain (there are hints > that hardware performs it already). > > See > http://spectrum.ieee.org/computing/hardware/behind-intels-new-randomnumber-generator/0 > > http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ > and IA32 ADM. > > Patch at http://people.freebsd.org/~kib/misc/bull_mountain.2.patch > implements support for the generator. I do not own any IvyBridge > machines, so I cannot test. Patch makes both padlock and bull > generators the options, you need to enable IVY_RNG to get support > for the generator. > > I would be interested in seeing reports including verbose boot > dmesg, and some tests of /dev/random quality on the IvyBridge > machines, you can start with > http://lists.gnupg.org/pipermail/gnupg-devel/2000-March/016328.html. CPU: > Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (2294.83-MHz K8-class CPU) Origin = "GenuineIntel" Id = 0x306a9 Family = 6 Model = 3a Stepping = 9 Features=0xbfebfbff Features2=0x7fbae3bf AMD Features=0x28100800 AMD Features2=0x1 TSC: P-state invariant, performance statistics ... random: [delphij@epsilon] ~> dd if=/dev/random bs=1m count=256 | ./ent 256+0 records in 256+0 records out 268435456 bytes transferred in 8.330823 secs (32221961 bytes/sec) Entropy = 7.999999 bits per byte. Optimum compression would reduce the size of this 268435456 byte file by 0 percent. Chi square distribution for 268435456 samples is 237.19, and randomly would exceed this value 78.17 percent of the times. Arithmetic mean value of data bytes is 127.4968 (127.5 = random). Monte Carlo value for Pi is 3.141569721 (error 0.00 percent). Serial correlation coefficient is -0.000080 (totally uncorrelated = 0.0). [delphij@epsilon] ~> dd if=/dev/random bs=1m count=256 | ./ent 256+0 records in 256+0 records out 268435456 bytes transferred in 8.110786 secs (33096109 bytes/sec) Entropy = 7.999999 bits per byte. Optimum compression would reduce the size of this 268435456 byte file by 0 percent. Chi square distribution for 268435456 samples is 265.06, and randomly would exceed this value 31.95 percent of the times. Arithmetic mean value of data bytes is 127.4982 (127.5 = random). Monte Carlo value for Pi is 3.141918140 (error 0.01 percent). Serial correlation coefficient is 0.000005 (totally uncorrelated = 0.0). [delphij@epsilon] ~> dd if=/dev/random bs=1m count=256 | ./ent 256+0 records in 256+0 records out 268435456 bytes transferred in 8.094252 secs (33163714 bytes/sec) Entropy = 7.999999 bits per byte. Optimum compression would reduce the size of this 268435456 byte file by 0 percent. Chi square distribution for 268435456 samples is 263.17, and randomly would exceed this value 34.92 percent of the times. Arithmetic mean value of data bytes is 127.4969 (127.5 = random). Monte Carlo value for Pi is 3.141545045 (error 0.00 percent). Serial correlation coefficient is 0.000017 (totally uncorrelated = 0.0). - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJQSQY2AAoJEG80Jeu8UPuzHTUH/37b3iinQ3/yjc2tfTjKAMZh KJGEzZ1hlr8Ifoax3ul27U7Mpyss85Vza+tICeiyDpPulFlKuJa9lFfadNXIiDqR AAB4PtK+cZ8uyVze00sstU+7tK7AqKCyuz/yL6fzK2h2Bx8mYVgE3UTK+DOwQcEa 4Y0pFlO7gPnw1NGK6T7Ofnl/s9wum3JWELPhaTmo5L11JioXnufTmsJpB2MzqSxT iK0B0FCzF32e1Hl5HNNEMbfx7Rrx+Pf1OzdhP+/1+WHdXn8qtr8htsmsA/4zV+pT jAHHGuPxNaFmb2xyEZtQerPPdexoadWjrNlFQtl2gsVyMrWYBX2PyT3n3bbos50= =eiAK -----END PGP SIGNATURE-----