Date: Mon, 7 Mar 2005 14:03:30 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: freebsd-security@freebsd.org Subject: New entropy source proposal. Message-ID: <20050307130330.GX9291@darkness.comp.waw.pl>
next in thread | raw e-mail | index | archive | help
--XwYplyRgqW9Nm5hN Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. I've been playing a bit with "use sound card as an entropy source" idea. This simple program does what I wanted: http://people.freebsd.org/~pjd/misc/sndrand.tbz The program is very simple, it should be run with two arguments: % sndtest /dev/dspW 1048576 > rand.data This command will generate 1MB of random data. With my sound card: pcm0: <Intel ICH3 (82801CA)> port 0xe100-0xe13f,0xe000-0xe0ff irq 11 at dev= ice 31.5 on pci0 pcm0: [GIANT-LOCKED] pcm0: <Cirrus Logic CS4299 AC97 Codec> It produce very good entropy. I tried those tests to prove its quality: - FIPS 140-2 tests - 'ent' tests: http://www.fourmilab.ch/random/ - Famous 'diehard' tests The full output from diehard tests is here: http://people.freebsd.org/~pjd/misc/sndrand_diehard.txt The idea of using sound card as entropy source was taken from RFC 1750. If people like the idea and someone more skilled than me in this subject can review this stuff, we can start to put it into kernel "random infrastructure". It could also be implemented as userland daemon which writes collected entropy to /dev/random maybe... --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --XwYplyRgqW9Nm5hN Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFCLFEiForvXbEpPzQRAvqoAKCS6Uog2CINyj3ybNo1a8C/qAbUQQCcDP1T KkECG+WdYlnJyLZkuaiW0FA= =l8tH -----END PGP SIGNATURE----- --XwYplyRgqW9Nm5hN--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050307130330.GX9291>