Utility of NEUG or Gomti with new LRNG code
Frédéric SUEL
frederic.suel at free.fr
Fri Jun 30 20:03:23 CEST 2023
Hi!
*Ref 1* : https://www.chronox.de/lrng/doc/lrng.pdf
*Ref 2* :
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/LinuxRNG/LinuxRNG_EN_V5_4.html
Until yet, we can use NEUG with user space utility call rng-tools. But
since kernel 5.18 and the refondation of the Linux Random Number
Generator (Ref 1) by stephan Muller ( smueller at chronox.de), it seems
that : /dev/urandom and /dev/random are the same after initial RNG
initialization (https://wiki.archlinux.org/title/Rng-tools) and (Ref 2
page 15 : "/When accessing /dev/random, random numbers are only
generated if the entropy pool or the ChaCha20 DRNG received at least 256
bits of initial entropy. After reaching that threshold of 256 bits of
entropy once, /dev/random will operate non-blocking for the lifetime of
the system and thus operate identically //to /dev/urandom../")
The BSI (Deutschland Digital Sicher / Budesamt für Sicherheit in der
Informationstecnik) make regular analysis of the Linux Random Number
Generator (Ref 2) and it's conclusions are that :
-- the new RNG is not as efficient as it's older implémentation
-- few sources of entropy are correct for entropy boot process (Ref 2 §6.1)
-- When injecting new seed data from user space by either the IOCTL or
by writing into either /dev/random or /dev/urandom, the seed data is
added to the input pool. It remains unused there until the base ChaCha20
DRNG decides it is time to reseed (Ref 2 page 58).
So, it would be interesting to use NEUG and in the futur Gomti as
hardware generator (Ref 2 pages 39 & 51). It would be interesting for
early boot process (Ref 2 page 85) and normal process. It seems to
replace user space rngd daemon : "/Ref 2 page 39 : The Linux kernel
contains an additional entropy collection mechanism for in-kernel
hardware-RNG device drivers. Before the advent of the
add_hwgenerator_randomness function, the user space rngd daemon was
required to transport random bits from /dev/hwrng – the interface to the
hardware-RNG framework – to /dev/random. With the functionality
described in the following, this detour via user space is //no longer
needed./"
It is possible, right now, to use it (NEUG, Gomti) as hardware generator
and how, or will it be possible in the futur ?
Best regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnuk-users/attachments/20230630/0f64b2e2/attachment.html>
More information about the Gnuk-users
mailing list