True RNG and GnuPG / libgcrypt

Matthias-Christian Ott ott at mirix.org
Wed Sep 11 20:42:06 CEST 2013


On 2013-09-02 05:27, NIIBE Yutaka wrote:
> I have a question about support of hardware RNG and GnuPG / libgcrypt.
>
> I develop NeuG, my own True RNG implementation.  It is Free Software
> for embedded MCU, specifically, STM32F103.  It is possible to use the
> routine as a standalone device, and free hardware design by me is
> also available.
>
> When I test (at least for each release), I collect 64GiB of output and
> test by NIST STS 2.1.1, Dieharder 3.31.1.  Recently, it is also tested
> by PractRand 0.90.  I don't know if it's good to address, but it is
> also tested by TestU01, too.  (Note that TestU01 is not free software.)
>
> I think that the quality of random output is good enough.  Currently,
> I use the output through the interface of /dev/random on GNU/Linux.
>
> There are two issues for me, now.
>
>   (1) I don't find any method to feed entropy (for /dev/random) on
>       *BSD system

>From a quick look at the FreeBSD source code of /dev/random, you can
feed entropy into it, if it uses Yarrow. If it uses the VIA Padlock RNG
[1], it won't work.

As far as I can tell from the source code, on illumos, OpenBSD,
DragonFlyBSD, NetBSD and XNU you can also feed entropy into /dev/random.

On Microsoft Windows it seems you can't feed entropy into the kernel.
But there is the EGDW [2]. On ReactOS CryptGenRandom and RtlGenRandom
don't use a CPRNG.

Minix 3 and Haiku allow you to feed entropy into /dev/random.

Plan 9 doesn't allow writes to /dev/random and doesn't use a CPRNG for
/dev/random.

On HP-UX you can't write to /dev/random or /dev/urandom. On AIX you can
feed entropy into /dev/random and /dev/urandom.

If you're concerned about some other obscure POSIX-like operating
system, I'll try my best to find some information about its /dev/random.
But I think it safe to say that on all major operating system except
Microsoft Windows, you can write to /dev/random and the data written is
feed into an entropy pool of the kernel.

Regards,
Matthias-Christian

[1]
http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/evaluation_padlock_rng.pdf
[2] http://egdw.sourceforge.net/



More information about the Gnupg-devel mailing list