True RNG and GnuPG / libgcrypt
ott at mirix.org
Wed Sep 11 20:42:06 CEST 2013
On 2013-09-02 05:27, NIIBE Yutaka wrote:
> I have a question about support of hardware RNG and GnuPG / libgcrypt.
> I develop NeuG, my own True RNG implementation. It is Free Software
> for embedded MCU, specifically, STM32F103. It is possible to use the
> routine as a standalone device, and free hardware design by me is
> also available.
> When I test (at least for each release), I collect 64GiB of output and
> test by NIST STS 2.1.1, Dieharder 3.31.1. Recently, it is also tested
> by PractRand 0.90. I don't know if it's good to address, but it is
> also tested by TestU01, too. (Note that TestU01 is not free software.)
> I think that the quality of random output is good enough. Currently,
> I use the output through the interface of /dev/random on GNU/Linux.
> There are two issues for me, now.
> (1) I don't find any method to feed entropy (for /dev/random) on
> *BSD system
>From a quick look at the FreeBSD source code of /dev/random, you can
feed entropy into it, if it uses Yarrow. If it uses the VIA Padlock RNG
, it won't work.
As far as I can tell from the source code, on illumos, OpenBSD,
DragonFlyBSD, NetBSD and XNU you can also feed entropy into /dev/random.
On Microsoft Windows it seems you can't feed entropy into the kernel.
But there is the EGDW . On ReactOS CryptGenRandom and RtlGenRandom
don't use a CPRNG.
Minix 3 and Haiku allow you to feed entropy into /dev/random.
Plan 9 doesn't allow writes to /dev/random and doesn't use a CPRNG for
On HP-UX you can't write to /dev/random or /dev/urandom. On AIX you can
feed entropy into /dev/random and /dev/urandom.
If you're concerned about some other obscure POSIX-like operating
system, I'll try my best to find some information about its /dev/random.
But I think it safe to say that on all major operating system except
Microsoft Windows, you can write to /dev/random and the data written is
feed into an entropy pool of the kernel.
More information about the Gnupg-devel