Jump to content

/dev/random suffers entropy depletion


Jeffrey Walton

Recommended Posts

I'm working on a ElPotato running Ubuntu Bionic 18. I have a test suite that test the kernel's random number generators. The test program comes from the Crypto++ library (https://cryptopp.com/).

 

The test suite is failing its test of /dev/random. It appears the generator is suffering entropy depletion:

$ ./cryptest.exe v
...

Testing operating system provided blocking random number generator...
FAILED: it took 91 seconds to generate 7 bytes
passed: 7 generated bytes compressed to 9 bytes by DEFLATE
passed: GenerateWord32 and Crop

The kernel algorithm to keep the generators in good working order has some gaps. Additionally, the kernel removed several entropy sources starting in the 3.x kernels. The result is this condition.

 

There are two problems with the "entropy depletion" condition. First, it is a transient problem, most users don't know it is present and it is hard to duplicate. Second, poorly written software can experience the failure but fail to detect it. That means the software failed to collect randomness but continues as if it did gather entropy from the generator. The second problem worries me because it is nearly impossible to audit all software that uses random numbers.

 

Since it is too difficult to audit and fix all software, the remediation is to fix the problem in the platform. I believe Armbian should make the package `rng-tools` standard for all of its images. That is, install the package for the user.

 

Below, notice neither `rng-tools` or `rng-tools5` are installed by default.

$ apt-cache policy rng-tools
rng-tools:
  Installed: (none)
  Candidate: 5-0ubuntu4
  Version table:
     5-0ubuntu4 500
        500 http://ports.ubuntu.com bionic/universe arm64 Packages

$ apt-cache policy rng-tools5
rng-tools5:
  Installed: (none)
  Candidate: 5-2
  Version table:
     5-2 500
        500 http://ports.ubuntu.com bionic/universe arm64 Packages

 

Link to comment
Share on other sites

/dev/random is blocking, and if you run low/out of entropy - you might find that an app will timeout while it waits for the pool to refill

 

/dev/urandom is non-blocking - so there's a few choices - rng-tools is one (installs rngd)

 

Might take a look at haveged -- It's in the debian and ubuntu repo's - plays nice with rng-tools - haveged is random enough to be the primary for the TailsOS, and there's been other studies as well. 

 

Yes, there's some politics around haveged - just like everything in FOSS land, but it's worth a try.

 

NOTE - Be careful with some of the hwrng's - AllWinner has known issues that makes it less than random

 

http://sunxi.montjoie.ovh/

 

 

Edited by sfx2000
clarity
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines