Jeffrey Walton Posted April 29, 2019 Posted April 29, 2019 I'm working on a ElPotato running Ubuntu Bionic 18. I have a test suite that test the kernel's random number generators. The test program comes from the Crypto++ library (https://cryptopp.com/). The test suite is failing its test of /dev/random. It appears the generator is suffering entropy depletion: $ ./cryptest.exe v ... Testing operating system provided blocking random number generator... FAILED: it took 91 seconds to generate 7 bytes passed: 7 generated bytes compressed to 9 bytes by DEFLATE passed: GenerateWord32 and Crop The kernel algorithm to keep the generators in good working order has some gaps. Additionally, the kernel removed several entropy sources starting in the 3.x kernels. The result is this condition. There are two problems with the "entropy depletion" condition. First, it is a transient problem, most users don't know it is present and it is hard to duplicate. Second, poorly written software can experience the failure but fail to detect it. That means the software failed to collect randomness but continues as if it did gather entropy from the generator. The second problem worries me because it is nearly impossible to audit all software that uses random numbers. Since it is too difficult to audit and fix all software, the remediation is to fix the problem in the platform. I believe Armbian should make the package `rng-tools` standard for all of its images. That is, install the package for the user. Below, notice neither `rng-tools` or `rng-tools5` are installed by default. $ apt-cache policy rng-tools rng-tools: Installed: (none) Candidate: 5-0ubuntu4 Version table: 5-0ubuntu4 500 500 http://ports.ubuntu.com bionic/universe arm64 Packages $ apt-cache policy rng-tools5 rng-tools5: Installed: (none) Candidate: 5-2 Version table: 5-2 500 500 http://ports.ubuntu.com bionic/universe arm64 Packages
sfx2000 Posted April 29, 2019 Posted April 29, 2019 (edited) /dev/random is blocking, and if you run low/out of entropy - you might find that an app will timeout while it waits for the pool to refill /dev/urandom is non-blocking - so there's a few choices - rng-tools is one (installs rngd) Might take a look at haveged -- It's in the debian and ubuntu repo's - plays nice with rng-tools - haveged is random enough to be the primary for the TailsOS, and there's been other studies as well. Yes, there's some politics around haveged - just like everything in FOSS land, but it's worth a try. NOTE - Be careful with some of the hwrng's - AllWinner has known issues that makes it less than random http://sunxi.montjoie.ovh/ Edited April 29, 2019 by sfx2000 clarity
Recommended Posts