/dev/random does not block, emits poor entropy

starlight.2013z3@binnacle.cx starlight.2013z3@binnacle.cx
Wed Sep 18 19:06:00 GMT 2013


While poking around TRNG quality I came
across this apparent issue:

   /dev/random does not block, emits poor entropy

Running 1.7.17 but see no updates in the
1.7.18 thru 1.7.25 Changelog entries
regarding /dev/random.

Due to 'argp' library issues I could not
compile 'rngtest' under Cygwin.  Worked
around it by running

   netcat -l -p 8989 </dev/random

on the Windows side and

   ncat 8989 | rngtest -t 10

on the Linux machine.  Output looks like

rngtest: FIPS tests speed: (min=389.946; avg=74898.778; max=94811.893)Kibits/s
rngtest: Program run time: 60032020 microseconds
rngtest: bits received from input: 3088523264
rngtest: FIPS 140-2 successes: 154295
rngtest: FIPS 140-2 failures: 131
rngtest: FIPS 140-2(2001-10-10) Monobit: 17
rngtest: FIPS 140-2(2001-10-10) Poker: 15
rngtest: FIPS 140-2(2001-10-10) Runs: 53
rngtest: FIPS 140-2(2001-10-10) Long run: 47
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=393.292; avg=188386.332; max=887784.091)Kibits/s
rngtest: FIPS tests speed: (min=389.946; avg=74949.192; max=94811.893)Kibits/s
rngtest: Program run time: 69528238 microseconds

which I think would qualify as "not great."
Is similar to what I see when running

   rngtest -t 10 /dev/urandom

on Linux.

My guess is that the /dev/random driver needs an
adjustment to block when the MS crypto function
calls indicate a lack of available entropy
--assuming that the MS libraries support
entropy qualification of some kind.

I don't subscribe to the list (though I do
look at the archives), so please CC me
on any requests for my input.


Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list