Menu
What's new
By:
Filters Better Search

Entropy Pool

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sfx2000 said:
Haveged - same here, except it doesn't have dependency on a dedicated hw RNG, so it can be very helpful.
Click to expand...

You often brought us cheers, mate! Glad that you mentioned this piece. I compiled it for my RT-AC56U. All seems working very well. Not sure about its quality but it passes FIPS test.

$ cat /dev/random | rngtest -c 2048
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 40960032
rngtest: FIPS 140-2 successes: 2048
rngtest: FIPS 140-2 failures: 0
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=232.214; avg=3234.627; max=4882812.500)Kibits/s
rngtest: FIPS tests speed: (min=948.856; avg=28663.931; max=36782.015)Kibits/s
rngtest: Program run time: 13768184 microseconds

$ cat /proc/sys/kernel/random/entropy_avail
4027
 
After responding to the OP, I figured this would be a quick install and configure of the rng-tools Entware-NG package to improve entropy.

Current problems:

1) The "-r" command-line option mentioned in this thread isn't recommended due to the possibility of creating a false sense of entropy.

2) Use of RNG (i.e., Haveged or rng-tools) without hardware support seems to increase suspicion of increased non-randomness at a greater rate than increasing entropy.

3) Is there a way to get these USB HWRNG devices to work with Asuswrt-Merlin ?
That said, is this the end of this discussion ?
 
kvic said:
You often brought us cheers, mate! Glad that you mentioned this piece. I compiled it for my RT-AC56U. All seems working very well. Not sure about its quality but it passes FIPS test.

$ cat /proc/sys/kernel/random/entropy_avail
4027
Click to expand...

Very nice.....I just added it to my fork :) What are you using for the write threshold (and any other tweaks to the start parms you may have used)?
 
Last edited:
john9527 said:
Very nice.....I just added it to my fork :) What are you using for the write threshold (and any other tweaks to the start parms you may have used)?
Click to expand...

Depends on distro - but the defaults are typically -w 1024

debian based builds drop the config file in /etc/default/haveged

Code: 
# Configuration file for haveged
# Options to pass to haveged:
#   -w sets low entropy watermark (in bits)
DAEMON_ARGS="-w 1024"
 
kvic said:
You often brought us cheers, mate! Glad that you mentioned this piece. I compiled it for my RT-AC56U. All seems working very well. Not sure about its quality but it passes FIPS test.
Click to expand...

Like I mentioned earlier, some folks have concerns with the randomness generated - but at the same time, it's a useful tool, esp. with virtualized servers...

One article about entropy, tools, risks, and best practices...

https://lwn.net/Articles/525459/

Without haveged - this take a long time, as the entropy pool runs dry, so the test is blocked until the pool refills...

(rngtest is part of the rng-tools package)

Code: 
cat /dev/random | rngtest -c 2048
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 40960032
rngtest: FIPS 140-2 successes: 2047
rngtest: FIPS 140-2 failures: 1
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 1
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 1
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=197.683; avg=301.897; max=701.226)Kibits/s
rngtest: FIPS tests speed: (min=7.133; avg=14.215; max=14.352)Mibits/s
rngtest: Program run time: 135248974 microseconds

With haveged - since the pool never drains - the test is not blocked -- but again, concerns about the quality of the randomness...

Code: 
cat /dev/random | rngtest -c 2048
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 40960032
rngtest: FIPS 140-2 successes: 2046
rngtest: FIPS 140-2 failures: 2
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 1
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 1
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=320.810; avg=7534.235; max=6510416.667)Kibits/s
rngtest: FIPS tests speed: (min=2.633; avg=12.447; max=14.341)Mibits/s
rngtest: Program run time: 8453324 microseconds
 
Last edited:
john9527 said:
Very nice.....I just added it to my fork :) What are you using for the write threshold (and any other tweaks to the start parms you may have used)?
Click to expand...

Great news for your users :)

I use a magical number 2700 as threshold. It puts higher load on CPU (but still well below 10% from my observation). But only happens when /dev/random is actually used. I agree Debian's default value as suggested by SFX shall be sufficient for almost all home routers.

My complete cmd "haveged -w 2700 -d 32 -i 32 -t 2".

It aligns with 32kb data and instruction caches on my RT-AC56U. I also give it two threads but as haveged says thread is experimental in the project. Indeed it's...using a very outdated threading model. Overall, my threshold and using threads are really overkill but my RT-AC56U as AP is idle most of the time. So I can abuse..
 
sfx2000 said:
One article about entropy, tools, risks, and best practices...

https://lwn.net/Articles/525459/

Without haveged - this take a long time, as the entropy pool runs dry, so the test is blocked until the pool refills...
Click to expand...

Indeed, you're lucky getting back from /dev/random. On my poor platforms such as my RT-AC56U, it blocks forever. So problems are easy to see for a little informed eyes. Either applications switch to use /dev/urandom automatically or a little manual work fixes the issue.

My first few runs were lucky to not have any failures. I got some with more test. But it seems haveged is well crafted. I found its quality is on par with /dev/urandom. Both with a failure rate around 0.08% or less.

sfx2000 said:
And another informed post on entropy...

https://www.2uo.de/myths-about-urandom/

Long read, good info...
Click to expand...

Came across something similar when we first exchanged on entropy (last year? or the yr before?). It's a very good summary. Indeed no need to bump entropy...especially for home routers..but hey haveged seems of good quality..it's independent of /dev/urandom...and it's free :)
 
Last edited:
kvic said:
Came across something similar when we first exchanged on entropy (last year? or the yr before?). It's a very good summary. Indeed no need to bump entropy...especially for home routers..but hey haveged seems of good quality..it's independent of /dev/urandom...and it's free :)
Click to expand...

Actually it does for the little boxen - as the pools empty quickly, and there's not a resources to refill...

Also important for folks on VPS - entropy matters for SSH and memory randomization - and there - on XEN/KVM instances, it's a problem, and with Containers (e.g. Docker/LXC) it's even a more problem... not security so much as /dev/random is blocking when things run low...
 
So is software Haveged good enough or is hardware support of HWRNG in Asuswrt-Merlin an option ?

Is Haveged to be used alone or with rng-tools ?
 
ryzhov_al said:
Just added haveged to Entware-ng repo.
Click to expand...
@ryzhov_al,

What's the package called ? It's not showing up on "https://pkg.entware.net/binaries/armv7/Packages.html".​

Ent.jpg
 
Denna said:
So is software Haveged good enough or is hardware support of HWRNG in Asuswrt-Merlin an option ?

Is Haveged to be used alone or with rng-tools ?
Click to expand...

haveged stands alone, but can work along side rng-tools...
 
@kvic - Thanks for the info...I ran some tests and really didn't see any difference between the 32K and 16K default cache sizes. I also didn't compile with thread support since I saw it was still experimental. I initially chose 2048 for the write watermark (it was the default for rng-tools), and don't see any adverse effects. Just for completeness, here's my result on an AC68P, overclocked to 1.2GHz

Reason this discussion was timely.....dnscrypt added an entropy level 'check' as part of their startup. The router at boot was right on the edge of the value they were checking.

haveged -r0 -w2048

Code: 
# cat /dev/random | rngtest -c 2048
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 40960032
rngtest: FIPS 140-2 successes: 2048
rngtest: FIPS 140-2 failures: 0
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=264.594; avg=4898.109; max=6510416.667)Kibits/s
rngtest: FIPS tests speed: (min=1.682; avg=35.167; max=53.880)Mibits/s
rngtest: Program run time: 9282800 microseconds
 
Well I bought this http://ubld.it/truerng_v3 and it's shipping to me at the moment. IOW expect my script here https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/ to support it in the future. Other dongles like the Entropy Key and OneRNG might work the same way. But let's start with this.

For now my dnscrypt installer script on ARM platform have all the required stuffs to support either having haveged daemon or rngd as rng. As these binaries are small and stored directly on JFFS I can start haveged/rngd at early boot. This should help the router to generate its SSL key and other crypto stuffs faster.

For MIPS based model, unfortunately I do not have one to test. So I will need community help to check my binaries. Was asking John to help with the testing but this time it's like 6 binaries, so I will make a thread for that later.
 
@bigeyes0x0 - Not to rain on your parade, but it's unlikely that the kernel will have the necessary drivers enabled to support the hardware rng device. Will be interesting.
 
You must log in or register to reply here.

Similar threads

sfx2000
/dev/random, rng, entropy, and recent changes in the linux kernel
Replies
1
Views
2K
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
Similar threads
Thread starter Title Forum Replies Date
H DHCP server change Pool Starting Address Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 830 (members: 13, guests: 817)
Top