Anyone using hardware random number generator under Linux?

Solaris, RedHat, FreeBSD and the like
Post Reply
Message
Author
Ground Loop
Sophomore Member
Posts: 174
Joined: Sun Jul 10, 2005 2:19 am

Anyone using hardware random number generator under Linux?

#1 Post by Ground Loop » Thu Jul 28, 2005 4:12 am

Linux has a driver (CONFIG_HW_RANDOM) for a hardware random number generator (entropy source). On systems where I have this working, it's nice to have an unlimited stream of true random values to use for key generation and other things.

When I enable the hardware rng on the ThinkPad T43, the device (/dev/hw_random) provides no data -- it just hangs on read.

The rng-tools do not contribute to the entropy pool either, so reads from /dev/random block for long periods of time.

Anyone else?

staeiou
Posts: 9
Joined: Thu Jun 09, 2005 5:14 pm

#2 Post by staeiou » Thu Aug 18, 2005 8:52 am

Don't know if this will help or not, but /dev/urandom does pretty well generating random values. I think /dev/urandom is slightly less random than /dev/random, but it works much faster. And it doesn't need any hardware.

yossarian
Freshman Member
Posts: 119
Joined: Mon Sep 12, 2005 11:48 pm
Location: Auckland, New Zealand

#3 Post by yossarian » Fri Nov 25, 2005 4:56 am

Do you know who makes the hardware PRNG for the thinkpad t43? perhaps it's just not supported by that particular driver...

or maybe that tcpa software library ibm made will has a few apis that can be used to utilise the hardware

Or does the thinkpad t43 have a hardware prng at all? I don't see it listed anywhere in either windows device manager or linux under lspci/lsusb, unless I've overlooked it.

[update]
http://home.comcast.net/~andrex/hardware-RNG/ suggests that intel no longer do the whole RNG thing in their chipsets. All the intel docs are like 5 years old and reference the 80802 chipset. My thinkpad t43 uses 80801.

I've been taking a look at the ibm released stuff about the tcpa chip, and so far I haven't found a way to access the hardware prng yet, but I am sure there is definitely logic on the tcpa chip that does it, since the tcpa chip uses it to generate its rsa keypairs.

yossarian
Freshman Member
Posts: 119
Joined: Mon Sep 12, 2005 11:48 pm
Location: Auckland, New Zealand

#4 Post by yossarian » Fri Nov 25, 2005 11:28 pm

Good news. TPM_GetRandom is a TPM command in the 1.2 specification. so the rng hardware is controllable by software.

What I'm unsure of is whether any linux drivers actually give access to it, and even if they do, whether they use it to add to /dev/random.

trousers or ibm's tpm driver may or may not enable use of it. I don't know at this stage and won't be experimenting myself for quite a while too.

yossarian
Freshman Member
Posts: 119
Joined: Mon Sep 12, 2005 11:48 pm
Location: Auckland, New Zealand

#5 Post by yossarian » Thu Dec 01, 2005 9:32 pm

The TPM random number generator can be accessed using trousers, IBM's linux tpm stack.

So long story short, there are no kernel drivers that feed TPM's rng data into /dev/random.. for now.

This just means that if you're really keen on using the rng from the tpm, then install trousers and get whatever program in question to call Tspi_TPM_GetRandom for its random data

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Linux Questions”

Who is online

Users browsing this forum: No registered users and 2 guests