Thinkpads Forum

Est. 1995 - Copyright © 1995-2017 (see FAQ for details)
https://forum.thinkpads.com/

Anyone using hardware random number generator under Linux?

https://forum.thinkpads.com/viewtopic.php?f=9&t=13694

Page 1 of 1

Anyone using hardware random number generator under Linux?

Posted: Thu Jul 28, 2005 4:12 am
by Ground Loop
Linux has a driver (CONFIG_HW_RANDOM) for a hardware random number generator (entropy source). On systems where I have this working, it's nice to have an unlimited stream of true random values to use for key generation and other things.

When I enable the hardware rng on the ThinkPad T43, the device (/dev/hw_random) provides no data -- it just hangs on read.

The rng-tools do not contribute to the entropy pool either, so reads from /dev/random block for long periods of time.

Anyone else?

Posted: Thu Aug 18, 2005 8:52 am
by staeiou
Don't know if this will help or not, but /dev/urandom does pretty well generating random values. I think /dev/urandom is slightly less random than /dev/random, but it works much faster. And it doesn't need any hardware.

Posted: Fri Nov 25, 2005 4:56 am
by yossarian
Do you know who makes the hardware PRNG for the thinkpad t43? perhaps it's just not supported by that particular driver...

or maybe that tcpa software library ibm made will has a few apis that can be used to utilise the hardware

Or does the thinkpad t43 have a hardware prng at all? I don't see it listed anywhere in either windows device manager or linux under lspci/lsusb, unless I've overlooked it.

[update]
http://home.comcast.net/~andrex/hardware-RNG/ suggests that intel no longer do the whole RNG thing in their chipsets. All the intel docs are like 5 years old and reference the 80802 chipset. My thinkpad t43 uses 80801.

I've been taking a look at the ibm released stuff about the tcpa chip, and so far I haven't found a way to access the hardware prng yet, but I am sure there is definitely logic on the tcpa chip that does it, since the tcpa chip uses it to generate its rsa keypairs.

Posted: Fri Nov 25, 2005 11:28 pm
by yossarian
Good news. TPM_GetRandom is a TPM command in the 1.2 specification. so the rng hardware is controllable by software.

What I'm unsure of is whether any linux drivers actually give access to it, and even if they do, whether they use it to add to /dev/random.

trousers or ibm's tpm driver may or may not enable use of it. I don't know at this stage and won't be experimenting myself for quite a while too.

Posted: Thu Dec 01, 2005 9:32 pm
by yossarian
The TPM random number generator can be accessed using trousers, IBM's linux tpm stack.

So long story short, there are no kernel drivers that feed TPM's rng data into /dev/random.. for now.

This just means that if you're really keen on using the rng from the tpm, then install trousers and get whatever program in question to call Tspi_TPM_GetRandom for its random data
All times are UTC-05:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/