View previous topic :: View next topic |
Author |
Message |
jpsollie Guru
Joined: 17 Aug 2013 Posts: 323
|
Posted: Mon Sep 23, 2024 11:13 am Post subject: entropy data sources in gentoo networks |
|
|
Hi everyone,
when digging through a lot of driver issues in hwrng device missing thread, I took a look at other possible sources of entropy.
So, I'd like your thoughts about it:
there are 2 entropy sources (nist and qrypt) which are networking related (but obviously nist is easily interceptable).
What if openrc would broadcast entropy in a non-routed multicast group?
The idea would be to use named pipes combined with UDP packets transferred at random through the network:
the code below illustrates what I was thinking about:
on entropy source 1:
Code: |
rngd -R 5 -i -n nist -n hwrng -n qrypt -O qrypt:tokenfile:qrypt.token &
while [ 1 ]; do read -n 512 err < /dev/random; echo "$err" | nc -w1 -ub 192.168.1.255 20000; sleep 5; done
|
... and off course when using broadcast / multicast groups you can initiate as many entropy devices as you want ...
and on the client:
Code: |
mkfifo /run/entropy.pipe
nohup nc -lk -u -b -p 20000 > /run/entropy.pipe &
rngd -f -R 5 -d -x jitter -x hwrng -x rdrand -n namedpipe -O namedpipe:path:/run/entropy.pipe -O namedpipe:timeout:10
Disabling 6: JITTER Entropy generator (jitter)
Disabling 0: Hardware RNG Device (hwrng)
Disabling 2: Intel RDRAND Instruction RNG (rdrand)
Enabling 10: Named pipe entropy input (namedpipe)
Initializing available sources
[namedpipe]: Initialized
Kernel entropy pool size 256, pool watermark 192
Reading entropy from Named pipe entropy input
Running FIPS test on entropy
entropy successfully gathered, preparing it for the kernel
Added 256/256 bits entropy
Pool full at 256, sleeping!
Added 256/256 bits entropy
Pool full at 256, sleeping!
Added 256/256 bits entropy
Pool full at 256, sleeping!
^C[namedpipe]: Shutting down
|
so, what do you guys think of this idea?
I know, it shouldn't be used as only source ... but it has some opportunities for iot devices not having a proper hwrng, right? _________________ The power of Gentoo optimization (not overclocked): [img]https://www.passmark.com/baselines/V10/images/503714802842.png[/img] |
|
Back to top |
|
|
szatox Advocate
Joined: 27 Aug 2013 Posts: 3477
|
Posted: Mon Sep 23, 2024 1:37 pm Post subject: |
|
|
Quote: | I know, it shouldn't be used as only source ... but it has some opportunities for iot devices not having a proper hwrng, right? |
Take it with a grain of salt, but I think linux supplements entropy using IO jitter, which includes keyboard, disks ( Hooray for HDDs), and also network traffic.
Basically, there is no point in deliberately sending entropy data over network, because it means you are already connected to the network which serves as entropy source just by being there.
Whenever you receive a packet, it is timestamped, turned into a more or less "surprising" random event, and the X-factor is in some way mixed into the pool.
Hwrng, is useful when you need a constant flood of randomness; more than IO and CPU noise can provide (Yes, cpu too; see haveged) _________________ Make Computing Fun Again |
|
Back to top |
|
|
jpsollie Guru
Joined: 17 Aug 2013 Posts: 323
|
Posted: Mon Sep 23, 2024 7:32 pm Post subject: |
|
|
szatox wrote: | Quote: | I know, it shouldn't be used as only source ... but it has some opportunities for iot devices not having a proper hwrng, right? |
Take it with a grain of salt, but I think linux supplements entropy using IO jitter, which includes keyboard, disks ( Hooray for HDDs), and also network traffic.
Basically, there is no point in deliberately sending entropy data over network, because it means you are already connected to the network which serves as entropy source just by being there.
Whenever you receive a packet, it is timestamped, turned into a more or less "surprising" random event, and the X-factor is in some way mixed into the pool.
Hwrng, is useful when you need a constant flood of randomness; more than IO and CPU noise can provide (Yes, cpu too; see haveged) |
That sounds like something which doesn't need too much of a grain of salt.
nonetherless, IoT devices often do not have:
- a hwrng which succeeds FIPS validation
- RDRAND instructions (or ARM equivalent)
- a TPM with built-in random generator
- a HDD, keyboard, ... or proper drivers providing the IO jitter.
On the other side, these days, WiFi latency is a good entropy source probably almost available everywhere ... don't know.
so yeah, its use is pretty limited _________________ The power of Gentoo optimization (not overclocked): [img]https://www.passmark.com/baselines/V10/images/503714802842.png[/img] |
|
Back to top |
|
|
szatox Advocate
Joined: 27 Aug 2013 Posts: 3477
|
Posted: Mon Sep 23, 2024 11:05 pm Post subject: |
|
|
Yeah, they don't have keyboards and hardware generators and instruction sets, but network is chaotic enough.
How much entropy do you actually need there anyway? Basically any noise at all will make the output unguessable.
If you feel like pulling an ugly hack just for fun, you can try reading a floating high impedance input. It's state is undefined and it should act as an antenna collecting EM noise from the environment.
And if you don't mind adding a few components, 2 resistors + opamp give you a white noise generator; I also vaguely recall pink noise from a single resistor. An IoT device suggests a microcontroller, and those li'l babies typically have some GPIO pins not used by the project, and sometimes an extra ADC and so on. Just sayin'. _________________ Make Computing Fun Again |
|
Back to top |
|
|
jpsollie Guru
Joined: 17 Aug 2013 Posts: 323
|
Posted: Tue Sep 24, 2024 6:40 am Post subject: |
|
|
szatox wrote: | Yeah, they don't have keyboards and hardware generators and instruction sets, but network is chaotic enough.
How much entropy do you actually need there anyway? Basically any noise at all will make the output unguessable.
If you feel like pulling an ugly hack just for fun, you can try reading a floating high impedance input. It's state is undefined and it should act as an antenna collecting EM noise from the environment.
And if you don't mind adding a few components, 2 resistors + opamp give you a white noise generator; I also vaguely recall pink noise from a single resistor. An IoT device suggests a microcontroller, and those li'l babies typically have some GPIO pins not used by the project, and sometimes an extra ADC and so on. Just sayin'. |
you're absolutely right ...
but why the hell does something like qrypt exist then?
I mean, if the itter from voltage regulators is a good source of entropy, why did the rng-tools author even bother implementing qrypt? _________________ The power of Gentoo optimization (not overclocked): [img]https://www.passmark.com/baselines/V10/images/503714802842.png[/img] |
|
Back to top |
|
|
szatox Advocate
Joined: 27 Aug 2013 Posts: 3477
|
Posted: Tue Sep 24, 2024 8:59 am Post subject: |
|
|
Quote: | if the itter from voltage regulators is a good source of entropy | Those 2 I mentioned, based on resistors, rely on thermal noise, there's no predicting that.
I actually recalled more interesting circuits, a coil, capacitor and a non-linear element (like a tunnel diode), as well as a resistor + a bipolar transistor plugged in the wrong way. Those 2 have the advantage of producing output voltage high enough to be usable directly.
Qrypt? Never heard of it. You mean this? Code: | https://www.qrypt.com/ |
Judging by _THE_ landing page template, it exists for money. And it has "quantum" in the name, so it must be the best thing in the world (can we have a trollface emote please?)
I mean, it may or may not be good, I am not digging through their marketing campaign to figure that out though. _________________ Make Computing Fun Again |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|