[liberationtech] Random number generator failure in Rasperri Pis?

Petter Ericson pettter at acc.umu.se
Fri Jul 19 05:55:09 PDT 2013 

On 19 July, 2013 - KheOps wrote:

> Hey,
> 
> Le 19/07/2013 14:22, Petter Ericson a écrit :
> >> Just came accross this article, apparently showing the bad quality of
> >> the hardware RNG in Raspberri Pi devices.
> >>
> >> http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
> > 
> > I see nothing in the blog post indicating that the random data from the
> > Pi HW is bad. Rather, he uses that to show how good random data should look,
> > after which he implements RANDU to show how _not_ to do it.
> > 
> > I have seen this being posted here and there as a "look, Pi HWrand bad"
> > thing, but I have to wonder how many actually read the blog post, considering
> > he even ran rngtest for a thousand runs with no failures on the output of /dev/hwrng
> 
> I might have read it and concluded too fast, and yes obviously he shows
> how another implementation is failing.
> 
> But I see this:
> sudo cat /dev/hwrng | rngtest -c 1000
> which for me refers to the previously installed driver for RasPi
> 
> and then he says: "We were lucky that none of the tests failed for that
> run; sometimes there are a few failures. RANDU, on the other hand fares
> very badly"
> 
> Meaning that RANDU is really bad whereas the RasPi one would be ...
> better but still failing to pass some tests in some occasions?

You raise a good point.

I must admit ignorance in regards to the specifics of linux, HWRNGs, /dev/hwrng
and /dev/random, but my personal guess would be that /dev/hwrng supplies true
random values, while /dev/random is the place to look for properly hashed and
checked random output.

Having true random values fail a FIPS-140 test is definitely not out of the realm
of possibility, though I have no idea how common it would be.

It might be a good idea to do some digging around the components and source code, 
though. If for no other reason than it always is.

Best

/P

-- 
Petter Ericson (pettter at acc.umu.se)
Telecomix Sleeper Jellyfish

More information about the liberationtech mailing list