Hello to the list,
I'm working on a cryptography project, and one of the things the project
requires is a moderately high-bandwidth source of truly random numbers.
To accomplish this, I set up BSD on a board with a (Soekris) Hifn 7955
accelerator card, but the rate I'm getting by reading out of /dev/srandom
is pretty low (200B/s). However, this has to be coming from the card,
because the machine has no other reasonable source of entropy other than
the network: no hard drive, no keyboard, etc.
Now, unless the card's specs are deceptive, its random number generator
must support a higher rate than this: it claims 70 1024-bit Diffie-Hellman
key exchanges per second, and each such key exchange requires a full
1024-bit random number, which comes out to 8.8kB/s. The minimum data rate
for my application is about 1k/s, and I would strongly prefer not to use a
PRNG.
Is there a more direct way to query the RNG? random(4) claims that the
RNG is not mapped directly to a device (/dev/random is not currently
implemented), but rather that it periodically refreshes the system entropy
pool. Is there a way to force this to occur more often, or to transfer
more data? do the numbers lie, and I'm getting all the data I can?
Thanks for your time,
Mike Hamburg
P.S. I'm looking at different sources of random numbers, and cost and
integration are important factors. Would an AMD Geode LX or VIA C3 or C7
processor's on-board RNG provide a significantly higher data rate than
a Soekris card, at a comparable quality?

12/19/05, Michael Alexander Hamburg <hamburg (AT) fas (DOT) harvard.eduwrote:
Hello to the list,

I'm working on a cryptography project, and one of the things the project
requires is a moderately high-bandwidth source of truly random numbers.
To accomplish this, I set up BSD on a board with a (Soekris) Hifn 7955
accelerator card, but the rate I'm getting by reading out of /dev/srandom
is pretty low (200B/s). However, this has to be coming from the card,
because the machine has no other reasonable source of entropy other than
the network: no hard drive, no keyboard, etc.

Now, unless the card's specs are deceptive, its random number generator
must support a higher rate than this: it claims 70 1024-bit Diffie-Hellman
key exchanges per second, and each such key exchange requires a full
1024-bit random number, which comes out to 8.8kB/s. The minimum data rate
for my application is about 1k/s, and I would strongly prefer not to use a
PRNG.

Is there a more direct way to query the RNG? random(4) claims that the
RNG is not mapped directly to a device (/dev/random is not currently
implemented), but rather that it periodically refreshes the system entropy
pool. Is there a way to force this to occur more often, or to transfer
more data? do the numbers lie, and I'm getting all the data I can?

Thanks for your time,
Mike Hamburg

P.S. I'm looking at different sources of random numbers, and cost and
integration are important factors. Would an AMD Geode LX or VIA C3 or C7
processor's on-board RNG provide a significantly higher data rate than
a Soekris card, at a comparable quality?

What about taking a cord that's plugged into the sound card port and
microphone port, and reading in from the microphone? I've heard that
is a pretty good source of randomness (all that annoying feedback),
although I may be completely wrong, feel free to correct me if I am.

Jason

I tought one of the new features of the Intel Pentium 4, was it's new
real hardware-based random number generator, I remember reading about it.

Also take a look at this:

If you need alot of random numbers in a short time, you are looking for
a pseudo-random device.

Michael Alexander Hamburg wrote:
Hello to the list,

I'm working on a cryptography project, and one of the things the project
requires is a moderately high-bandwidth source of truly random numbers.
To accomplish this, I set up BSD on a board with a (Soekris) Hifn 7955
accelerator card, but the rate I'm getting by reading out of /dev/srandom
is pretty low (200B/s). However, this has to be coming from the card,
because the machine has no other reasonable source of entropy other than
the network: no hard drive, no keyboard, etc.

Now, unless the card's specs are deceptive, its random number generator
must support a higher rate than this: it claims 70 1024-bit Diffie-Hellman
key exchanges per second, and each such key exchange requires a full
1024-bit random number, which comes out to 8.8kB/s. The minimum data rate
for my application is about 1k/s, and I would strongly prefer not to use a
PRNG.

Is there a more direct way to query the RNG? random(4) claims that the
RNG is not mapped directly to a device (/dev/random is not currently
implemented), but rather that it periodically refreshes the system entropy
pool. Is there a way to force this to occur more often, or to transfer
more data? do the numbers lie, and I'm getting all the data I can?

Thanks for your time,
Mike Hamburg

P.S. I'm looking at different sources of random numbers, and cost and
integration are important factors. Would an AMD Geode LX or VIA C3 or C7
processor's on-board RNG provide a significantly higher data rate than
a Soekris card, at a comparable quality?