Adventures in random: /dev/urandom

[smasher]

Checking out the RT-AC68U's /dev/urandom and running some tests on it.

I collected a few large chunks of entropy from the AC68U's /dev/urandom:

ssh -T sh.ac68u.lan 'dd if=/dev/urandom bs=64k count=350000' > dev-urandom-ac68u-dd-xxxx

To repeat these tests, be sure to use ssh's "-T" flag, otherwise NL (0xa) characters will be converted into CR-NL (0xd, 0xa). That will cause a lot of dieharder's tests to indicate failure. That was something I overlooked when I wanted to "just check it out real quick", and ultimately led me to a more in-depth analysis, documented here.

The quality of the entropy was checked using dieharder and ent. Testing was done on four files, each between 18GB and 22GB, totalling 75GB. Only one of the dieharder test runs resulted in a "rewind" mid-test, after a "weak" result was found; during the follow-up test which invoked the rewind, it passed.

Here's the dieharder command used for testing.

dieharder -g 201 -s 1 -Y 1 -a -f dev-urandom-ac68u-dd-xxxx

nb, the "-Y 1" option repeats ambiguous "weak" tests until they pass or fail. During testing on four large chunks of entropy from /dev/urandom there were zero failures. The "-s 1" "rewinds" the file to the beginning when each test is started; this makes it possible to do meaningful tests with files closer to 20GB, rather than 250GB.

Output from the worst of four runs of dieharder.
* Too big to post here - See comments *

Here's the ent command used for testing:

ent -c dev-urandom-ac68u-dd-xxxx

Here's the summary from the worst of three runs of ent. The table of the number of occurrences of each possible byte (the "-c" option) is too big to include here, so I'll leave that as a comment.

Total:    18264666112   1.000000

Entropy = 8.000000 bits per byte.

Optimum compression would reduce the size
of this 18264666112 byte file by 0 percent.

Chi square distribution for 18264666112 samples is 237.59, and randomly
would exceed this value 77.62 percent of the times.

Arithmetic mean value of data bytes is 127.4995 (127.5 = random).
Monte Carlo value for Pi is 3.141616357 (error 0.00 percent).
Serial correlation coefficient is 0.000010 (totally uncorrelated = 0.0).

Tested with RT-AC68U, Merlin 384.13

 

[smasher]

Output from the worst of four dieharder runs: (minus enough headers to make it fit here)

   rng_name    |           filename             |rands/second|
 file_input_raw| dev-urandom-ac68u-dd-xxxx      |  4.15e+07  |
#=============================================================================#
        test_name   |ntup| tsamples |psamples|  p-value |Assessment|    Seed
#=============================================================================#
   diehard_birthdays|   0|       100|     100|0.61636244|  PASSED  | 655021808
      diehard_operm5|   0|   1000000|     100|0.02276139|  PASSED  | 572979106
  diehard_rank_32x32|   0|     40000|     100|0.58595553|  PASSED  | 411076728
    diehard_rank_6x8|   0|    100000|     100|0.49040524|  PASSED  | 387094270
   diehard_bitstream|   0|   2097152|     100|0.32791882|  PASSED  |4191990396
        diehard_opso|   0|   2097152|     100|0.99887202|   WEAK   |1237411339
        diehard_opso|   0|   2097152|     200|0.96336115|  PASSED  |1237411339
        diehard_oqso|   0|   2097152|     100|0.09837434|  PASSED  |4046011082
         diehard_dna|   0|   2097152|     100|0.86500475|  PASSED  |3737262783
diehard_count_1s_str|   0|    256000|     100|0.63979388|  PASSED  |3746282687
diehard_count_1s_byt|   0|    256000|     100|0.42030723|  PASSED  |1233007362
 diehard_parking_lot|   0|     12000|     100|0.37143226|  PASSED  |2416469256
    diehard_2dsphere|   2|      8000|     100|0.87691835|  PASSED  |1054677675
    diehard_3dsphere|   3|      4000|     100|0.26231726|  PASSED  |1849592727
     diehard_squeeze|   0|    100000|     100|0.75670768|  PASSED  |1375244118
        diehard_sums|   0|       100|     100|0.59874906|  PASSED  |3053496631
        diehard_runs|   0|    100000|     100|0.42189842|  PASSED  | 256395939
        diehard_runs|   0|    100000|     100|0.36095171|  PASSED  | 256395939
       diehard_craps|   0|    200000|     100|0.53320970|  PASSED  |1913205019
       diehard_craps|   0|    200000|     100|0.77362325|  PASSED  |1913205019
 marsaglia_tsang_gcd|   0|  10000000|     100|0.61044516|  PASSED  |2803765125
 marsaglia_tsang_gcd|   0|  10000000|     100|0.44320802|  PASSED  |2803765125
         sts_monobit|   1|    100000|     100|0.34793499|  PASSED  |1402984118
            sts_runs|   2|    100000|     100|0.90468087|  PASSED  |2492875869
          sts_serial|   1|    100000|     100|0.34793499|  PASSED  |2703155037
          sts_serial|   2|    100000|     100|0.65494525|  PASSED  |2703155037
          sts_serial|   3|    100000|     100|0.96242152|  PASSED  |2703155037
          sts_serial|   3|    100000|     100|0.04681277|  PASSED  |2703155037
          sts_serial|   4|    100000|     100|0.11411276|  PASSED  |2703155037
          sts_serial|   4|    100000|     100|0.57455464|  PASSED  |2703155037
          sts_serial|   5|    100000|     100|0.64230902|  PASSED  |2703155037
          sts_serial|   5|    100000|     100|0.24397470|  PASSED  |2703155037
          sts_serial|   6|    100000|     100|0.22451427|  PASSED  |2703155037
          sts_serial|   6|    100000|     100|0.84355888|  PASSED  |2703155037
          sts_serial|   7|    100000|     100|0.60926545|  PASSED  |2703155037
          sts_serial|   7|    100000|     100|0.96455820|  PASSED  |2703155037
          sts_serial|   8|    100000|     100|0.09306453|  PASSED  |2703155037
          sts_serial|   8|    100000|     100|0.05140748|  PASSED  |2703155037
          sts_serial|   9|    100000|     100|0.52446217|  PASSED  |2703155037
          sts_serial|   9|    100000|     100|0.25431439|  PASSED  |2703155037
          sts_serial|  10|    100000|     100|0.13534040|  PASSED  |2703155037
          sts_serial|  10|    100000|     100|0.61517168|  PASSED  |2703155037
          sts_serial|  11|    100000|     100|0.45677693|  PASSED  |2703155037
          sts_serial|  11|    100000|     100|0.93602040|  PASSED  |2703155037
          sts_serial|  12|    100000|     100|0.57688250|  PASSED  |2703155037
          sts_serial|  12|    100000|     100|0.69789492|  PASSED  |2703155037
          sts_serial|  13|    100000|     100|0.41501463|  PASSED  |2703155037
          sts_serial|  13|    100000|     100|0.54541710|  PASSED  |2703155037
          sts_serial|  14|    100000|     100|0.46444861|  PASSED  |2703155037
          sts_serial|  14|    100000|     100|0.41986042|  PASSED  |2703155037
          sts_serial|  15|    100000|     100|0.16182905|  PASSED  |2703155037
          sts_serial|  15|    100000|     100|0.10411316|  PASSED  |2703155037
          sts_serial|  16|    100000|     100|0.05560078|  PASSED  |2703155037
          sts_serial|  16|    100000|     100|0.74832379|  PASSED  |2703155037
         rgb_bitdist|   1|    100000|     100|0.62255261|  PASSED  | 952234668
         rgb_bitdist|   2|    100000|     100|0.43135136|  PASSED  |1853644072
         rgb_bitdist|   3|    100000|     100|0.58223038|  PASSED  |1030593319
         rgb_bitdist|   4|    100000|     100|0.44094449|  PASSED  |2073289774
         rgb_bitdist|   5|    100000|     100|0.56208370|  PASSED  |2242094854
         rgb_bitdist|   6|    100000|     100|0.44607743|  PASSED  |1889364776
         rgb_bitdist|   7|    100000|     100|0.85660248|  PASSED  |3290547602
         rgb_bitdist|   8|    100000|     100|0.99896959|   WEAK   | 376369847
         rgb_bitdist|   8|    100000|     200|0.98596833|  PASSED  | 376369847
         rgb_bitdist|   9|    100000|     100|0.34497203|  PASSED  |1340024000
         rgb_bitdist|  10|    100000|     100|0.44871054|  PASSED  |1256259559
         rgb_bitdist|  11|    100000|     100|0.18703351|  PASSED  |4029113698
         rgb_bitdist|  12|    100000|     100|0.38201043|  PASSED  |2094248835
rgb_minimum_distance|   2|     10000|    1000|0.89968124|  PASSED  |2081483781
rgb_minimum_distance|   3|     10000|    1000|0.66596941|  PASSED  |2740182905
rgb_minimum_distance|   4|     10000|    1000|0.23934493|  PASSED  | 453361285
rgb_minimum_distance|   5|     10000|    1000|0.00539585|  PASSED  |2349568869
    rgb_permutations|   2|    100000|     100|0.37268625|  PASSED  |2699420681
    rgb_permutations|   3|    100000|     100|0.92782468|  PASSED  |3544172399
    rgb_permutations|   4|    100000|     100|0.14247783|  PASSED  |2936599046
    rgb_permutations|   5|    100000|     100|0.69115115|  PASSED  |4162033280
      rgb_lagged_sum|   0|   1000000|     100|0.33985734|  PASSED  |3364641994
      rgb_lagged_sum|   1|   1000000|     100|0.77718331|  PASSED  |3658875617
      rgb_lagged_sum|   2|   1000000|     100|0.15524482|  PASSED  |4142963960
      rgb_lagged_sum|   3|   1000000|     100|0.83010228|  PASSED  |1913627108
      rgb_lagged_sum|   4|   1000000|     100|0.88734223|  PASSED  |3639249619
      rgb_lagged_sum|   5|   1000000|     100|0.66550274|  PASSED  |2974661697
      rgb_lagged_sum|   6|   1000000|     100|0.40934196|  PASSED  |3361701298
      rgb_lagged_sum|   7|   1000000|     100|0.16555349|  PASSED  |2757132878
      rgb_lagged_sum|   8|   1000000|     100|0.99537437|   WEAK   |2742708289
      rgb_lagged_sum|   8|   1000000|     200|0.99999349|   WEAK   |2742708289
      rgb_lagged_sum|   8|   1000000|     300|0.91281829|  PASSED  |2742708289
      rgb_lagged_sum|   9|   1000000|     100|0.82041308|  PASSED  | 344180598
      rgb_lagged_sum|  10|   1000000|     100|0.96217385|  PASSED  |  62834291
      rgb_lagged_sum|  11|   1000000|     100|0.21565726|  PASSED  |1844905516
      rgb_lagged_sum|  12|   1000000|     100|0.83900449|  PASSED  |3238555859
      rgb_lagged_sum|  13|   1000000|     100|0.63457582|  PASSED  | 476584382
      rgb_lagged_sum|  14|   1000000|     100|0.75453704|  PASSED  |1815354595
      rgb_lagged_sum|  15|   1000000|     100|0.54224251|  PASSED  |1240323327
      rgb_lagged_sum|  16|   1000000|     100|0.95785384|  PASSED  |4059748876
      rgb_lagged_sum|  17|   1000000|     100|0.98341409|  PASSED  |2599487049
      rgb_lagged_sum|  18|   1000000|     100|0.35124462|  PASSED  |2155780316
      rgb_lagged_sum|  19|   1000000|     100|0.61472459|  PASSED  |2405085578
      rgb_lagged_sum|  20|   1000000|     100|0.47324235|  PASSED  | 753998565
      rgb_lagged_sum|  21|   1000000|     100|0.82842043|  PASSED  |3188446868
      rgb_lagged_sum|  22|   1000000|     100|0.85921723|  PASSED  |3800779187
      rgb_lagged_sum|  23|   1000000|     100|0.99038219|  PASSED  |2719824109
      rgb_lagged_sum|  24|   1000000|     100|0.37838555|  PASSED  |3704839947
      rgb_lagged_sum|  25|   1000000|     100|0.33555200|  PASSED  |3609211681
      rgb_lagged_sum|  26|   1000000|     100|0.56633579|  PASSED  | 603260102
      rgb_lagged_sum|  27|   1000000|     100|0.66609487|  PASSED  |3398189367
      rgb_lagged_sum|  28|   1000000|     100|0.84231460|  PASSED  |3231002618
      rgb_lagged_sum|  29|   1000000|     100|0.86633405|  PASSED  | 460172942
      rgb_lagged_sum|  30|   1000000|     100|0.88268914|  PASSED  |  36619135
      rgb_lagged_sum|  31|   1000000|     100|0.80745597|  PASSED  |2568904541
      rgb_lagged_sum|  32|   1000000|     100|0.80913937|  PASSED  |3174355902
     rgb_kstest_test|   0|     10000|    1000|0.48460171|  PASSED  |1779508437
     dab_bytedistrib|   0|  51200000|       1|0.15909799|  PASSED  |3919849743
             dab_dct| 256|     50000|       1|0.48205236|  PASSED  | 875371068
Preparing to run test 207.  ntuple = 0
        dab_filltree|  32|  15000000|       1|0.70961976|  PASSED  |2084750299
        dab_filltree|  32|  15000000|       1|0.23313512|  PASSED  |2084750299
Preparing to run test 208.  ntuple = 0
       dab_filltree2|   0|   5000000|       1|0.31899339|  PASSED  |1104394593
       dab_filltree2|   1|   5000000|       1|0.70576237|  PASSED  |1104394593
Preparing to run test 209.  ntuple = 0
        dab_monobit2|  12|  65000000|       1|0.00966207|  PASSED  |3829269606

 

[smasher]

Output from the worst of four ent tests:

Value Char Occurrences Fraction
  0         71364167   0.003907
  1         71349807   0.003906
  2         71340409   0.003906
  3         71337463   0.003906
  4         71351816   0.003907
  5         71372912   0.003908
  6         71348932   0.003906
  7         71363586   0.003907
  8         71350358   0.003906
  9         71355864   0.003907
 10         71344434   0.003906
 11         71337775   0.003906
 12         71362762   0.003907
 13         71331661   0.003905
 14         71342180   0.003906
 15         71348548   0.003906
 16         71333485   0.003906
 17         71350358   0.003906
 18         71353282   0.003907
 19         71347908   0.003906
 20         71344049   0.003906
 21         71356682   0.003907
 22         71349213   0.003906
 23         71348749   0.003906
 24         71352865   0.003907
 25         71350795   0.003906
 26         71345114   0.003906
 27         71342022   0.003906
 28         71348579   0.003906
 29         71343030   0.003906
 30         71343497   0.003906
 31         71338265   0.003906
 32         71349756   0.003906
 33   !     71352656   0.003907
 34   "     71337557   0.003906
 35   #     71349948   0.003906
 36   $     71348286   0.003906
 37   %     71351072   0.003907
 38   &     71346572   0.003906
 39   '     71331568   0.003905
 40   (     71358176   0.003907
 41   )     71364464   0.003907
 42   *     71334974   0.003906
 43   +     71340908   0.003906
 44   ,     71349077   0.003906
 45   -     71349605   0.003906
 46   .     71354354   0.003907
 47   /     71352083   0.003907
 48   0     71333369   0.003906
 49   1     71352451   0.003907
 50   2     71346977   0.003906
 51   3     71348993   0.003906
 52   4     71354350   0.003907
 53   5     71359464   0.003907
 54   6     71346515   0.003906
 55   7     71340788   0.003906
 56   8     71338284   0.003906
 57   9     71349144   0.003906
 58   :     71341534   0.003906
 59   ;     71355728   0.003907
 60   <     71347912   0.003906
 61   =     71336465   0.003906
 62   >     71346866   0.003906
 63   ?     71354803   0.003907
 64   @     71354763   0.003907
 65   A     71351871   0.003907
 66   B     71337803   0.003906
 67   C     71333951   0.003906
 68   D     71345210   0.003906
 69   E     71349349   0.003906
 70   F     71356333   0.003907
 71   G     71343019   0.003906
 72   H     71348076   0.003906
 73   I     71365691   0.003907
 74   J     71355083   0.003907
 75   K     71352803   0.003907
 76   L     71358577   0.003907
 77   M     71334720   0.003906
 78   N     71326010   0.003905
 79   O     71347058   0.003906
 80   P     71345918   0.003906
 81   Q     71346776   0.003906
 82   R     71337015   0.003906
 83   S     71341787   0.003906
 84   T     71350993   0.003907
 85   U     71354944   0.003907
 86   V     71349624   0.003906
 87   W     71340588   0.003906
 88   X     71333108   0.003906
 89   Y     71344549   0.003906
 90   Z     71345613   0.003906
 91   [     71336761   0.003906
 92   \     71352024   0.003907
 93   ]     71342905   0.003906
 94   ^     71352473   0.003907
 95   _     71348319   0.003906
 96   `     71348040   0.003906
 97   a     71344221   0.003906
 98   b     71359242   0.003907
 99   c     71322568   0.003905
100   d     71346374   0.003906
101   e     71340912   0.003906
102   f     71356868   0.003907
103   g     71338559   0.003906
104   h     71346069   0.003906
105   i     71340509   0.003906
106   j     71350102   0.003906
107   k     71353695   0.003907
108   l     71344892   0.003906
109   m     71346319   0.003906
110   n     71332628   0.003905
111   o     71343044   0.003906
112   p     71338580   0.003906
113   q     71343907   0.003906
114   r     71339469   0.003906
115   s     71341367   0.003906
116   t     71340182   0.003906
117   u     71323555   0.003905
118   v     71354072   0.003907
119   w     71342928   0.003906
120   x     71353171   0.003907
121   y     71341630   0.003906
122   z     71345084   0.003906
123   {     71339728   0.003906
124   |     71347600   0.003906
125   }     71333408   0.003906
126   ~     71334948   0.003906
127         71365020   0.003907
128         71342427   0.003906
129         71334642   0.003906
130         71341726   0.003906
131         71342388   0.003906
132         71340840   0.003906
133         71346674   0.003906
134         71354253   0.003907
135         71341405   0.003906
136         71339860   0.003906
137         71352245   0.003907
138         71345990   0.003906
139         71349974   0.003906
140         71345046   0.003906
141         71352650   0.003907
142         71346869   0.003906
143         71345896   0.003906
144         71327703   0.003905
145         71348907   0.003906
146         71330374   0.003905
147         71334081   0.003906
148         71354260   0.003907
149         71349562   0.003906
150         71346546   0.003906
151         71352491   0.003907
152         71349572   0.003906
153         71351064   0.003907
154         71339992   0.003906
155         71355863   0.003907
156         71355524   0.003907
157         71327311   0.003905
158         71347901   0.003906
159         71342852   0.003906
160         71342897   0.003906
161   �     71336376   0.003906
162   �     71345275   0.003906
163   �     71351487   0.003907
164   �     71341171   0.003906
165   �     71346146   0.003906
166   �     71357078   0.003907
167   �     71342860   0.003906
168   �     71332845   0.003906
169   �     71336454   0.003906
170   �     71346114   0.003906
171   �     71339944   0.003906
172   �     71362853   0.003907
173   �     71339955   0.003906
174   �     71356076   0.003907
175   �     71348786   0.003906
176   �     71350246   0.003906
177   �     71360025   0.003907
178   �     71350780   0.003906
179   �     71353212   0.003907
180   �     71352363   0.003907
181   �     71345234   0.003906
182   �     71335215   0.003906
183   �     71344021   0.003906
184   �     71353721   0.003907
185   �     71347916   0.003906
186   �     71340919   0.003906
187   �     71339001   0.003906
188   �     71347345   0.003906
189   �     71348307   0.003906
190   �     71362442   0.003907
191   �     71335962   0.003906
192   �     71351159   0.003907
193   �     71356755   0.003907
194   �     71337353   0.003906
195   �     71343488   0.003906
196   �     71339276   0.003906
197   �     71353068   0.003907
198   �     71360529   0.003907
199   �     71351609   0.003907
200   �     71365217   0.003907
201   �     71340094   0.003906
202   �     71343644   0.003906
203   �     71348380   0.003906
204   �     71333763   0.003906
205   �     71344687   0.003906
206   �     71343020   0.003906
207   �     71342388   0.003906
208   �     71347146   0.003906
209   �     71344224   0.003906
210   �     71352243   0.003907
211   �     71336297   0.003906
212   �     71352782   0.003907
213   �     71338765   0.003906
214   �     71344965   0.003906
215   �     71349269   0.003906
216   �     71341803   0.003906
217   �     71352092   0.003907
218   �     71342761   0.003906
219   �     71331648   0.003905
220   �     71348737   0.003906
221   �     71336653   0.003906
222   �     71347380   0.003906
223   �     71350808   0.003906
224   �     71355941   0.003907
225   �     71354504   0.003907
226   �     71350659   0.003906
227   �     71353522   0.003907
228   �     71332359   0.003905
229   �     71348212   0.003906
230   �     71346609   0.003906
231   �     71342768   0.003906
232   �     71346056   0.003906
233   �     71348211   0.003906
234   �     71338864   0.003906
235   �     71348122   0.003906
236   �     71336555   0.003906
237   �     71357113   0.003907
238   �     71354030   0.003907
239   �     71358224   0.003907
240   �     71342523   0.003906
241   �     71352956   0.003907
242   �     71347922   0.003906
243   �     71346023   0.003906
244   �     71347801   0.003906
245   �     71337673   0.003906
246   �     71334358   0.003906
247   �     71346249   0.003906
248   �     71351278   0.003907
249   �     71340858   0.003906
250   �     71337733   0.003906
251   �     71356507   0.003907
252   �     71341607   0.003906
253   �     71348576   0.003906
254   �     71356527   0.003907
255   �     71346184   0.003906

Total:    18264666112   1.000000

Entropy = 8.000000 bits per byte.

Optimum compression would reduce the size
of this 18264666112 byte file by 0 percent.

Chi square distribution for 18264666112 samples is 237.59, and randomly
would exceed this value 77.62 percent of the times.

Arithmetic mean value of data bytes is 127.4995 (127.5 = random).
Monte Carlo value for Pi is 3.141616357 (error 0.00 percent).
Serial correlation coefficient is 0.000010 (totally uncorrelated = 0.0).

 

[sfx2000]

Checking out the RT-AC68U's /dev/urandom and running some tests on it.

Might want to check out this thread - lot of good contributions and findings..

https://www.snbforums.com/threads/entropy-pool.34992/

 

[smasher]

Here's results from running each of the collected files through "rngtest".

for n in dev-urandom-ac68u-dd-*
do
        echo
        echo
        echo "*** $n"
        time nice rngtest < $n
done


*** dev-urandom-ac68u-dd-xxxxxxx413
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: entropy source drained
rngtest: bits received from input: 163208757248
rngtest: FIPS 140-2 successes: 8154020
rngtest: FIPS 140-2 failures: 6417
rngtest: FIPS 140-2(2001-10-10) Monobit: 880
rngtest: FIPS 140-2(2001-10-10) Poker: 787
rngtest: FIPS 140-2(2001-10-10) Runs: 2378
rngtest: FIPS 140-2(2001-10-10) Long run: 2398
rngtest: FIPS 140-2(2001-10-10) Continuous run: 1
rngtest: input channel speed: (min=106.822; avg=2108331.818; max=19531250.000)Kibits/s
rngtest: FIPS tests speed: (min=2.173; avg=123.454; max=196.634)Mibits/s
rngtest: Program run time: 1338010290 microseconds
 ## nice rngtest < $n
 ## 21:01.36 user, 30.984 system, 96% cpu, 22:18.01 total


*** dev-urandom-ac68u-dd-xxxxxxx003
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: entropy source drained
rngtest: bits received from input: 146117328896
rngtest: FIPS 140-2 successes: 7299961
rngtest: FIPS 140-2 failures: 5905
rngtest: FIPS 140-2(2001-10-10) Monobit: 783
rngtest: FIPS 140-2(2001-10-10) Poker: 762
rngtest: FIPS 140-2(2001-10-10) Runs: 2212
rngtest: FIPS 140-2(2001-10-10) Long run: 2181
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=31.749; avg=1935892.564; max=19531250.000)Kibits/s
rngtest: FIPS tests speed: (min=1.831; avg=122.708; max=196.634)Mibits/s
rngtest: Program run time: 1210975507 microseconds
 ## nice rngtest < $n
 ## 18:56.60 user, 29.221 system, 96% cpu, 20:10.98 total


*** dev-urandom-ac68u-dd-xxxxxxx031
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: entropy source drained
rngtest: bits received from input: 146443894784
rngtest: FIPS 140-2 successes: 7316556
rngtest: FIPS 140-2 failures: 5638
rngtest: FIPS 140-2(2001-10-10) Monobit: 715
rngtest: FIPS 140-2(2001-10-10) Poker: 734
rngtest: FIPS 140-2(2001-10-10) Runs: 2147
rngtest: FIPS 140-2(2001-10-10) Long run: 2080
rngtest: FIPS 140-2(2001-10-10) Continuous run: 2
rngtest: input channel speed: (min=110.107; avg=2167536.651; max=19531250.000)Kibits/s
rngtest: FIPS tests speed: (min=1.176; avg=124.643; max=190.735)Mibits/s
rngtest: Program run time: 1187907111 microseconds
 ## nice rngtest < $n
 ## 18:40.93 user, 28.032 system, 96% cpu, 19:47.91 total


*** dev-urandom-ac68u-dd-xxxxxxx362
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: entropy source drained
rngtest: bits received from input: 183500800000
rngtest: FIPS 140-2 successes: 9167847
rngtest: FIPS 140-2 failures: 7192
rngtest: FIPS 140-2(2001-10-10) Monobit: 939
rngtest: FIPS 140-2(2001-10-10) Poker: 874
rngtest: FIPS 140-2(2001-10-10) Runs: 2699
rngtest: FIPS 140-2(2001-10-10) Long run: 2727
rngtest: FIPS 140-2(2001-10-10) Continuous run: 1
rngtest: input channel speed: (min=9.623; avg=1686849.962; max=19531250.000)Kibits/s
rngtest: FIPS tests speed: (min=1.676; avg=125.613; max=190.735)Mibits/s
rngtest: Program run time: 1501049089 microseconds
 ## nice rngtest < $n
 ## 23:14.81 user, 32.379 system, 95% cpu, 25:01.05 total

nb, some failures are to be expected from good RNGs using these tests - http://www.fdk.com/cyber-e/pdf/HM-RAE103.pdf

FIPS 140-2 failure rate - http://www.bitbabbler.org/test-data/graphs/GEFSTF/fips-graphs.html

 

[sfx2000]

Here's results from running each of the collected files through "rngtest".

Interesting - as each sample would be expected be to very close... as you mention, some errors can be expected.

Curious as to why the investigation?

 

[smasher]

Curious as to why the investigation?

At first I just wanted to "check it out really quick". I implicitly included a "-t" flag in my ssh command, which screwed up the line-endings, and caused massive failures in the tests. From there, I started digging deeper, and before I knew it, I had some good data that I hadn't seen shared previously, so I figured it may be of interest to others.

 

[smasher]

Just installed haveged, and it's only been up a few hours, but I'm noticing much more stable/reliable ssh connections via wifi. And the entropy tests are looking good.

The results from dieharder are excessively verbose, so here's a summary, comparing the new results to the four previous (without haveged) results. In this most recent test with haveged, two of the "rgb_lagged_sum" tests were "weak", but both resolved to "passed". All other tests passed without a hitch. Since dieharder with "-Y 1" resolved all of these "weak" tests (from all of these entropy samples) to "pass", I'm just averaging out the results from the "passed" tests. I'd expect them to be in the realm of 0.5, and that's close enough to what I'm seeing here:

dieharder-ac68u-dd-dev-urandom-xxxxxxx413
.53718922350877192982

dieharder-ac68u-dd-dev-urandom-xxxxxxx003
.54459643149122807017

dieharder-ac68u-dd-dev-urandom-xxxxxxx031
.57074886678260869565

dieharder-ac68u-dd-dev-urandom-xxxxxxx362
.52350476754385964912

dieharder-ac68u-dd-urandom-haveged-xxxxxxx897
.55262435929824561403

Summary from "ent -c dev-urandom-ac68u-dd-haveged-xxxxxxx897"

Entropy = 8.000000 bits per byte.

Optimum compression would reduce the size
of this 22937600000 byte file by 0 percent.

Chi square distribution for 22937600000 samples is 247.31, and randomly
would exceed this value 62.33 percent of the times.

Arithmetic mean value of data bytes is 127.5004 (127.5 = random).
Monte Carlo value for Pi is 3.141589445 (error 0.00 percent).
Serial correlation coefficient is 0.000002 (totally uncorrelated = 0.0).

The character counts are too boring to include, with 22937600000 bytes, and all characters showing up within 5 decimal places of frequency/occurrence. Here's a few lines:

 65   A     89605290   0.003906
 66   B     89595028   0.003906
 67   C     89591011   0.003906
 68   D     89594420   0.003906
 69   E     89604531   0.003906
 70   F     89616599   0.003907
 71   G     89604563   0.003906
 72   H     89609953   0.003907
 73   I     89613433   0.003907
 74   J     89596074   0.003906
 75   K     89588104   0.003906
 76   L     89594231   0.003906

These were the only outliers outside of the 0.003906-0.003907 range.

 29         89580462   0.003905
 52   4     89579185   0.003905
101   e     89580022   0.003905
102   f     89581601   0.003905
230   �     89579052   0.003905

Output from "nice rngtest < dev-urandom-ac68u-dd-haveged-xxxxxxx897"

rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: entropy source drained
rngtest: bits received from input: 183500800000
rngtest: FIPS 140-2 successes: 9167765
rngtest: FIPS 140-2 failures: 7274
rngtest: FIPS 140-2(2001-10-10) Monobit: 987
rngtest: FIPS 140-2(2001-10-10) Poker: 957
rngtest: FIPS 140-2(2001-10-10) Runs: 2737
rngtest: FIPS 140-2(2001-10-10) Long run: 2645
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=24.751; avg=2646523.418; max=19531250.000)Kibits/s
rngtest: FIPS tests speed: (min=8.599; avg=145.853; max=196.634)Mibits/s
rngtest: Program run time: 1268724489 microseconds

Looks good, with "failures" in the range expected for good RNGs.

If things go well, it'll take me a day or two to collect 22GB of contiguous entropy from /dev/random (with haveged) and then we'll see how that looks.

What I'm seeing so far, with the tremendously improved stability and reliability of ssh into the router, this looks like an argument for including haveged (or similar) in the standard builds.

 

[sfx2000]

What I'm seeing so far, with the tremendously improved stability and reliability of ssh into the router, this looks like an argument for including haveged (or similar) in the standard builds.

Not sure if @RMerlin includes it in his builds, but I know that John's LTS fork does include it for the MIPS and ARM targets he supports.

It helps big time with stubby and dnscrypt - anyways, happy to have convinced another forum member of the advantages of haveged

 

[sfx2000]

If things go well, it'll take me a day or two to collect 22GB of contiguous entropy from /dev/random (with haveged) and then we'll see how that looks.

Should only need about 1GB for most of the dieharder tests

 

[smasher]

Should only need about 1GB for most of the dieharder tests

With the "-a -Y 1" options, I've seen it read more than 15-20GB into a file. Without the "-s 1", I've seen it eat 220-250GB to go through the tests.

 

[smasher]

With haveged running on the RT-AC68U, I collected about 25GB of entropy from /dev/random, which took about 15.5 hours. That's ≈470KB/s, or >35GB/day, from /dev/random, writing to a USB hard-drive.

nohup time cat /dev/random > /tmp/mnt/a500/dev-Random-ac68u-cat-haveged-xxxxxxx112

Good thing I used nohup, because the ssh connection died at about 12GB, but the command kept running.

And the test results...

The results from dieharder are excessively verbose for this forum. In this most recent test with haveged, two of the "rgb_lagged_sum" tests were "weak", but both resolved to "passed". All other tests passed without a hitch. Since dieharder with "-Y 1" resolved all of these "weak" tests (from all of these entropy samples) to "pass", I'm just averaging out the results from the "passed" tests. I'd expect them to be in the realm of 0.5, and that's close enough to what I'm seeing here.

dieharder-ac68u-dd-dev-urandom-xxxxxxx413
.53718922350877192982

dieharder-ac68u-dd-dev-urandom-xxxxxxx003
.54459643149122807017

dieharder-ac68u-dd-dev-urandom-xxxxxxx031
.57074886678260869565

dieharder-ac68u-dd-dev-urandom-xxxxxxx362
.52350476754385964912

dieharder-ac68u-dd-urandom-haveged-xxxxxxx897
.55262435929824561403

dieharder-ac68u-random-haveged-xxxxxxx112
.53783488385964912280

Summary from "ent -c dev-Random-ac68u-cat-haveged-xxxxxxx112"

Total:    27037093147   1.000000

Entropy = 8.000000 bits per byte.

Optimum compression would reduce the size
of this 27037093147 byte file by 0 percent.

Chi square distribution for 27037093147 samples is 253.54, and randomly
would exceed this value 51.41 percent of the times.

Arithmetic mean value of data bytes is 127.4995 (127.5 = random).
Monte Carlo value for Pi is 3.141627534 (error 0.00 percent).
Serial correlation coefficient is 0.000003 (totally uncorrelated = 0.0).

The character counts are too boring to include, with 27037093147 bytes, and all characters showing up within 5 decimal places of frequency/occurrence. Here's a few lines:

 65   A    105601562   0.003906
 66   B    105611127   0.003906
 67   C    105616562   0.003906
 68   D    105607827   0.003906
 69   E    105611015   0.003906
 70   F    105623412   0.003907
 71   G    105619665   0.003906
 72   H    105628369   0.003907
 73   I    105604841   0.003906
 74   J    105614427   0.003906
 75   K    105615621   0.003906
 76   L    105629208   0.003907

These were the only outliers outside of the 0.003906-0.003907 range.

 14        105583561   0.003905
 61   =    105588554   0.003905
185   �    105592298   0.003905
187   �    105591778   0.003905
240   �    105589558   0.003905

Output from "nice rngtest < dev-Random-ac68u-cat-haveged-xxxxxxx112"

rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: entropy source drained
rngtest: bits received from input: 216296745176
rngtest: FIPS 140-2 successes: 10806130
rngtest: FIPS 140-2 failures: 8707
rngtest: FIPS 140-2(2001-10-10) Monobit: 1161
rngtest: FIPS 140-2(2001-10-10) Poker: 1108
rngtest: FIPS 140-2(2001-10-10) Runs: 3232
rngtest: FIPS 140-2(2001-10-10) Long run: 3266
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=52.323; avg=2678930.693; max=19531250.000)Kibits/s
rngtest: FIPS tests speed: (min=7.344; avg=147.650; max=179.939)Mibits/s
rngtest: Program run time: 1477310936 microseconds

Looks good, with "failures" in the range expected for good RNGs. The worst part of the FIPS 140-2 tests has to be the nomenclature, which leads people to think that good RNGs "failed".

 

[smasher]

Here are the entropy files I've tested. The names should be reasonably self explanatory.

26G     dev-Random-ac68u-cat-pipe-haveged-xxxxxxx112
20G     dev-urandom-ac68u-dd-xxxxxxx413
18G     dev-urandom-ac68u-dd-xxxxxxx003
18G     dev-urandom-ac68u-dd-xxxxxxx031
22G     dev-urandom-ac68u-dd-xxxxxxx362
22G     dev-urandom-ac68u-dd-haveged-xxxxxxx897
121G    total

I re-ran dieharder on them all, this time without the "-s 1" option; this is arguably a more complete test. Interestingly, the only file that prodoced zero "weak" results was "dev-Random-ac68u-cat-pipe-haveged-xxxxxxx112".[1] Collecting GBs of entropy from /dev/random without haveged is not something I have patience for, but this is still a small sample-size for really testing entropy. For anyone taking a serious interest in it, this is a starting point, not the last word.

Of course, all of the "weak" results did resolve to "pass", with or without haveged, and none of the tests "failed". Here's what the relevant sections of the dieharder tests looked like (only looking at dieharder tests without "-s 1"), using this command:

egrep -A2 WEAK dieharder-*

dieharder-dev-urandom-ac68u-dd-xxxxxxx413:   diehard_bitstream|   0|   2097152|     100|0.99988528|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-   diehard_bitstream|   0|   2097152|     200|0.47041376|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-        diehard_opso|   0|   2097152|     100|0.20581384|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:          sts_serial|   9|    100000|     100|0.99998289|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|  10|    100000|     100|0.78871032|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:          sts_serial|  10|    100000|     100|0.99734900|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|  11|    100000|     100|0.52655022|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|  11|    100000|     100|0.06337424|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:          sts_serial|   4|    100000|     200|0.00419421|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|   5|    100000|     200|0.26823446|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|   5|    100000|     200|0.56944955|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:      rgb_lagged_sum|  12|   1000000|     100|0.99991388|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-# The file file_input_raw was rewound 3 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-      rgb_lagged_sum|  12|   1000000|     200|0.93729551|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:          sts_serial|  16|    100000|     100|0.99986662|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-          sts_serial|   1|    100000|     200|0.29045395|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-          sts_serial|   2|    100000|     200|0.72159245|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:      rgb_lagged_sum|   3|   1000000|     100|0.99656647|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-      rgb_lagged_sum|   3|   1000000|     200|0.99222940|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:      rgb_lagged_sum|  18|   1000000|     100|0.99884712|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-# The file file_input_raw was rewound 5 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-      rgb_lagged_sum|  18|   1000000|     200|0.81392455|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:     rgb_kstest_test|   0|     10000|    1000|0.00341190|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-# The file file_input_raw was rewound 13 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-     rgb_kstest_test|   0|     10000|    1100|0.06087035|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:    rgb_permutations|   3|    100000|     100|0.99679733|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-    rgb_permutations|   3|    100000|     200|0.37610252|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:      rgb_lagged_sum|   4|   1000000|     100|0.99660242|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-      rgb_lagged_sum|   4|   1000000|     200|0.73457116|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:      rgb_lagged_sum|  10|   1000000|     100|0.99517140|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 2 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-      rgb_lagged_sum|  10|   1000000|     200|0.89873935|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:      rgb_lagged_sum|  27|   1000000|     100|0.99605411|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 10 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-      rgb_lagged_sum|  27|   1000000|     200|0.85516907|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:        dab_filltree|  32|  15000000|       1|0.00222602|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 16 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-        dab_filltree|  32|  15000000|     101|0.01655759|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx362:      rgb_lagged_sum|   2|   1000000|     100|0.99998864|   WEAK  
dieharder-dev-urandom-ac68u-dd-xxxxxxx362-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx362-      rgb_lagged_sum|   2|   1000000|     200|0.93985608|  PASSED
--
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897:          sts_serial|   5|    100000|     100|0.99803134|   WEAK  
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-          sts_serial|   5|    100000|     100|0.85363161|  PASSED
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-          sts_serial|   6|    100000|     100|0.34069922|  PASSED
--
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897:      rgb_lagged_sum|  19|   1000000|     100|0.99964650|   WEAK  
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-# The file file_input_raw was rewound 4 times
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-      rgb_lagged_sum|  19|   1000000|     200|0.86282651|  PASSED

@RMerlin - Anecdotally, based on the small samples of entropy that I've tested (yes, 120GB is a small sample size), it does seem that haveged increases both the quantity and quality of entropy that's available on these platforms. At the very least, it seems to increase quantity without sacrificing quality. I've also seen increased performance (particularly in stability and reliability of ssh connections) which (subjectively) more than offsets the trivial load that haveged adds to the system. Also, keep in mind that the Linux kernel itself is a huge consumer of entropy, eg forking, writing to disk, initiating TCP connections, etc[2,3], which may actually mean that haveged is objectively a net benefit on these platforms; something that I'm not about to test right now. Overall, I think this is a strong argument for including haveged in the default builds, at least as an option, if not the default.

1. Previous testing (with the "-s 1" option) of dev-urandom-ac68u-dd-xxxxxxx003 with the "-s 1" option also produced zero "weak" results, but without the "-s 1" option that sample yielded 4 "weak" results. That previous testing (with "-s 1") yielded 2 "weak" results from "dev-Random-ac68u-cat-pipe-haveged-xxxxxxx112".
2. Understanding And Managing Entropy Usage
3. What keeps draining entropy?

 

[SomeWhereOverTheRainBow]

Here are the entropy files I've tested. The names should be reasonably self explanatory.

26G     dev-Random-ac68u-cat-pipe-haveged-xxxxxxx112
20G     dev-urandom-ac68u-dd-xxxxxxx413
18G     dev-urandom-ac68u-dd-xxxxxxx003
18G     dev-urandom-ac68u-dd-xxxxxxx031
22G     dev-urandom-ac68u-dd-xxxxxxx362
22G     dev-urandom-ac68u-dd-haveged-xxxxxxx897
121G    total

I re-ran dieharder on them all, this time without the "-s 1" option; this is arguably a more complete test. Interestingly, the only file that prodoced zero "weak" results was "dev-Random-ac68u-cat-pipe-haveged-xxxxxxx112".[1] Collecting GBs of entropy from /dev/random without haveged is not something I have patience for, but this is still a small sample-size for really testing entropy. For anyone taking a serious interest in it, this is a starting point, not the last word.

Of course, all of the "weak" results did resolve to "pass", with or without haveged, and none of the tests "failed". Here's what the relevant sections of the dieharder tests looked like (only looking at dieharder tests without "-s 1"), using this command:

egrep -A2 WEAK dieharder-*

dieharder-dev-urandom-ac68u-dd-xxxxxxx413:   diehard_bitstream|   0|   2097152|     100|0.99988528|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-   diehard_bitstream|   0|   2097152|     200|0.47041376|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-        diehard_opso|   0|   2097152|     100|0.20581384|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:          sts_serial|   9|    100000|     100|0.99998289|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|  10|    100000|     100|0.78871032|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:          sts_serial|  10|    100000|     100|0.99734900|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|  11|    100000|     100|0.52655022|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|  11|    100000|     100|0.06337424|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:          sts_serial|   4|    100000|     200|0.00419421|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|   5|    100000|     200|0.26823446|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-          sts_serial|   5|    100000|     200|0.56944955|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx413:      rgb_lagged_sum|  12|   1000000|     100|0.99991388|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-# The file file_input_raw was rewound 3 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx413-      rgb_lagged_sum|  12|   1000000|     200|0.93729551|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:          sts_serial|  16|    100000|     100|0.99986662|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-          sts_serial|   1|    100000|     200|0.29045395|  PASSED
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-          sts_serial|   2|    100000|     200|0.72159245|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:      rgb_lagged_sum|   3|   1000000|     100|0.99656647|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-      rgb_lagged_sum|   3|   1000000|     200|0.99222940|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:      rgb_lagged_sum|  18|   1000000|     100|0.99884712|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-# The file file_input_raw was rewound 5 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-      rgb_lagged_sum|  18|   1000000|     200|0.81392455|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx003:     rgb_kstest_test|   0|     10000|    1000|0.00341190|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-# The file file_input_raw was rewound 13 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx003-     rgb_kstest_test|   0|     10000|    1100|0.06087035|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:    rgb_permutations|   3|    100000|     100|0.99679733|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-    rgb_permutations|   3|    100000|     200|0.37610252|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:      rgb_lagged_sum|   4|   1000000|     100|0.99660242|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-      rgb_lagged_sum|   4|   1000000|     200|0.73457116|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:      rgb_lagged_sum|  10|   1000000|     100|0.99517140|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 2 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-      rgb_lagged_sum|  10|   1000000|     200|0.89873935|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:      rgb_lagged_sum|  27|   1000000|     100|0.99605411|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 10 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-      rgb_lagged_sum|  27|   1000000|     200|0.85516907|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx031:        dab_filltree|  32|  15000000|       1|0.00222602|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-# The file file_input_raw was rewound 16 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx031-        dab_filltree|  32|  15000000|     101|0.01655759|  PASSED
--
dieharder-dev-urandom-ac68u-dd-xxxxxxx362:      rgb_lagged_sum|   2|   1000000|     100|0.99998864|   WEAK 
dieharder-dev-urandom-ac68u-dd-xxxxxxx362-# The file file_input_raw was rewound 1 times
dieharder-dev-urandom-ac68u-dd-xxxxxxx362-      rgb_lagged_sum|   2|   1000000|     200|0.93985608|  PASSED
--
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897:          sts_serial|   5|    100000|     100|0.99803134|   WEAK 
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-          sts_serial|   5|    100000|     100|0.85363161|  PASSED
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-          sts_serial|   6|    100000|     100|0.34069922|  PASSED
--
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897:      rgb_lagged_sum|  19|   1000000|     100|0.99964650|   WEAK 
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-# The file file_input_raw was rewound 4 times
dieharder-dev-urandom-ac68u-dd-haveged-xxxxxxx897-      rgb_lagged_sum|  19|   1000000|     200|0.86282651|  PASSED

@RMerlin - Anecdotally, based on the small samples of entropy that I've tested (yes, 120GB is a small sample size), it does seem that haveged increases both the quantity and quality of entropy that's available on these platforms. At the very least, it seems to increase quantity without sacrificing quality. I've also seen increased performance (particularly in stability and reliability of ssh connections) which (subjectively) more than offsets the trivial load that haveged adds to the system. Also, keep in mind that the Linux kernel itself is a huge consumer of entropy, eg forking, writing to disk, initiating TCP connections, etc[2,3], which may actually mean that haveged is objectively a net benefit on these platforms; something that I'm not about to test right now. Overall, I think this is a strong argument for including haveged in the default builds, at least as an option, if not the default.

1. Previous testing (with the "-s 1" option) of dev-urandom-ac68u-dd-xxxxxxx003 with the "-s 1" option also produced zero "weak" results, but without the "-s 1" option that sample yielded 4 "weak" results. That previous testing (with "-s 1") yielded 2 "weak" results from "dev-Random-ac68u-cat-pipe-haveged-xxxxxxx112".
2. Understanding And Managing Entropy Usage
3. What keeps draining entropy?

Are you advocating that all Routers run as headless servers, serving out the days work, as your testing implies?

 

[sfx2000]

Are you advocating that all Routers run as headless servers, serving out the days work, as your testing implies?

For all intents and purposes they are...

 

[sfx2000]

@RMerlin - Anecdotally, based on the small samples of entropy that I've tested (yes, 120GB is a small sample size), it does seem that haveged increases both the quantity and quality of entropy that's available on these platforms. At the very least, it seems to increase quantity without sacrificing quality. I've also seen increased performance (particularly in stability and reliability of ssh connections) which (subjectively) more than offsets the trivial load that haveged adds to the system. Also, keep in mind that the Linux kernel itself is a huge consumer of entropy, eg forking, writing to disk, initiating TCP connections, etc[2,3], which may actually mean that haveged is objectively a net benefit on these platforms; something that I'm not about to test right now. Overall, I think this is a strong argument for including haveged in the default builds

Note that haveged is part of the entware packages, as is rng-tools - folks have that option...

 

[sfx2000]

What I'm seeing so far, with the tremendously improved stability and reliability of ssh into the router, this looks like an argument for including haveged (or similar) in the standard builds.

Keep in mind that without tools like haveged and/or rngd, /dev/random is blocking, and if the pool runs short, you'll see performance issues until the pool refills - try an rngtest with haveged and rng-tools stopped, and check the pool depth...

sudo cat /dev/random | rngtest -c 2048​

and in another terminal

cat /proc/sys/kernel/random/entropy_avail​

What haveged does is feed the kernel to keep the entropy pool filled, and it's quite fast at what it does - and on devices like this, that's an important thing, as startup scripts like dnscrypt check the pool before starting up. Stubby as well, as it uses entropy for randomness.

Anyways - nice work, and it does validate haveged as being random enough for most purposes...

 

[sfx2000]

Bonus post...

RPi's have a build in HWRNG, so with rng-tools, and or uncomment the line below, and restart rng-tools

HRNGDEVICE=/dev/hwrng​

If one wants to see what randomness looks like - install the netpbm package, and run the line below

cat <source> | rawtoppm -rgb 256 256 | pnmtopng > random$(date +%Y%m%d%H%M%S).png
​

For example, on RPi - there one has to use sudo to capture direct from hwrng...

sudo cat /dev/hwrng | rawtoppm -rgb 256 256 | pnmtopng > random$(date +%Y%m%d%H%M%S).png​

 

[smasher]

Are you advocating that all Routers run as headless servers, serving out the days work, as your testing implies?

Advocating? Not at all. As an empirical observation, it seems that most/all routers are effectively headless servers.

 

[smasher]

For example, on RPi - there one has to use sudo to capture direct from hwrng...

sudo cat /dev/hwrng | rawtoppm -rgb 256 256 | pnmtopng > random$(date +%Y%m%d%H%M%S).png

And here's an example of "random" done wrong -



The patterns should be obvious - https://www.random.org/analysis/

Of course, an entropy source that provides good quality entropy, but it's constantly blocking, is a different kind of bad, which will cause different kinds of problems.