Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools


raspberry_pi_hardware_random_number_generator

RPi's hardware RNG (from scratch)

Install Raspbian

… with OS X, download latest version and dd to SDcard

sudo diskUtil list
sudo diskUtil unmountDisk /dev/disk1
sudo dd bs=1m if=2013-12-20-wheezy-raspbian.img of=/dev/rdisk1

Log into your RPi

Check you DHCP server log for the IP-address

ssh pi@<ip-address>
password: raspberry

* Change the pi's user password (passwd)
* Create your own account (useradd)

Configure Raspbian

sudo raspi-config
  • Expand file system
  • Boot to console
  • Locale: en_US.UTF-8 UTF-8
  • Create DNS record
  • Change hostname (/etc/hostname)
  • Configure static ip (/etc/network/interfaces)

Install vim:

sudo apt-get install vim

Add own user to sudo group

sudo usermod -G sudo <youruser>

Update Raspbian

sudo apt-get update
sudo apt-get -y dist-upgrade
sudo rpi-update
sudo reboot

Load bcm2708-rng module

sudo modprobe bcm2708-rng

Add the following line to /etc/modules

sudo vi /etc/modules 
# add line below:
bcm2708-rng

Install rng-tools

sudo apt-get install rng-tools

Device /dev/hwrng should now be available

$ ls -l /dev/hwrng
crw------- 1 root root 10, 183 Jan  7 17:30 /dev/hwrng

Test

Quote: Just a quick note on FIPS 140-2. These tests are a bunch of simple statistical calculations. Those statistics will occasionally fail on truly random data at an interval of around 2,500 iterations/failure. If it isn’t failing occasionally, you’re not seeing random data. Seeing a failure is not a problem. Seeing too many or too few is a problem.

Source: “random number guy” for over a decade, and working on a FIPS 140-2 Level 3 hardware project right now.

sudo cat /dev/hwrng | rngtest -c 10000

rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions.  There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

rngtest: starting FIPS tests...
rngtest: bits received from input: 200000032
rngtest: FIPS 140-2 successes: 9993
rngtest: FIPS 140-2 failures: 7
rngtest: FIPS 140-2(2001-10-10) Monobit: 1
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 1
rngtest: FIPS 140-2(2001-10-10) Long run: 5
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=79.459; avg=1084.548; max=2441406.250)Kibits/s
rngtest: FIPS tests speed: (min=843.355; avg=3265.806; max=6426.867)Kibits/s
rngtest: Program run time: 240359132 microseconds

Random visual

sudo apt-get install netpbm
sudo cat /dev/hwrng  | rawtoppm -rgb 640 256 | pnmtopng > random$(date +%Y%m%d%H%M%S).png

Dieharder test on 3GB file

#On the RPi
chmod o+r /dev/hwrng

#On faster host, scp took me almost 8 hours.
ssh -v pi@xxx.xx.x.xx dd if=/dev/hwrng iflag=fullblock count=3072 bs=1024k > random.rpi2
dieharder -a -g 201 -f random.rpi2

#=============================================================================#
#            dieharder version 3.31.1 Copyright 2003 Robert G. Brown          #
#=============================================================================#
   rng_name    |           filename             |rands/second|
 file_input_raw|                     random.rpi2|  1.12e+07  |
#=============================================================================#
        test_name   |ntup| tsamples |psamples|  p-value |Assessment
#=============================================================================#
   diehard_birthdays|   0|       100|     100|0.34597316|  PASSED
      diehard_operm5|   0|   1000000|     100|0.90744755|  PASSED
  diehard_rank_32x32|   0|     40000|     100|0.07737018|  PASSED
    diehard_rank_6x8|   0|    100000|     100|0.45008328|  PASSED
   diehard_bitstream|   0|   2097152|     100|0.66150607|  PASSED
        diehard_opso|   0|   2097152|     100|0.91329312|  PASSED
        diehard_oqso|   0|   2097152|     100|0.96887619|  PASSED
         diehard_dna|   0|   2097152|     100|0.52971384|  PASSED
diehard_count_1s_str|   0|    256000|     100|0.28085518|  PASSED
# The file file_input_raw was rewound 1 times
diehard_count_1s_byt|   0|    256000|     100|0.87256770|  PASSED
# The file file_input_raw was rewound 1 times
 diehard_parking_lot|   0|     12000|     100|0.63965905|  PASSED
# The file file_input_raw was rewound 1 times
    diehard_2dsphere|   2|      8000|     100|0.63608621|  PASSED
# The file file_input_raw was rewound 1 times
    diehard_3dsphere|   3|      4000|     100|0.89669154|  PASSED
# The file file_input_raw was rewound 1 times
     diehard_squeeze|   0|    100000|     100|0.03974590|  PASSED
# The file file_input_raw was rewound 1 times
        diehard_sums|   0|       100|     100|0.02202173|  PASSED
# The file file_input_raw was rewound 1 times
        diehard_runs|   0|    100000|     100|0.18053678|  PASSED
        diehard_runs|   0|    100000|     100|0.56702172|  PASSED
# The file file_input_raw was rewound 1 times
       diehard_craps|   0|    200000|     100|0.38209741|  PASSED
       diehard_craps|   0|    200000|     100|0.31967118|  PASSED
# The file file_input_raw was rewound 4 times
 marsaglia_tsang_gcd|   0|  10000000|     100|0.79695385|  PASSED
 marsaglia_tsang_gcd|   0|  10000000|     100|0.95537955|  PASSED
# The file file_input_raw was rewound 4 times
         sts_monobit|   1|    100000|     100|0.72013128|  PASSED
# The file file_input_raw was rewound 4 times
            sts_runs|   2|    100000|     100|0.46203368|  PASSED
# The file file_input_raw was rewound 4 times
          sts_serial|   1|    100000|     100|0.04299359|  PASSED
          sts_serial|   2|    100000|     100|0.33276642|  PASSED
          sts_serial|   3|    100000|     100|0.93303071|  PASSED
          sts_serial|   3|    100000|     100|0.79970461|  PASSED
          sts_serial|   4|    100000|     100|0.92957448|  PASSED
          sts_serial|   4|    100000|     100|0.76429782|  PASSED
          sts_serial|   5|    100000|     100|0.54177520|  PASSED
          sts_serial|   5|    100000|     100|0.59090509|  PASSED
          sts_serial|   6|    100000|     100|0.85876944|  PASSED
          sts_serial|   6|    100000|     100|0.28184290|  PASSED
          sts_serial|   7|    100000|     100|0.67649061|  PASSED
          sts_serial|   7|    100000|     100|0.83063305|  PASSED
          sts_serial|   8|    100000|     100|0.84181733|  PASSED
          sts_serial|   8|    100000|     100|0.51578409|  PASSED
          sts_serial|   9|    100000|     100|0.91101763|  PASSED
          sts_serial|   9|    100000|     100|0.95359416|  PASSED
          sts_serial|  10|    100000|     100|0.21783179|  PASSED
          sts_serial|  10|    100000|     100|0.23626083|  PASSED
          sts_serial|  11|    100000|     100|0.58767904|  PASSED
          sts_serial|  11|    100000|     100|0.69640028|  PASSED
          sts_serial|  12|    100000|     100|0.84659970|  PASSED
          sts_serial|  12|    100000|     100|0.78233602|  PASSED
          sts_serial|  13|    100000|     100|0.49114447|  PASSED
          sts_serial|  13|    100000|     100|0.14232516|  PASSED
          sts_serial|  14|    100000|     100|0.93482340|  PASSED
          sts_serial|  14|    100000|     100|0.53423324|  PASSED
          sts_serial|  15|    100000|     100|0.25191494|  PASSED
          sts_serial|  15|    100000|     100|0.26019763|  PASSED
          sts_serial|  16|    100000|     100|0.90243712|  PASSED
          sts_serial|  16|    100000|     100|0.05608425|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   1|    100000|     100|0.29432747|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   2|    100000|     100|0.91168584|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   3|    100000|     100|0.14052303|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   4|    100000|     100|0.25758940|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   5|    100000|     100|0.27117119|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   6|    100000|     100|0.93022805|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   7|    100000|     100|0.71701673|  PASSED
# The file file_input_raw was rewound 4 times
         rgb_bitdist|   8|    100000|     100|0.63000411|  PASSED
# The file file_input_raw was rewound 5 times
         rgb_bitdist|   9|    100000|     100|0.76231273|  PASSED
# The file file_input_raw was rewound 5 times
         rgb_bitdist|  10|    100000|     100|0.33368352|  PASSED
# The file file_input_raw was rewound 5 times
         rgb_bitdist|  11|    100000|     100|0.97142195|  PASSED
# The file file_input_raw was rewound 6 times
         rgb_bitdist|  12|    100000|     100|0.55424281|  PASSED
# The file file_input_raw was rewound 6 times
rgb_minimum_distance|   2|     10000|    1000|0.41250099|  PASSED
# The file file_input_raw was rewound 6 times
rgb_minimum_distance|   3|     10000|    1000|0.36349016|  PASSED
# The file file_input_raw was rewound 6 times
rgb_minimum_distance|   4|     10000|    1000|0.97639989|  PASSED
# The file file_input_raw was rewound 6 times
rgb_minimum_distance|   5|     10000|    1000|0.00886445|  PASSED
# The file file_input_raw was rewound 6 times
    rgb_permutations|   2|    100000|     100|0.77555581|  PASSED
# The file file_input_raw was rewound 6 times
    rgb_permutations|   3|    100000|     100|0.35219153|  PASSED
# The file file_input_raw was rewound 6 times
    rgb_permutations|   4|    100000|     100|0.63916470|  PASSED
# The file file_input_raw was rewound 6 times
    rgb_permutations|   5|    100000|     100|0.83043450|  PASSED
# The file file_input_raw was rewound 6 times
      rgb_lagged_sum|   0|   1000000|     100|0.63441688|  PASSED
# The file file_input_raw was rewound 6 times
      rgb_lagged_sum|   1|   1000000|     100|0.21196461|  PASSED
# The file file_input_raw was rewound 7 times
      rgb_lagged_sum|   2|   1000000|     100|0.98344504|  PASSED
# The file file_input_raw was rewound 7 times
      rgb_lagged_sum|   3|   1000000|     100|0.22629216|  PASSED
# The file file_input_raw was rewound 8 times
      rgb_lagged_sum|   4|   1000000|     100|0.65908762|  PASSED
# The file file_input_raw was rewound 8 times
      rgb_lagged_sum|   5|   1000000|     100|0.91070672|  PASSED
# The file file_input_raw was rewound 9 times
      rgb_lagged_sum|   6|   1000000|     100|0.27071119|  PASSED
# The file file_input_raw was rewound 10 times
      rgb_lagged_sum|   7|   1000000|     100|0.86418190|  PASSED
# The file file_input_raw was rewound 11 times
      rgb_lagged_sum|   8|   1000000|     100|0.99917509|   WEAK
# The file file_input_raw was rewound 13 times
      rgb_lagged_sum|   9|   1000000|     100|0.69589197|  PASSED
# The file file_input_raw was rewound 14 times
      rgb_lagged_sum|  10|   1000000|     100|0.37690543|  PASSED
# The file file_input_raw was rewound 16 times
      rgb_lagged_sum|  11|   1000000|     100|0.91865332|  PASSED
# The file file_input_raw was rewound 17 times
      rgb_lagged_sum|  12|   1000000|     100|0.13143491|  PASSED
# The file file_input_raw was rewound 19 times
      rgb_lagged_sum|  13|   1000000|     100|0.83193143|  PASSED
# The file file_input_raw was rewound 21 times
      rgb_lagged_sum|  14|   1000000|     100|0.43545535|  PASSED
# The file file_input_raw was rewound 23 times
      rgb_lagged_sum|  15|   1000000|     100|0.87146122|  PASSED
# The file file_input_raw was rewound 25 times
      rgb_lagged_sum|  16|   1000000|     100|0.91910411|  PASSED
# The file file_input_raw was rewound 27 times
      rgb_lagged_sum|  17|   1000000|     100|0.62243095|  PASSED
# The file file_input_raw was rewound 29 times
      rgb_lagged_sum|  18|   1000000|     100|0.93688081|  PASSED
# The file file_input_raw was rewound 32 times
      rgb_lagged_sum|  19|   1000000|     100|0.74811113|  PASSED
# The file file_input_raw was rewound 35 times
      rgb_lagged_sum|  20|   1000000|     100|0.50321575|  PASSED
# The file file_input_raw was rewound 37 times
      rgb_lagged_sum|  21|   1000000|     100|0.76070372|  PASSED
# The file file_input_raw was rewound 40 times
      rgb_lagged_sum|  22|   1000000|     100|0.09722035|  PASSED
# The file file_input_raw was rewound 43 times
      rgb_lagged_sum|  23|   1000000|     100|0.01695431|  PASSED
# The file file_input_raw was rewound 46 times
      rgb_lagged_sum|  24|   1000000|     100|0.69353267|  PASSED
# The file file_input_raw was rewound 49 times
      rgb_lagged_sum|  25|   1000000|     100|0.71566485|  PASSED
# The file file_input_raw was rewound 53 times
      rgb_lagged_sum|  26|   1000000|     100|0.79282958|  PASSED
# The file file_input_raw was rewound 56 times
      rgb_lagged_sum|  27|   1000000|     100|0.80665438|  PASSED
# The file file_input_raw was rewound 60 times
      rgb_lagged_sum|  28|   1000000|     100|0.35674353|  PASSED
# The file file_input_raw was rewound 64 times
      rgb_lagged_sum|  29|   1000000|     100|0.76710314|  PASSED
# The file file_input_raw was rewound 67 times
      rgb_lagged_sum|  30|   1000000|     100|0.55848471|  PASSED
# The file file_input_raw was rewound 71 times
      rgb_lagged_sum|  31|   1000000|     100|0.93240512|  PASSED
# The file file_input_raw was rewound 76 times
      rgb_lagged_sum|  32|   1000000|     100|0.75912760|  PASSED
# The file file_input_raw was rewound 76 times
     rgb_kstest_test|   0|     10000|    1000|0.23134916|  PASSED
# The file file_input_raw was rewound 76 times
     dab_bytedistrib|   0|  51200000|       1|0.95016600|  PASSED
# The file file_input_raw was rewound 76 times
             dab_dct| 256|     50000|       1|0.74471304|  PASSED
Preparing to run test 207.  ntuple = 0
# The file file_input_raw was rewound 76 times
        dab_filltree|  32|  15000000|       1|0.24352143|  PASSED
        dab_filltree|  32|  15000000|       1|0.41132076|  PASSED
Preparing to run test 208.  ntuple = 0
# The file file_input_raw was rewound 76 times
       dab_filltree2|   0|   5000000|       1|0.15673745|  PASSED
       dab_filltree2|   1|   5000000|       1|0.48170936|  PASSED
Preparing to run test 209.  ntuple = 0
# The file file_input_raw was rewound 76 times
        dab_monobit2|  12|  65000000|       1|0.07111443|  PASSED

Create 10MB random data file

dd if=/dev/random of=random.out bs=1000 count=10000 iflag=fullblock

Show entropy pool size

Current size:

$ cat /proc/sys/kernel/random/poolsize
4096

#or
$ sysctl kernel.random.poolsize
kernel.random.poolsize = 4096

Current available:

$ cat /proc/sys/kernel/random/entropy_avail
3028

You can dd /dev/random to /dev/null and find that a device using the HRNG is much faster than whithout.

dd if=/dev/random of=/dev/null bs=1000 count=10000 iflag=fullblock
raspberry_pi_hardware_random_number_generator.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1