When will the ant reach the end of the rope?
...the answer in the end.
Intel Ivy Bridge CPUs (rdrand instruction) and Raspberry Pi have a hardware random number generator which allows the production of seemingly very secure non-deterministic random numbers from thermal etc. sources for cryptographic purposes.
I also noticed that my MacBook Air uses Ivy Bridge i5 which comes with the rdrand instrunction. However the gcc on MacOS didn't seem to support this instruction so I wrote an assembly program (using nasm) to test if I get random numbers out of it. Seemed to work.
It's another question whether one can trust these hardware implementations or not as we have no sure way of knowing what they actually do and hardware manufacturer may be collaborating with NSA for example and get pseudorandom numbers anyway which might have a pattern identifiable by someone who knows how it was done.
; nasm -f macho64 rdr.asm
; nasm -f elf64 rdr.asm
bits 64
global rdr
section .text
rdr:
rdrand rax
; jnc rdr ; if CF=0, random data not available, try again, however, does not occur on Ivy Bridge so can be ignored at the moment
ret
; gcc rdr.c rdr.o
#include <stdio.h>
int rdr();
int main() {
int x;
for(x=0; x<256*256*256*2; x++)
printf("%c", rdr());
}
#!/bin/bash
clear
dd if=/dev/urandom of=./urandom.bin count=65536
./a.out > hwrandom.bin
echo
echo --rdrand--rdrand--rdrand--rdrand--
echo
cat hwrandom.bin | rngtest
echo
echo --urandom--urandom--urandom--urandom--
echo
cat urandom.bin | rngtest
rngtest: starting FIPS tests...
rngtest: entropy source exhausted!
rngtest: bits received from input: 268435456
rngtest: FIPS 140-2 successes: 13413
rngtest: FIPS 140-2 failures: 8
rngtest: FIPS 140-2(2001-10-10) Monobit: 1
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 5
rngtest: FIPS 140-2(2001-10-10) Long run: 2
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rdrand: FIPS 140-2 failures: 14, 10, 14, 11, 9, 3, 7, 18, 13, 10
urandom: FIPS 140-2 failures: 11, 14, 9, 9, 7, 10, 10, 9, 13, 11
One should notice that it's supposed to fail occasionally on a perfect random number generator so nothing unusual here.
I ran the tests on one of my servers instead.
$ cat /proc/cpuinfo | grep -i 'model name' | head -n 1
model name : Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
$ cat /proc/cpuinfo | grep -i rdrand | head -n 1
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmp
erf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
It gives "Illegal instruction (core dumped)" if you try to run it on something other than Ivy Bridge.
Similar tests on the rpi...
$ sudo cat /dev/hwrng | rngtest -c 1024
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
rngtest: starting FIPS tests...
rngtest: bits received from input: 20480032
rngtest: FIPS 140-2 successes: 1023
rngtest: FIPS 140-2 failures: 1
rngtest: FIPS 140-2(2001-10-10) Monobit: 1
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=70.080; avg=958.421; max=1627604.167)Kibits/s
rngtest: FIPS tests speed: (min=841.647; avg=3216.511; max=6401.590)Kibits/s
rngtest: Program run time: 27469963 microseconds
$ sudo cat /dev/urandom | rngtest -c 1024
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
rngtest: starting FIPS tests...
rngtest: bits received from input: 20480032
rngtest: FIPS 140-2 successes: 1023
rngtest: FIPS 140-2 failures: 1
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 1
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=1.510; avg=29.660; max=1733.953)Mibits/s
rngtest: FIPS tests speed: (min=843.719; avg=4117.551; max=6403.689)Kibits/s
rngtest: Program run time: 5620869 microseconds
I didn't run the stuff on /dev/random because it's a very low throughput entropy source.
Easiest way to fill the entropy pool (hardware noise):
$ cat /proc/sys/kernel/random/entropy_avail
150
$ ls -R /
...
$ cat /proc/sys/kernel/random/entropy_avail
2175
http://www.theregister.co.uk/2013/09/10/torvalds_on_rrrand_nsa_gchq/
http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
http://stackoverflow.com/questions/14413839/what-are-the-exhaustion-characteristics-of-rdrand-on-ivy-bridge
http://cryptome.org/2013/07/intel-bed-nsa.htm
http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
http://stackoverflow.com/questions/14413839/what-are-the-exhaustion-characteristics-of-rdrand-on-ivy-bridge
http://cryptome.org/2013/07/intel-bed-nsa.htm
-- -- -- --
GPU accelerated fft on rpi
sudo ./hello_fft.bin 17 8
rel_rms_err = 7e-05, usecs = 17168, k = 0
... this is about 60MS/s, for the xcorr calculation discussed before it would be 2x20 MS/s (2 forwards, 1 backwards).
----
Eating one banana gives you higher dose of radiation than living next to a nuclear power plant for a year. Sleeping next to another human for 100 days equals one dental x-ray.
----
…the answer to the ant problem being about 8.8e43421 years.
(A huge, yet finite number much larger than any quantity in this universe.)
No comments:
Post a Comment