Generated.

[homepage.git] / blog / data / 2017-03-01-chaoskey.txt

Title: Unlimited randomness with the ChaosKey?
Tags: english, debian
Date: 2017-03-01 20:50

<p>A few days ago I ordered a small batch of
<a href="http://altusmetrum.org/ChaosKey/">the ChaosKey</a>, a small
USB dongle for generating entropy created by Bdale Garbee and Keith
Packard.  Yesterday it arrived, and I am very happy to report that it
work great!  According to its designers, to get it to work out of the
box, you need the Linux kernel version 4.1 or later.  I tested on a
Debian Stretch machine (kernel version 4.9), and there it worked just
fine, increasing the available entropy very quickly.  I wrote a small
test oneliner to test.  It first print the current entropy level,
drain /dev/random, and then print the entropy level for five seconds.
Here is the situation without the ChaosKey inserted:</p>

<blockquote><pre>
% cat /proc/sys/kernel/random/entropy_avail; \
  dd bs=1M if=/dev/random of=/dev/null count=1; \
  for n in $(seq 1 5); do \
     cat /proc/sys/kernel/random/entropy_avail; \
     sleep 1; \
  done
300
0+1 oppføringer inn
0+1 oppføringer ut
28 byte kopiert, 0,000264565 s, 106 kB/s
4
8
12
17
21
%
</pre></blockquote>

<p>The entropy level increases by 3-4 every second.  In such case any
application requiring random bits (like a HTTPS enabled web server)
will halt and wait for more entrpy.  And here is the situation with
the ChaosKey inserted:</p>

<blockquote><pre>
% cat /proc/sys/kernel/random/entropy_avail; \
  dd bs=1M if=/dev/random of=/dev/null count=1; \
  for n in $(seq 1 5); do \
     cat /proc/sys/kernel/random/entropy_avail; \
     sleep 1; \
  done
1079
0+1 oppføringer inn
0+1 oppføringer ut
104 byte kopiert, 0,000487647 s, 213 kB/s
433
1028
1031
1035
1038
%
</pre></blockquote>

<p>Quite the difference. :) I bought a few more than I need, in case
someone want to buy one here in Norway. :)</p>