1 Title: Unlimited randomness with the ChaosKey?
5 <p>A few days ago I ordered a small batch of
6 <a href="http://altusmetrum.org/ChaosKey/">the ChaosKey</a>, a small
7 USB dongle for generating entropy created by Bdale Garbee and Keith
8 Packard. Yesterday it arrived, and I am very happy to report that it
9 work great! According to its designers, to get it to work out of the
10 box, you need the Linux kernel version 4.1 or later. I tested on a
11 Debian Stretch machine (kernel version 4.9), and there it worked just
12 fine, increasing the available entropy very quickly. I wrote a small
13 test oneliner to test. It first print the current entropy level,
14 drain /dev/random, and then print the entropy level for five seconds.
15 Here is the situation without the ChaosKey inserted:</p>
18 % cat /proc/sys/kernel/random/entropy_avail; \
19 dd bs=1M if=/dev/random of=/dev/null count=1; \
20 for n in $(seq 1 5); do \
21 cat /proc/sys/kernel/random/entropy_avail; \
27 28 byte kopiert, 0,000264565 s, 106 kB/s
36 <p>The entropy level increases by 3-4 every second. In such case any
37 application requiring random bits (like a HTTPS enabled web server)
38 will halt and wait for more entrpy. And here is the situation with
39 the ChaosKey inserted:</p>
42 % cat /proc/sys/kernel/random/entropy_avail; \
43 dd bs=1M if=/dev/random of=/dev/null count=1; \
44 for n in $(seq 1 5); do \
45 cat /proc/sys/kernel/random/entropy_avail; \
51 104 byte kopiert, 0,000487647 s, 213 kB/s
60 <p>Quite the difference. :) I bought a few more than I need, in case
61 someone want to buy one here in Norway. :)</p>
63 <p>Update: The dongle was presented at Debconf last year. You might
64 find <a href="https://debconf16.debconf.org/talks/94/">the talk
65 recording illuminating</a>. It explains exactly what the source of
66 randomness is, if you are unable to spot it from the schema drawing
67 available from the ChaosKey web site linked at the start of this blog
projects / homepage.git / blob