Monday, February 8, 2016

Raspberry PI's hardware random number generator for /dev/random

I've stumble upon that Raspberry PI has a built in hardware random number generator.

http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/

The BCM2835 datasheet also does not provide any info about the RNG.

I also found out that the kernel module is also loaded:
pi@raspberrypi ~ $ lsmod | grep bcm
snd_bcm2835            22317  0 
snd_pcm                92397  1 snd_bcm2835
snd                    66972  5 snd_bcm2835,snd_timer,snd_pcm,snd_seq,snd_seq_device
bcm2835_rng             2215  0 
bcm2835_gpiomem         3703  0

However, it is currently not fed to /dev/random

Also, occasionally, I realize there is a long pause when trying to log in to SSH when the random entropy pool runs out because I'm using it mostly headless so the random source are rather limited.

To do that, I just installed rng-tools with:
$ sudo apt-get install rng-tools

Default settings for rngd seems good enough as /etc/init.d/rng-tools seems to automatically detect the /dev/hwrng and automatically use it:
$ ps aux | grep rng
root     32539  0.1  0.3  26404  1312 ?        SLsl Feb08   2:12 /usr/sbin/rngd -r /dev/hwrng

Now, we can see that the entropy poll is always good, and more thatn 2000 bits while previously it can run low and down to a few hundred:
$ cat /proc/sys/kernel/random/entropy_avail
2798

As usual, we can always refer to the excellent Arch Linux's wiki for more info about rng-tools: