Hardware random number generator?
#14
(06-04-2018, 12:42 AM)MichaelRock Wrote: I've tried on my DietPi. I took my shovel and dig dig and dig again Smile

Quote:cat /etc/debian_version
9.4

apt-cache search rng-tool
rng-tools - Daemon to use a Hardware TRNG
rng-tools5 - Daemon to use a Hardware TRNG

after install of rng-tools package:
Quote:Job for rng-tools.service failed because the control process exited with error code.
See "systemctl status rng-tools.service" and "journalctl -xe" for details.
invoke-rc.d: initscript rng-tools, action "start" failed.
● rng-tools.service
   Loaded: loaded (/etc/init.d/rng-tools; generated; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2018-06-03 18:55:19 BST; 29ms ago
     Docs: manConfusedystemd-sysv-generator(8)
  Process: 3134 ExecStart=/etc/init.d/rng-tools start (code=exited, status=1/FAILURE)

Jun 03 18:55:19 DietPi systemd[1]: Starting rng-tools.service...
Jun 03 18:55:19 DietPi rng-tools[3134]: Starting Hardware RNG entropy gather…d).
Jun 03 18:55:19 DietPi systemd[1]: rng-tools.service: Control process exite…us=1
Jun 03 18:55:19 DietPi systemd[1]: Failed to start rng-tools.service.
Jun 03 18:55:19 DietPi systemd[1]: rng-tools.service: Unit entered failed state.
Jun 03 18:55:19 DietPi systemd[1]: rng-tools.service: Failed with result 'e…de'.
Hint: Some lines were ellipsized, use -l to show in full.
Processing triggers for systemd (232-25+deb9u3) ...

random number generator devices:
Quote:using /dev/random:
dietpi@DietPi:~$ sudo /etc/init.d/rng-tools start
Starting Hardware RNG entropy gatherer daemon: rngd.

using /dev/hwrng:
dietpi@DietPi:~$ sudo /etc/init.d/rng-tools start
Starting Hardware RNG entropy gatherer daemon: (failed).

sudo cat /dev/hwrng
cat: /dev/hwrng: No such device
If it has hardware support, cat should print random characters on the terminal as it does with /dev/random.

Kernel stuff:
Quote:kernel config:

 /boot/config-4.4.77-rockchip-ayufan-136

inside the file, there are only these two about random stuff:
CONFIG_HW_RANDOM=y
CONFIG_HW_RANDOM_TPM=y

modules:
find /lib/modules/4.4.77-rockchip-ayufan-136/ -iname 'hw_random'
dietpi@DietPi:~$ find /lib/modules/4.4.77-rockchip-ayufan-136/ -iname '*hw_random*'
dietpi@DietPi:~$ find /lib/modules/4.4.77-rockchip-ayufan-136/ -iname '*random*'
dietpi@DietPi:~$ find /lib/modules/4.4.77-rockchip-ayufan-136/ -iname '*rng*'

=> no related module found


in config file on github:

no support for RK3328 chip HRNG
didn't found anything which shows Linux Kernel actually support Cortex A53 H/TRNG


dietpi@DietPi:~$ ls /lib/modules/4.4.77-rockchip-ayufan-136/kernel/crypto/
842.ko               lz4hc.ko             pcrypt.ko
async_tx/            lz4.ko               poly1305_generic.ko
chacha20_generic.ko  lzo.ko               rsa_generic.ko
chacha20poly1305.ko  md4.ko               zlib.ko
dietpi@DietPi:~$ ls /lib/modules/4.4.77-rockchip-ayufan-136/kernel/crypto/async_tx/
async_memcpy.ko  async_pq.ko  async_raid6_recov.ko  async_tx.ko  async_xor.ko

Perhaps one of these related to HRNG, need more investigations.

Bad thing with ayufan work:

source:
linux-source-4.9 - Linux kernel source for version 4.9 with Debian patches
linux-source - Linux kernel source (meta-package)
linux-source-4.16 - Linux kernel source for version 4.16 with Debian patches
???

dpkg -l '*linux*image*'|grep ii
ii  linux-image-4.4.77-rockchip-ayufan-136          0.5.15       arm64        Linux kernel, version 4.4.77-rockchip-ayufan-136

He did not make proper debianized package of sources Sad very very  unfortunate for us, despite it's not that hard, all work has been already done and it's just a matter of few commands to run. Looks like we've got to deal with source trunk only and binary package.

I've also did some research on Cortex A53 support in Linux, there are not that much avaialble

An interesting link to check on kernel config: https://cateee.net/lkddb/web-lkddb/HW_RANDOM.html

So, unless you ABSOLUTELY need HRNG, I believe you'd better move on and try alternatives like pandom. Hope this help.

Thanks for your work.  Im using my ROCK 64 to run cryprocurrency wallets, the private keys should be generated from a very strong source of entropy, to prevent them being computed by an attacker.  In reality this is highly unlikley and for now the PRNG is probably fine.

Its a little unfortunate to have a hardware RNG available, but for it to be un-usable, hopefully it gets fixed, raised a github issue so perhaps in time it will be resolved.
  Reply


Messages In This Thread
Hardware random number generator? - by scalextrix - 05-30-2018, 12:23 AM
RE: Hardware random number generator? - by scalextrix - 06-04-2018, 02:05 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Any way to tell the rock64's hardware revision? kittyland 1 2,858 07-01-2021, 09:42 PM
Last Post: evilbunny
Exclamation WARNING: internal 10|100 PHY requires magjack hardware! MarkHaysHarris777 32 37,445 01-15-2019, 08:09 PM
Last Post: WrongWorld
  Latest Rock64 board hardware revision Ryan 3 5,107 03-14-2018, 05:42 AM
Last Post: petec

Forum Jump:


Users browsing this thread: 1 Guest(s)