LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   How Random & Pseudorandom #'s Interact (http://www.linuxquestions.org/questions/linux-security-4/how-random-and-pseudorandom-s-interact-576514/)

mistersnorfles 08-12-2007 08:23 AM

How Random & Pseudorandom #'s Interact
 
A few questions:

1. If I put a set of pseudorandom numbers (/dev/urandom) through a random (/dev/random) hash, does it make the result more random than the initial pseudorandom inputs?

2. If I put a set of random number through a pseudorandom hash, does it make the result less random than the input?

3. If I put a pseudorandom number through a pseudorandom hash, will it make the result more random?

Thanks,
Mr. Snorfles

raskin 08-12-2007 04:10 PM

First, it is not that random and urandom are 'true random' and 'pseudorandom'. They have similar 'entropy pools' (places for storing result of some strange computations involving all the 'entropy' collected by kernel, kernel tries to use everything that has systematic component and truly random - from this system's point of view - component to make contents of 'entropy pool' unpredictable). Both have some algorithms of generating some data based on the entropy pools. The difference is only that 'random' tries to predict how much really unpredictable information is contained in its pool and refuses to give out so much data as to risk too much that part of it can be restored by knowing the rest.

So if you do not take much data from urandom there will be little difference. And are you sure you can decide what you mean under 'random'? Try dumping 512 bytes of audio input to /dev/urandom each 8 bytes you read (data written to /dev/urandom gets mixed in to its pool, so that resulting randomness is hopefully no less than original and no less than random part contained in dumped data) and you can think that it is nearly as random as just tossing a coin (which also can have deficiencies...).

If you have a good hash for mixing two random streams of data it should output a sequence that is no worse than any of inputs. Mixing pseudorandoms can improve things, but do not bother - kernel will be able to use noise from audio card..

mistersnorfles 08-12-2007 07:44 PM

Thanks for the very informative response. Let me ask a few questions to make sure I got everything.

You said:
Quote:

Both have some algorithms of generating some data based on the entropy pools. The difference is only that 'random' tries to predict how much really unpredictable information is contained in its pool and refuses to give out so much data as to risk too much that part of it can be restored by knowing the rest.
So /dev/random does exactly the same thing as /dev/urandom, except whenever it feels like it is providing too much information about itself (making it more likely that someone can predict what it will do), it stops handing out numbers?

And:
Quote:

So if you do not take much data from urandom there will be little difference.
So if I just slow down the rate at which I pull data from /dev/urandom, it will become just as random as /dev/random? Where can I configure how /dev/urandom operates?

And as far as:
Quote:

Try dumping 512 bytes of audio input to /dev/urandom each 8 bytes you read (data written to /dev/urandom gets mixed in to its pool, so that resulting randomness is hopefully no less than original and no less than random part contained in dumped data)
How do I go about dumping the audio into /dev/urandom? Would this work?:
Code:

dd if=/dev/sound/dsp of=/dev/urandom bs=512
Also, it would seem that I should be able to dump video data into /dev/urandom as well right?

Thanks again,
Mr. Snorfles

raskin 08-12-2007 10:49 PM

Quote:

So /dev/random does exactly the same thing as /dev/urandom
At some point in the past it was so. They even used one pool, as far as I remember. Now they are independent and probably the pools are formed in slightly different way, but they are very similar (unless you exhaust /dev/random entropy).

I do not know if /dev/urandom is configurable (and I am not exactly sure what do you want). You do not need to read slowly, you need quicker entropy input (it is some problem on some servers that have everything cached in RAM and so has little random events).

Quote:

dd if=/dev/sound/dsp of=/dev/urandom bs=512
It is correct on /dev/urandom side; but as far as I remember /dev/dsp is output. I meant input. Output has too little unpredictable noise. If you have video input device, you can also use it.

mistersnorfles 08-13-2007 07:31 AM

So audio input is what I want? Like the microphone? Would I have to have a microphone attached to the computer? Why is the audio input less predictable than the audio output?

Thanks,
Mr. Snorfles

raskin 08-13-2007 07:44 AM

No, you do not necessarily want microphone itself (though it can help); just audio input from empty slot is Analog-to-Digital Converter output on empty (and so reacting to every electromagnetic wave) input. It is physically random process. But microphone catches heat noise, so it is also good.
And audio output can be a) blank; b) the same music as last time. Really it will not lead to exact repetition, but will significantly lessen randomness in some sense. Audio output does not have noise until it has left digital form.

mistersnorfles 08-13-2007 08:22 AM

That's interesting, I didn't realize that the microphone jack could do that. I'm going to go play around with that. Maybe I'll be back in a bit with some interesting results...

Thanks so much for your help raskin!

--Mr. Snorfles


All times are GMT -5. The time now is 03:25 PM.