This is the mail archive of the cygwin mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Sep 19 01:55, starlight.2013z3@binnacle.cx wrote: > For contrast, here is a 'rngtest' run against a > 3.1.8 Linux kernel with /dev/random enhanced by > the output of a STMicroelectronics ST33 TPM PRNG > (via 'rngd' v4). > > bits received from input: 62380032 > FIPS 140-2 successes: 3115 > FIPS 140-2 failures: 4 > FIPS 140-2(2001-10-10) Monobit: 0 > FIPS 140-2(2001-10-10) Poker: 0 > FIPS 140-2(2001-10-10) Runs: 3 > FIPS 140-2(2001-10-10) Long run: 1 > FIPS 140-2(2001-10-10) Continuous run: 0 > input channel speed: (min=21.119; avg=42.165; max=136.844)Kibits/s > FIPS tests speed: (min=41.374; avg=104.495; max=107.154)Mibits/s > Program run time: 1445.324494 seconds > > That's three bit runs and one long bit run > in close to 8MB of random data. Ok, let's compare that with the results of Cygwin's /dev/random as you posted in your previous mail: rngtest: bits received from input: 3088523264 rngtest: FIPS 140-2 successes: 154295 rngtest: FIPS 140-2 failures: 131 The # of bits received from input is about 49.5 times higher than what you got from Linux' /dev/random. So the number of events should be divided by 49.5 for a fair comparison, right? Lazily rounded up I get: Linux Cygwin/49.5 bits received from input: 62380032 62394409.4 FIPS 140-2 successes: 3115 3117.1 FIPS 140-2 failures: 4 2.7 The failure rate is better than on Linux. That doesn't look bad to me. Am I missing something? Nevertheless I now added code to reseed the OS PRNG after each run of 512 bytes for the /dev/random emulation. This results in even better numbers for the price of slowing down access to /dev/random, which is not much of a problem compared to the blocking behaviour of Linux' /dev/random. The new results with /dev/random are now along the lines of: rngtest: bits received from input: 3059180032 rngtest: FIPS 140-2 successes: 152857 rngtest: FIPS 140-2 failures: 102 [...] which is another ~30% better result. That should be sufficient, IMHO. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
Attachment:
pgpOPBKYA4ceV.pgp
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |