-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathjitterentropy-rngd.1
122 lines (122 loc) · 4.22 KB
/
jitterentropy-rngd.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
.\" Copyright (c) 2017 - 2022 by Stephan Mueller ([email protected])
.\"
.\" Permission is granted to make and distribute verbatim copies of this
.\" manual provided the copyright notice and this permission notice are
.\" preserved on all copies.
.\"
.\" Permission is granted to copy and distribute modified versions of this
.\" manual under the conditions for verbatim copying, provided that the
.\" entire resulting derived work is distributed under the terms of a
.\" permission notice identical to this one.
.\"
.\" Formatted or processed versions of this manual, if unaccompanied by
.\" the source, must acknowledge the copyright and authors of this work.
.\" License.
.TH JITTERENTROPY-RNGD 1 2017-02-11
.SH NAME
jitterentropy-rngd \- CPU Jitter Random Number Generator Daemon
.SH SYNOPSIS
.B jitterentropy-rngd
[\fI\,OPTION\/\fR]
.SH DESCRIPTION
The
.I jitterentropy-rngd
application provides a source of good entropy by collecting CPU
execution time jitter. The collected entropy is injected into
the Linux kernel
.IR /dev/random
device using the
.IR RNDADDENTROPY
ioctl described in \fBrandom\fR(4).
.LP
The entropy in the CPU execution time jitter is magnified by
the CPU Jitter Random Number Generator. The CPU Jitter Random
Number Generator uses the CPU execution timing jitter to
generate a bit stream which complies with different statistical
measurements that determine the bit stream is random.
.LP
The CPU Jitter Random Number Generator works equally well in
virtualized environments as well as on bare-metal provided
a high-resolution timer is made available with the
.BR clock_gettime ()
function. The currently used timer can be checked by reading
the file
.IR /sys/devices/system/clocksource/clocksource0/current_clocksource .
If the clock source shall be changed, one of the available
clock sources listed in the file
.IR /sys/devices/system/clocksource/clocksource0/available_clocksource
can be written into the mentioned
.IR current_clocksource
file and the kernel immediately changes the use clock.
.LP
The CPU Jitter Random Number Generator unconditionally
injects 256 bits of entropy into the Linux kernel during
startup time before it daemonizes. Thus, when the invocation
of the
.IR jitterentropy-rngd
returns, the Linux kernel is seeded with at least 256 bits
of entropy. The reader should consider that the Linux kernel
performs a schedule operation during the injection of data
which implies that immediately after starting the
.IR jitterentropy-rngd
the kernel may still complain about insufficient entropy
available for
.IR /dev/urandom .
.LP
In addition, the
.IR jitterentropy-rngd
injects 256 bits of entropy every 10 minutes unconditionally
irrespective whether the kernel has sufficient entropy or not.
.LP
The following options are supported when invoking
.IR jitterentropy-rngd :
.TP
\fB\-v\fR, \fB\-\-verbose\fR
enable a verbose operation of the daemon. Using this option
multiple times increases the verbosity. Using this option
implies that the
.IR jitterentropy-rngd
will not daemonize.
.TP
\fB\-p\fR, \fB\-\-pid\fR [\fI\,FILE\/\fR]
triggers the creation of a PID file at the given location.
.TP
\fB\-h\fR, \fB\-\-help\fR
displays the help text
.TP
\fB\-\-version\fR
returns the version number of the
.IR jitterentropy-rngd .
.TP
\fB\-s\fR, \fB\-\-sp800-90b\fR
triggers a specific seeding strategy of the kernel /dev/random
device to insert entropy that ensures the ChaCha20 DRNG behind
/dev/random receives 256 bits of entropy as defined by SP800-90B.
.TP
\fB\-f\fR, \fB\-\-flags\fR [\fI\,FLAGS\/\fR]
allows specifying the flags value documented with
.IR jitterentropy(3)
when allocating the Jitter RNG.
.TP
\fB\-o\fR, \fB\-\-osr\fR [\fI\,OSR\/\fR]
allows specifying the oversampling rate (OSR) as documented with
.IR jitterentropy(3)
when allocating the Jitter RNG.
.PP
.SH NOTES
The
.IR jitterentropy-rngd
does not perform write operations on any file system object.
Thus, it can be executed on a fully read-only mounted file
system.
.LP
The random bit stream generated by
.IR jitterentropy-rngd
is NOT processed by a cryptographically secure whitening
function. Nonetheless, it is believed that the output
can be used as a source for cryptographically secure
key material or other cryptographically sensitive data.
.PP
.SH SEE ALSO
\fBrandom\fR(4)
\fBclock_gettime\fR(2)