/dev/random使用标准安装的 Ubuntu 12.04,收集的熵是如何的?
安装是否足够智能,可以设置任何可用的硬件生成,它是否会默认使用基于用户的源,例如键盘中断?
编辑:只是为了清楚起见,我正在寻找安装附带的特定配置(或如何找到它),而不是寻找理论上如何完成它。
答案1
这是一个复杂的问题。我将引用一些资料来回答。
字符特殊文件 /dev/random 和 /dev/urandom(自 Linux 1.3.30 开始出现)为内核的随机数生成器提供了接口。文件 /dev/random 的主设备号为 1,次设备号为 8。文件 /dev/urandom 的主设备号为 1,次设备号为 9。
随机数生成器将来自设备驱动程序和其他来源的环境噪声收集到熵池中。生成器还会估计熵池中的噪声位数。从这个熵池中创建随机数。
从维基百科
Linux 内核根据键盘计时、鼠标移动和 IDE 计时生成熵,并通过特殊文件 /dev/random 和 /dev/urandom 将随机字符数据提供给其他操作系统进程。此功能在 Linux 版本 1.3.30 中引入。
从 Linux手册页
读取时,/dev/random 设备将仅返回熵池中估计的噪声位数内的随机字节。/dev/random 应该适合需要极高质量随机性的用途,例如一次性密码本或密钥生成。当熵池为空时,/dev/random 的读取将被阻止,直到收集到额外的环境噪声。
引自random内核 3.11.10.10
* Theory of operation
* ===================
*
* Computers are very predictable devices. Hence it is extremely hard
* to produce truly random numbers on a computer --- as opposed to
* pseudo-random numbers, which can easily generated by using a
* algorithm. Unfortunately, it is very easy for attackers to guess
* the sequence of pseudo-random number generators, and for some
* applications this is not acceptable. So instead, we must try to
* gather "environmental noise" from the computer's environment, which
* must be hard for outside attackers to observe, and use that to
* generate random numbers. In a Unix environment, this is best done
* from inside the kernel.
*
* Sources of randomness from the environment include inter-keyboard
* timings, inter-interrupt timings from some interrupts, and other
* events which are both (a) non-deterministic and (b) hard for an
* outside observer to measure. Randomness from these sources are
* added to an "entropy pool", which is mixed using a CRC-like function.
* This is not cryptographically strong, but it is adequate assuming
* the randomness is not chosen maliciously, and it is fast enough that
* the overhead of doing it on every interrupt is very reasonable.
* As random bytes are mixed into the entropy pool, the routines keep
* an *estimate* of how many bits of randomness have been stored into
* the random number generator's internal state.
是的,它足够智能,可以使用基于用户的来源,但如果您愿意,可以配置更多。
有些内核带有随机生成器,它们有更多的熵源,包括音频输入中的噪声和其他信息源,如视频、冷却器审查器等。这里如果对音频熵感兴趣。我希望你能自己找到其他内核。
但/dev/random默认情况下对于大多数任务来说应该足够了。
另请阅读这个问题在 stackoverflow 上
答案2
真正的随机性来自物理世界,而不是确定性的伪随机数生成器。Linux 内核收集随机时间并将信息添加到其熵池中。我建议进入内核源代码
输入熵参考函数调用:add_interrupt_randomness(irq) 处理程序注册的 SA_SAMPLE_RANDOM,中断之间的时间是噪声源,add_keyboard_randomness(scancode) 和 add_mouse_randomness(mouse_data) ===> 所有这些函数都调用 add_timer_randomness()
输出熵:核空间:[get_random_bytes(buf,number)](参考LXR => linux/drivers/char/random.c)用户空间:/dev/random /dev/urandom