-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09/02/12 03:34, Konstantin Belousov wrote: > It is relatively well known that Ivy Bridge CPUs (Core iX 3XXX) > have built-in hardware random number generator, which is claimed to > be both very fast and high quality. Generator is accessible using > non-privileged RDRAND instruction. It is claimed that CPU performs > sanitization of the random sequence. In particular, it seems that > paranoid AES encryption of the raw random stream, performed by our > padlock driver, is not needed for Bull Mountain (there are hints > that hardware performs it already). > > See > http://spectrum.ieee.org/computing/hardware/behind-intels-new-randomnumber-generator/0 > > http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ > and IA32 ADM. > > Patch at http://people.freebsd.org/~kib/misc/bull_mountain.2.patch > implements support for the generator. I do not own any IvyBridge > machines, so I cannot test. Patch makes both padlock and bull > generators the options, you need to enable IVY_RNG to get support > for the generator. > > I would be interested in seeing reports including verbose boot > dmesg, and some tests of /dev/random quality on the IvyBridge > machines, you can start with > http://lists.gnupg.org/pipermail/gnupg-devel/2000-March/016328.html. CPU: > Intel(R) Core(TM) i7-3610QM CPU _at_ 2.30GHz (2294.83-MHz K8-class CPU) Origin = "GenuineIntel" Id = 0x306a9 Family = 6 Model = 3a Stepping = 9 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> Features2=0x7fbae3bf<SSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND> AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM> AMD Features2=0x1<LAHF> TSC: P-state invariant, performance statistics ... random: <entropy source, Hardware, Intel IvyBridge+ RNG> [delphij_at_epsilon] ~> dd if=/dev/random bs=1m count=256 | ./ent 256+0 records in 256+0 records out 268435456 bytes transferred in 8.330823 secs (32221961 bytes/sec) Entropy = 7.999999 bits per byte. Optimum compression would reduce the size of this 268435456 byte file by 0 percent. Chi square distribution for 268435456 samples is 237.19, and randomly would exceed this value 78.17 percent of the times. Arithmetic mean value of data bytes is 127.4968 (127.5 = random). Monte Carlo value for Pi is 3.141569721 (error 0.00 percent). Serial correlation coefficient is -0.000080 (totally uncorrelated = 0.0). [delphij_at_epsilon] ~> dd if=/dev/random bs=1m count=256 | ./ent 256+0 records in 256+0 records out 268435456 bytes transferred in 8.110786 secs (33096109 bytes/sec) Entropy = 7.999999 bits per byte. Optimum compression would reduce the size of this 268435456 byte file by 0 percent. Chi square distribution for 268435456 samples is 265.06, and randomly would exceed this value 31.95 percent of the times. Arithmetic mean value of data bytes is 127.4982 (127.5 = random). Monte Carlo value for Pi is 3.141918140 (error 0.01 percent). Serial correlation coefficient is 0.000005 (totally uncorrelated = 0.0). [delphij_at_epsilon] ~> dd if=/dev/random bs=1m count=256 | ./ent 256+0 records in 256+0 records out 268435456 bytes transferred in 8.094252 secs (33163714 bytes/sec) Entropy = 7.999999 bits per byte. Optimum compression would reduce the size of this 268435456 byte file by 0 percent. Chi square distribution for 268435456 samples is 263.17, and randomly would exceed this value 34.92 percent of the times. Arithmetic mean value of data bytes is 127.4969 (127.5 = random). Monte Carlo value for Pi is 3.141545045 (error 0.00 percent). Serial correlation coefficient is 0.000017 (totally uncorrelated = 0.0). - -- Xin LI <delphij_at_delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJQSQY2AAoJEG80Jeu8UPuzHTUH/37b3iinQ3/yjc2tfTjKAMZh KJGEzZ1hlr8Ifoax3ul27U7Mpyss85Vza+tICeiyDpPulFlKuJa9lFfadNXIiDqR AAB4PtK+cZ8uyVze00sstU+7tK7AqKCyuz/yL6fzK2h2Bx8mYVgE3UTK+DOwQcEa 4Y0pFlO7gPnw1NGK6T7Ofnl/s9wum3JWELPhaTmo5L11JioXnufTmsJpB2MzqSxT iK0B0FCzF32e1Hl5HNNEMbfx7Rrx+Pf1OzdhP+/1+WHdXn8qtr8htsmsA/4zV+pT jAHHGuPxNaFmb2xyEZtQerPPdexoadWjrNlFQtl2gsVyMrWYBX2PyT3n3bbos50= =eiAK -----END PGP SIGNATURE-----Received on Thu Sep 06 2012 - 18:23:19 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:30 UTC