On 2020-06-23 06:20, Why 42? The lists account. wrote: > > Hi All, > > Has anyone ever tried the Infinite Noise TRNG hardware random number generator > with OpenBSD?
Actually...no. Never felt any reason to. > It's a USB stick that contains hardware to generate random numbers. See: > https://github.com/13-37-org/infnoise > > I had a couple of these working with ArchLinux and would like to try using > them with OpenBSD. > > Using either 6.6 or 6.7 the device is recognised at boot time: >> uftdi0 at uhub0 port 2 configuration 1 interface 0 "13-37.org Infinite Noise >> TRNG" rev 2.00/10.00 addr 3 ucom0 at uftdi0 portno 1 so ... looks like is is pretending to be a serial port. ucom0. ... > With libftdi1-1.4p2 installed I was able to compile the associated software > using the supplied "Makefile.freebsd". So a pretty easy start ... FreeBSD? I'd be more surprised if this worked than if it didn't. > This creates an executable "driver" called infnoise which can be run as a > daemon e.g. "driver" that runs as a "daemon". I'm not entirely sure what that would mean, to be honest. >> doas ./infnoise -h >> Usage: infnoise [options] ... >> -s, --serial <serial> - use specified device ^^^ Might want to play with that option. Or not. ... > Any suggestions? Where am I going wrong? Maybe I shouldn't have taken that > shortcut with the freebsd makefile? Or a security issue? First of all..what are you wanting this thing to do? Provide random data? how about just reading /dev/cuaU0? And then...why not just use /dev/random? Or are you wanting this device to contribute to the OpenBSD random number generator by stirring the entropy pool? Are you expecting this /FreeBSD/ driver to reach into the /OpenBSD/ entropy pool and give it a good stir directly from ... userland? That sounds a bit scary. However, I'd start by questioning the basic premise that OpenBSD needs more entropy to seed its random number generator. The OpenBSD developers have spent a lot of time (and written some really good descriptions) on the topic. Many DIFFERENT things in OpenBSD *use* random numbers (so even if you knew what the next "Random" number returned was going to be -- you don't know if what task will be the one getting it!) and many DIFFERENT things in OpenBSD agitate the entropy pool (so you aren't likely to know what the next number returned will be), so you don't stand much of a prayer of predicting the next result from a call to /dev/random. Not only is the PRNG well stirred, a lot of modern hw has on-chip true RNG noise sources which do basically the same as your little USB plug, and OpenBSD uses at least a few of them. Combine that with a lot of "incredibly difficult to predict" things like hardware I/O and lots of /dev/random data being used by things OTHER than your app...I really doubt you will find much benefit to adding an external noise source to OpenBSD. Nick.
