Warning: main(/www/www/htdocs/style/globals.php) [function.main]: failed to open stream: No such file or directory in /www/www/docs/6.4.1/neutrino/utilities/r/random.html on line 1
Warning: main() [function.include]: Failed opening '/www/www/htdocs/style/globals.php' for inclusion (include_path='.:/www/www/common:/www/www/php/lib/php') in /www/www/docs/6.4.1/neutrino/utilities/r/random.html on line 1
Warning: main(/www/www/htdocs/style/header.php) [function.main]: failed to open stream: No such file or directory in /www/www/docs/6.4.1/neutrino/utilities/r/random.html on line 8
Warning: main() [function.include]: Failed opening '/www/www/htdocs/style/header.php' for inclusion (include_path='.:/www/www/common:/www/www/php/lib/php') in /www/www/docs/6.4.1/neutrino/utilities/r/random.html on line 8
Source of secure random data
|
You must be root to start this service. |
random [options]
Neutrino
- -h
- Show the usage message.
- -i#
- Use interrupt number # as a source for collecting random data.
You may specify more than one interrupt, to a maximum of 32.
- -p
- Poll system information from /proc for random data.
- -t
- Use the high-performance clock as a random data source.
The random service runs in the background providing a
source of secure, random data suitable for encryption and security.
The service builds its internal pool of random data from
sources specified when it is started. These sources may include
timers, interrupts, and detailed system runtime information.
The service makes this random data available by providing device entries
that any application can read:
- /dev/random
- A source of high-quality random numbers.
- /dev/urandom
- An unlocked random source that reuses the internal pool to produce more
pseudo-random bits.
This means that the call won't block, but the output may contain less
entropy than a corresponding read from /dev/random.
The user controls all of the sources to be used
to collect random data by specifying source options on the command line.
|
Using interrupts as sources imposes an overhead on system performance.
When using the i option,
you might want to minimize the impact
of this overhead by specifying only one or two interrupts from low interrupt
rate devices such as disk drivers and input/serial devices. |
Start the random service using three PC interrupts as sources:
random -i12 -i14 -i15
From an application, read 4 bytes of random data like this:
int data;
int fd;
fd = open( "/dev/random", O_RDWR );
if( fd == -1 )
exit( 1 );
read( fd, &data, sizeof( data ) );
close( fd );
- 0
- The random data is available from /dev/random and
/dev/urandom.
- Any other value
- An error occurred; /dev/random and
/dev/urandom aren't created.
If an error occurs, random sends a
description of the error to
slogger
and doesn't create /dev/random or /dev/urandom.
The random service uses the core algorithm from the
copyright-free Yarrow pseudo-random number generator (PRNG)
from Counterpane Security
(http://www.counterpane.com/yarrow.html).
Bruce Schneier and John Kelsey designed the Yarrow PRNG.
The random service will not work unless you specify
at least one source
of random data (options -p, -t, or -i).
Warning: main(/www/www/htdocs/style/footer.php) [function.main]: failed to open stream: No such file or directory in /www/www/docs/6.4.1/neutrino/utilities/r/random.html on line 197
Warning: main() [function.include]: Failed opening '/www/www/htdocs/style/footer.php' for inclusion (include_path='.:/www/www/common:/www/www/php/lib/php') in /www/www/docs/6.4.1/neutrino/utilities/r/random.html on line 197