From: Lukasz Stelmach <l.stelmach@samsung.com>
To: Stephan Mueller <smueller@chronox.de>
Cc: Matt Mackall <mpm@selenic.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Ray Jui <rjui@broadcom.com>,
Scott Branden <sbranden@broadcom.com>,
bcm-kernel-feedback-list@broadcom.com,
Kukjin Kim <kgene@kernel.org>,
Krzysztof Kozlowski <krzk@kernel.org>,
Florian Fainelli <f.fainelli@gmail.com>,
Markus Elfring <elfring@users.sourceforge.net>,
Matthias Brugger <mbrugger@suse.com>,
Stefan Wahren <wahrenst@gmx.net>,
linux-crypto@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, linux-samsung-soc@vger.kernel.org,
Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Subject: Re: [PATCH 1/2] hwrng: iproc-rng200 - Set the quality value
Date: Fri, 15 May 2020 00:18:41 +0200 [thread overview]
Message-ID: <dleftjtv0i88ji.fsf%l.stelmach@samsung.com> (raw)
In-Reply-To: <4493123.C11H8YMYNy@tauon.chronox.de> (Stephan Mueller's message of "Thu, 14 May 2020 22:20:26 +0200")
[-- Attachment #1: Type: text/plain, Size: 2351 bytes --]
It was <2020-05-14 czw 22:20>, when Stephan Mueller wrote:
> Am Donnerstag, 14. Mai 2020, 21:07:33 CEST schrieb Łukasz Stelmach:
>
> Hi Łukasz,
>
>> The value has been estimaded by obtainig 1024 chunks of data 128 bytes
>> (1024 bits) each from the generator and finding chunk with minimal
>> entropy using the ent(1) tool. The value was 6.327820 bits of entropy
>> in each 8 bits of data.
>
> I am not sure we should use the ent tool to define the entropy
> level. Ent seems to use a very coarse entropy estimation.
>
> I would feel more comfortable when using other measures like SP800-90B
> which even provides a tool for the analysis.
>
> I understand that entropy estimates, well, are estimates. But the ent
> data is commonly not very conservative.
>
> [1] https://github.com/usnistgov/SP800-90B_EntropyAssessment
Thank you for pointing this out.
I am running tests using SP800-90B tools and the first issue I can see
is the warning that samples contain less than 1e6 bytes of data. I know
little about maths behind random number generators, but I have noticed
that the bigger chunk of data from an RNG I feed into either ent or ea_iid
the higher entropy they report. That is why I divided the data into 1024
bit chunks in the first place. To get worse results. With ea_iid they
get even worse (128 bytes of random data)
Calculating baseline statistics...
H_original: 4.107376
H_bitstring: 0.795122
min(H_original, 8 X H_bitstring): 4.107376
but I don't know how much I can trust it, when I get such warning
*** Warning: data contains less than 1000000 samples ***
ea_non_iid refuses to run tests with less than 4096 bytes of input.
I may suspect that lack of any warnings from ent doesn't make its
results any more reliable.
Anyway. I collected 1024 files 1024 bits each once again and ran the
following tests
for f in exynos-trng/random*; do ./ea_iid "$f" | grep ^min; done | sort | head -1
for f in rng200/random*; do ./ea_iid "$f" | grep ^min; done | sort | head -1
For both RNGs I got the same
min(H_original, 8 X H_bitstring): 3.393082
which, if I understand correctly, means I should set quality to no more
than 434. Do you think 400 is OK?
Kind regards,
--
Łukasz Stelmach
Samsung R&D Institute Poland
Samsung Electronics
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
next prev parent reply other threads:[~2020-05-14 22:18 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20200514190737eucas1p18ccdddb185ea7611683a6859e17bc721@eucas1p1.samsung.com>
2020-05-14 19:07 ` [PATCH 0/2] Set the quality value for two HW RNGs Łukasz Stelmach
[not found] ` <CGME20200514190738eucas1p2695c0d8af064ee702209ca03696ef438@eucas1p2.samsung.com>
2020-05-14 19:07 ` [PATCH 1/2] hwrng: iproc-rng200 - Set the quality value Łukasz Stelmach
2020-05-14 20:20 ` Stephan Mueller
[not found] ` <CGME20200514221852eucas1p2bea169d0b4467b0ec9e195c6ac58a08a@eucas1p2.samsung.com>
2020-05-14 22:18 ` Lukasz Stelmach [this message]
2020-05-15 8:32 ` Stephan Mueller
[not found] ` <CGME20200515090647eucas1p21018edfd835730c9a68dcb186349ee74@eucas1p2.samsung.com>
2020-05-15 9:06 ` Lukasz Stelmach
[not found] ` <CGME20200515090158eucas1p1b653fc50f1ad4f0f6c92525ab3188d45@eucas1p1.samsung.com>
2020-05-15 9:01 ` Lukasz Stelmach
2020-05-15 9:10 ` Stephan Mueller
[not found] ` <CGME20200515110002eucas1p136759396d9b61f214d1f14856c009501@eucas1p1.samsung.com>
2020-05-15 10:59 ` Lukasz Stelmach
[not found] ` <CGME20200514190740eucas1p293129b2ef3ba706652a9327e55db9649@eucas1p2.samsung.com>
2020-05-14 19:07 ` [PATCH 2/2] hwrng: exynos " Łukasz Stelmach
2020-05-14 20:20 ` Stephan Mueller
[not found] ` <CGME20200519212617eucas1p1b6e7af0ecb894896b165601fafd6abe8@eucas1p1.samsung.com>
2020-05-19 21:25 ` [PATCH v2 0/2] Set the quality value for two HW RNGs Łukasz Stelmach
[not found] ` <CGME20200519212619eucas1p22fa5d3db2521096dc4b79f6e53016d17@eucas1p2.samsung.com>
2020-05-19 21:25 ` [PATCH v2 1/2] hwrng: iproc-rng200 - Set the quality value Łukasz Stelmach
2020-05-20 6:23 ` Stephan Mueller
[not found] ` <CGME20200520091043eucas1p15ecae108007382a95b01e42241cc7a26@eucas1p1.samsung.com>
2020-05-20 9:10 ` Lukasz Stelmach
2020-05-20 9:18 ` Stephan Mueller
[not found] ` <CGME20200520104448eucas1p122e9a8ed84d5276a1b796e10ef5e1964@eucas1p1.samsung.com>
2020-05-20 10:44 ` Lukasz Stelmach
2020-05-20 11:53 ` Stephan Mueller
2020-05-20 12:00 ` Krzysztof Kozlowski
2020-05-20 12:11 ` Stephan Mueller
[not found] ` <CGME20200520143211eucas1p21bd93be5c62726aa715db05bb6e7119b@eucas1p2.samsung.com>
2020-05-20 14:31 ` Lukasz Stelmach
2020-05-20 8:18 ` Kamil Konieczny
2020-05-21 11:00 ` Stefan Wahren
[not found] ` <CGME20200521191415eucas1p2d112a86171b23dcf255e7da53a56f4f3@eucas1p2.samsung.com>
2020-05-21 19:14 ` Lukasz Stelmach
2020-05-23 18:46 ` Stephan Müller
[not found] ` <CGME20200519212621eucas1p13279db41d930b69e115972463c994a37@eucas1p1.samsung.com>
2020-05-19 21:25 ` [PATCH v2 2/2] hwrng: exynos " Łukasz Stelmach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dleftjtv0i88ji.fsf%l.stelmach@samsung.com \
--to=l.stelmach@samsung.com \
--cc=arnd@arndb.de \
--cc=b.zolnierkie@samsung.com \
--cc=bcm-kernel-feedback-list@broadcom.com \
--cc=elfring@users.sourceforge.net \
--cc=f.fainelli@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=kgene@kernel.org \
--cc=krzk@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=mbrugger@suse.com \
--cc=mpm@selenic.com \
--cc=rjui@broadcom.com \
--cc=sbranden@broadcom.com \
--cc=smueller@chronox.de \
--cc=wahrenst@gmx.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).