X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:to:from:subject:mime-version
	:content-type; q=dns; s=default; b=uaiKsjCFYCurd0ycymIKb4rKN9jlS
	mIoU/FEBD1xeT17/JZtI4Nwq+6fEVpv0sZWr11f+9Jefo6MmoV/iMvpbuRMGYun+
	DA5ESGlATYugz58dAjzlefiuzH5B2UoeCIe+X01fBCu5Kl8APxtqJWQ/7FCMZ7Qf
	Y1+Jh7tbEz4ncI=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:to:from:subject:mime-version
	:content-type; s=default; bh=uFen5mtN4dUo7TW40NNEanVJawQ=; b=uM5
	aNRUF2RltePmqBeBYOGMhbYX5r3yoft/V8my/wz2vTl24BEP0Xmps59cxsvbYp9t
	p35BCgniHi9iL1TQlovu1mmJ/akGFFBW9qjQ4zfLfwznOLJUHe21sqBNh3LW18fz
	K0vVyFzvyq95pwUScrR+MZ7w7ElxSp6Q5Sy0oJb8=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=3.1 required=5.0 tests=AWL,BAYES_50,POKER_BODY,SPF_FAIL autolearn=no version=3.3.2
X-HELO: mx.binnacle.cx
Message-Id: <6.2.5.6.2.20130919015353.03a25398@binnacle.cx>
Date: Thu, 19 Sep 2013 01:55:58 -0400
To: cygwin@cygwin.com
From: starlight.2013z3@binnacle.cx
Subject: /dev/random does not block, emits poor entropy
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: -1 () ALL_TRUSTED
Received-SPF: pass (mx.binnacle.cx: 172.29.87.10 is whitelisted by SPF-milter whitelist entry)

For contrast, here is a 'rngtest' run against a
3.1.8 Linux kernel with /dev/random enhanced by
the output of a STMicroelectronics ST33 TPM PRNG
(via 'rngd' v4).

bits received from input: 62380032
FIPS 140-2 successes: 3115
FIPS 140-2 failures: 4
FIPS 140-2(2001-10-10) Monobit: 0
FIPS 140-2(2001-10-10) Poker: 0
FIPS 140-2(2001-10-10) Runs: 3
FIPS 140-2(2001-10-10) Long run: 1
FIPS 140-2(2001-10-10) Continuous run: 0
input channel speed: (min=21.119; avg=42.165; max=136.844)Kibits/s
FIPS tests speed: (min=41.374; avg=104.495; max=107.154)Mibits/s
Program run time: 1445.324494 seconds

That's three bit runs and one long bit run
in close to 8MB of random data.  Is well
inside the FIPS 140-2 document requirements.
Would likely be bad if there were none.
ST claims their PRNG is a

   AIS-31 Class P2 compliant true random
   number generator (TRNG)

The 'rngtest' output above is edited slightly
for better reading.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple