This page explains how to make use of the hardware RNG found on RASPBERRY PI's BCM2708 chip. The RNG seems to make use of thermal noise amplification to gather entropy. The Debian rng-tools package is used to feed the gathered entropy to the kernels random device. If you're unsure what all this is about, then this document clearly is not for you.
The contents of this document are subject to revision without notice due to continued progress in methodology, design, and manufacturing. The author shall have no liability for any error or damages of any kind resulting from the use of this document. There is no warranty; not even for merchantability or fitness for a particular purpose.
bcm2708-rng kernel module to your
/etc/modules. Load it manually:
# modprobe bcm2708-rng
Replace the 'old'
/dev/urandom using these commands:
# cd /dev # mv urandom urandom.old # mknod urandom c 1 8
This will make the
/dev/urandom device use the
/dev/random 'driver' in the kernel which is fed by the rng-tools rngd(8) (see below).
Install the rng-tools using apt-get:
# apt-get install -y rng-tools
Edit your /etc/default/rng-tools to look like this:
HRNGDEVICE=/dev/hwrng RNGDOPTIONS="--fill-watermark=90% --feed-interval=1"
Per default, rngd will seed the
/dev/random device. We want the on-board RNG to dominate the contents of the entropy pool (= generate all the entropy contained in the pool) so we use a high value for the fill watermark and a low feed interval. Then restart the rng-tools:
# /etc/init.d/rng-tools restart
Let me remind you of my disclaimer above!
# cat /dev/urandom | rngtest -c 1000 rngtest 2-unofficial-mt.14 Copyright (c) 2004 by Henrique de Moraes Holschuh This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. rngtest: starting FIPS tests... rngtest: bits received from input: 20000032 rngtest: FIPS 140-2 successes: 999 rngtest: FIPS 140-2 failures: 1 rngtest: FIPS 140-2(2001-10-10) Monobit: 0 rngtest: FIPS 140-2(2001-10-10) Poker: 0 rngtest: FIPS 140-2(2001-10-10) Runs: 0 rngtest: FIPS 140-2(2001-10-10) Long run: 1 rngtest: FIPS 140-2(2001-10-10) Continuous run: 0 rngtest: input channel speed: (min=1.431; avg=31.378; max=2724.784)Mibits/s rngtest: FIPS tests speed: (min=843.318; avg=6155.429; max=9182.534)Kibits/s rngtest: Program run time: 3824706 microseconds