The content of this topic has been archived on 31 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hello,
I've recently read http://eprint.iacr.org/2006/086 which discusses
/dev/random of linux. It also says that because of the hardware openwrt
runs the randomness gathered is really few and not to be trusted (for ssh
or anything). They suggest saving the randomness state across reboots
and add other ways to gather randomness. Has this issue been discussed
before? Do you know whether there are openwrt platforms where the kernel
cannot really fill its random pool?
regards,
Nikos
I was thinking of the following scripts to save the random states across reboots (since openwrt doesn't shutdown explicitly the normal /etc/init.d/urandom from a debian would not work). The idea is to have a normal initialization of /dev/urandom from a saved file and update the file immediately with the output of /dev/urandom. Then initiate a daemon that will read every now and then /dev/urandom and update the saved file. What do you think?
/etc/init.d/S11urandom:
#! /bin/sh
#
# urandom This script saves the random seed between reboots.
# It is called from the boot, halt and reboot scripts.
#
# Version: @(#)urandom 2.85-14 31-Mar-2004 miquels@cistron.nl
#
# modified for openwrt --nmav
#
[ -c /dev/urandom ] || exit 0
URANDOM_SEED_FILE=/var/urandom-seed
# This daemon should update the given file
# with data from /dev/urandom every UPDATE_TIME
# seconds.
URANDOM_DAEMON=/sbin/urnd
UPDATE_TIME=3600
POOLSIZE=512
if [ -f /proc/sys/kernel/random/poolsize ]
then
POOLSIZE="`cat /proc/sys/kernel/random/poolsize`"
fi
case "$1" in
start)
# Load and then save $POOLSIZE (512) bytes,
# which is the size of the entropy pool
if [ -f $URANDOM_SEED_FILE ]
then
cat $URANDOM_SEED_FILE >/dev/urandom
fi
# To prevent booting with the same seed
# replace it with a fresh one.
rm -f $URANDOM_SEED_FILE
umask 077
dd if=/dev/urandom of=$URANDOM_SEED_FILE \
bs=$POOLSIZE count=1 >/dev/null 2>&1 \
|| echo "urandom start: failed."
umask 022
$URANDOM_DAEMON $URANDOM_SEED_FILE $UPDATE_TIME $POOLSIZE >/dev/null 2>&1 &
;;
*)
echo "Usage: urandom {start}" >&2
exit 1
;;
esac
exit 0/sbin/urnd:
#!/bin/sh
# A daemon to save the state of the linux random pool
# in order to make its initial state after a reboot unpredictable.
[ $# != 3 ] && \
echo "usage: $0 SEED_FILE REFRESH_TIME POOL_SIZE" && exit 1
URANDOM_SEED_FILE=$1
REFRESH_TIME=$2
POOLSIZE=$3
umask 077
while [ 1 = 1 ]
do
sleep $REFRESH_TIME
dd if=/dev/urandom of=$URANDOM_SEED_FILE \
bs=$POOLSIZE count=1 >/dev/null 2>&1
done> It also says that because of the hardware openwrt runs the randomness gathered is really few and not to be trusted
Eventually the WLAN interface (specifically the RSSI (received signal strength) measurement) could be used as an additional random source? AD-conversion noise plus receiver noise could be an entropy source (at least at low RSSI levels).
A random input based on RF should probably be considered rather critical as "physical access" might be just another WLAN router standing nearby.
Also using the RSSI only addresses a small aspect of the paper you cited so being able to optionally use a script like yours would be a good idea!
I have written an extension for wlcompat that gathers entropy from the wifi device in background (hardware random generator). The source is in SVN and you can find an updated binary snapshot at http://downloads.openwrt.org/people/nbd/whiterussian/.
The discussion might have continued from here.