Maximum entropy! Is this "sufficiently" random?
note: Yeah, it's a long post. I tend to do that when tired. The first part just gives some context. Skip down to the code if you're not interested.
Threads keep popping up about pacman-key "not working" when it's waiting for entropy from /dev/random to generate keys. The advice in those threads is to move the mouse around (if you have Xorg), run some cpu intensive apps, and wait.
I started to wonder if the advice about running apps was actually good. I really don't know how the kernel collects entropy but the little that I've read only mentions mouse, keyboard and disk IO. I did some really basic testing with different commands (CPU intensive, disk IO intensive) to see if they increased the available entropy (/proc/sys/kernel/random/entropy_avail). They didn't. At least not enough to have an immediate impact from what I could tell.
So, what else can we do? The first thing that came to mind was using the microphone as an entropy source. I found audio-entropyd (old and new) but there was no package for it. Instead of creating one I decided to test some some ideas. I spent some time reading up on how to actually inject bits into the entropy pool before I ended up installing rng-tools as recommended in the wiki.
At first I tried piping the microphone output from arecord into rngtest but that failed the FIPS test (the first few times it failed because my microphone was plugged into the headphones jack, but it still failed after that ).
I read something about hashing inputs while searching for ways to increase entropy, so I wrote the following script:
#!/usr/bin/env python3
from time import time
from hashlib import sha512
from sys import stdin, stdout, stderr, argv
h = sha512()
if argv[1:]:
RATIO = int(argv[1])
else:
RATIO = h.block_size
buf = stdin.buffer.read(h.block_size)
n = 1
while buf:
h.update(buf)
buf = stdin.buffer.read(h.block_size)
n += 1
if n >= RATIO:
stdout.buffer.write(h.digest())
stderr.write('\r%f' % time())
h = sha512()
n = 0
It takes an input stream and hashes it with sha512 at a configurable ratio. Let's call it "hashpipe" for now. Piping the microphone output through it passes rng's FIPS test. Great.
So I tried this:
mkfifo foo
# change hw as needed
arecord -c 1 -f cd -t raw -D hw:1,0 - | hashpipe > foo
# in another terminal
sudo rngd -f -r foo -W 4096 -t 5
Lo and behold, maximum entropy! The entire pool is refreshed as soon as it's depleted. 4096-bit gpg keys take no time at all.
Now, accepting that my crypto-fu is weak, I ask you... does passing rng-tool's FIPS test mean that the data is "sufficiently" random for secure cryptography? If not, what about if the input/output hash ratio is increased?
I'm thinking that hashing the input stream is either masking its regularity or condensing its entropy. I'm expecting the former as the authors of audio-entropyd do much more to extract the entropy of the audio input, and that project has been around long enough to receive scrutiny. I haven't actually looked at what they do though. I've just seen some messages around the internet. I didn't see any hashing in randomsound, but there is a debias function. Of course, I have no idea if either of those generate "good" entropy to begin with.
keenerd wrote:It means each bit is completely independent of all the others...
Hmmm. I am refering to "entropy" in the sense of Shannon's information theory, in which case it is just a concrete measurement on a probability distribution. Apologies if I'm not understanding -- I'm new here. Anyway, using my definitions, you can have a funny distribution on strings in which each bit is independent of the others, but it still has very low entropy. Say if the bits are usually 0, but their likelyhood of being 0 has nothing to do with any of their neighbors. In this sense, independent =/=> lots of entropy. Anyway, differences in language aside, I think we actually agree on the meaning: "perfect" <==> the value is sampled uniformly and independently at random from {0,1}. Right?
For example, all pseudo RNGs have 0% entropy because they can be perfectly predicted.
Provided you know the seed. In general, entropy <= size of seed. But again, this is using my definition...
So in this context, "percent entropy" is the ratio of kolmogorov size divided by input size. Sources of perfect entropy don't exist, so improving the quality (debiasing) of entropy sources is a huge deal.
Intuitively I like the definition. Although Kolmogorov complexity is not so easy to compute and also not so easy to estimate. Well, I guess it is easy to come up with upper bounds, but we are interested more in lower bounds, which I think Shannon is more suited towards.
Personally I avoid the term "high entropy", because it can either mean high quality or high rate depending on context.
I think I'm coming from a different background. Perhaps I mistook my world for the universe. Sorry if that's the case.
When I mentioned extracting high quality bits, I did not mean in a literal sense of pointing at a 0 or 1 and saying "You, you there are completely random." Rather in the vague sense of a bit as a component of information, discarding all the components that can be predicted or (more specifically) do not add to the Kolmogorov complexity of the random sequence.
I guess the bit you mentioned about the LSB sent me down that path.
The leftover hash lemma just proves that debiasing is possible. It does not let you gain any extra randomness. Randomness extractors are just debiasing by a different name.
Regarding the extra randomness, that's exactly what I said. Regarding the lemma and extractors, I wouldn't say that it just proves it is possible: it gives you a generic and concrete way to do it. Bonus: it comes with formal statements of what it accomplishes, and proofs that it works! But to be honest, I am unfamiliar with the literature on debiasing. I would be interested in any references if you have them.
But provable does not mean practical.
Unfortunate, but true. But if the intersection is NOT the empty set... win! I looked (briefly) at some of the other libraries out there, and didn't find any that claimed an information-theoretic kind of proof. Meh. In reality, most of this is probably overkill, and the ad-hoc method is probably fine. But people have been burned before, and although we certainly aren't doing anything that dumb nowadays, I still would prefer to be on the safe side if possible.
If you want to learn about collecting entropy, then experiment with it.
I did once upon a time. Maybe I will bring that back to life and share the results (if they don't suck). But I thought Xyne's idea had some promise...
Last edited by wes (2012-04-02 01:32:12)
Similar Messages
-
After iOS 7 update, my iPhone 4s Voice Memo App has 5 second delay when the record button is pressed. When it starts recording, it goes from 0 seconds to 5 or so seconds that it shows has recorded. This happens randomly and often, sometimes it will have the 5+ second delay but starts recording at zero seconds. Besides the delay it has been working fine as far as saving and playback is concerned. I have plenty of storage on the phone itself and it NEVER had this problem before I updated to iOS 7. I've reset the phone a couple times by holding down the power and home buttons at the same time. The reason I have an issue with this is that I'm always recording song ideas, melodies, and scratch takes; what I'm saying is when I come up with an idea I need to be able to know that when I hit record it will start right then so I don't forget anything that has just popped in my mind.
Does anyone have a solution or suggestion?
ThanksAfter iOS 7 update, my iPhone 4s Voice Memo App has 5 second delay when the record button is pressed. When it starts recording, it goes from 0 seconds to 5 or so seconds that it shows has recorded. This happens randomly and often, sometimes it will have the 5+ second delay but starts recording at zero seconds. Besides the delay it has been working fine as far as saving and playback is concerned. I have plenty of storage on the phone itself and it NEVER had this problem before I updated to iOS 7. I've reset the phone a couple times by holding down the power and home buttons at the same time. The reason I have an issue with this is that I'm always recording song ideas, melodies, and scratch takes; what I'm saying is when I come up with an idea I need to be able to know that when I hit record it will start right then so I don't forget anything that has just popped in my mind.
Does anyone have a solution or suggestion?
Thanks -
How do I create a new apple store account when my phone tells me that I have exceeded the maximum limit on this phone
http://support.apple.com/kb/HT4627
-
Hi,
My places.sqlite file size is 30,720 KB have I reached the maximum size, is there even a maximum size for this.
Suddenly the visited links are no longer changing font color, as I am preparing for an exam I need visited questions to change color, to keep track of questions that I have finished. But if I delete a few days of history then again,a few more visited links change color then again it stops, so it seems something is getting full and not able to accommodate any more? Why are my visited links no longer changing color after a certain number of visits? I do have a back up of the places.sqlite file. So I have tried everything from deleting the profile, uninstalling reinstalling, creating a new profile, then copy pasting places.sqlite etc, but as mentioned after a few visits, visited links no longer change color, if I delete a few days of history then again a few visits will again change color and then stop again, so what should I increase so that my visited links quota is increased, I have also tried tweaking about:config and it has had no result. Although I was not really confident that increasing brower.history_max _pages (don't remember exact name, but I am sure you get the idea) is going to help.
Seems as though my visited links change color, quota is full and only if I delete a few days of history will I get a few more visited links to change color. Can somebody shed some light? As mentioned my places.sqlite file size is 30,720 KB so I think perhaps this has something to do with this? Would really appreciate if someone could help. Thank you.There is no maximum for the places.sqlite database and other SQLite database files like I wrote above.<br />
All SQLite database file have fixed minimum sizes and if they run out of space they are automatically increased in size with a specific chunk size. For places.sqlite this is 10 MB for the minimum and for the chunk.
*Bug 581606 - Avoid sqlite fragmentation via SQLITE_FCNTL_CHUNK_SIZE -
iTunes will only play one song. I have to hit play to start a new song. I have the shuffle on and I am in a playlist. I am running Windows 7. How do I correct this to randomly play music, by itself?
That's consistent with all the tickboxes to the left of the tracks (in Song view) being unchecked.
Go into Song view and Ctrl-click one of the empty boxes to do a "global recheck".
If you can't see the tickboxes, head into your General preferences tab and select "Show list tickboxes" as per the following screenshot (it's for an earlier version of iTunes, but the boxes are in roughly the same place in the recent versions 11.x): -
Both my I-Pad and mini I-Pad keep getting dropped off what ever website they are on and end up on the homescreen. This happens randomly and often. What is happening?
Both my I-Pad and mini I-Pad keep getting dropped off what ever website they are on and end up on the homescreen. This happens randomly and often. What is happening?
-
Tango Remote Control Music Player HD
I am interested in an app called tango remote. It needs two ios devices. I have an 8GB ipod touch. Is this sufficient for one of the devices?An iPod touch is an iOS device.
Why not contact the developer of the app? -
What's the maximum RAM for this notebook (C742EM)
What is the maximum RAM size for this notebook?
Hi,
The following link shows its specs and max size is 2Gb
http://h10025.www1.hp.com/ewfrf/wc/document?docname=c01179737&tmp_task=prodinfoCategory&cc=us&dlc=en...
Regards.
BH
**Click the KUDOS thumb up on the left to say 'Thanks'**
Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem. -
880GM-E43 - What is the "real" maximum memory for this mobo?
Hi,
I have a system that I built awhile ago that uses the 880GM-E43 mobo. At the time that I built this system, everything that I found indicated that the max memory was 16GB (4 x 4GB), which is what I have installed now.
I've been wanting to have more memory (lots of VMware guests), so I've been starting to look at building a new system, which I thought would have required a different mobo that supports 32GB (4 x 8GB) and a new set of 8GB memory sticks.
While I was researching that, I found this:
http://www.msi.com/product/mb/880GM-E43.html
and under the Specifications tab, it says:
Code: [Select]
DDR3 Memory DDR3 800/1066/1333/1600*(OC)
DDR2 Memory N/A
Memory Channel Dual
DIMM Slots 4
Max Memory (GB) 32
Everywhere else, other than the MSI website itself, still seems to say "16GB" max.
Does anyone know which maximum is correct? Is it 16GB, or is it 32GB?
Please advise.
Thanks,
JimQuote from: Bas on 02-January-12, 23:48:42
It's only limited to what the CPU can handle, and that is far more then you can buy at this time
However, MSI only tested at the time of production of the board.
So if you use bigger modules you have to test yourself if it works with your CPU, the board got nothing to do with it.
What ever you do, don't mix sizes and brands, often goes wrong.
Bas,
Not doubting what you said, but I hope that's the case. Will post back as soon as it gets in and I get a chance to test it. As you suggested, I'll initially remove the 4x4GB sticks, and replace them with the new 2x8GB sticks, and see how that works. If it that works, I'll put in the additional 2x4GB (understood what you said, but this is interim).
Then, if that works, I can wait for maybe prices to drop to get an additional 2x8GB kit, but going to 24GB will help a lot with the work that I'm doing (mostly Vmware guests).
Jim -
How to make this function random chose bits and flip it
Hi ni and member
I try to make this vi that do this function
I need it to use in academic research
I have stream of bits have length=100bitsmove in serial
and I want a selector that select between ratio 0.1 0.2 or 0.05 that represent error ratio
its ratio of bit that much flip (0 to 1) and (1 to 0)
for exqmple
for 0.1 ratio 10 bit of stream must randomly chosen and flipped
for 0.5 ratio 50 bit of stream must randomly chosen and flipped
any help please
best regards
hi ?Q>GerdW wrote:
Hi mangood,
- use a ring or enum for your selector
- depending on the selector value create a boolean array containing randomly set bits
- XOR your boolean array with your stream bit array
Done...
thank you with kudos
i did not understand the stament """use a ring or enum for your selector"""
can you make a pic for the vi
best regards
hi ?Q> -
I can not sign in to my iphone because it has the maximum number of free accounts have been activated on my iphone, How can i fix my iphone account settings
As Csound1 said, you cannot create a fourth new account on the same device, but this should not prevent you from signing onto an account you have created previously.
-
This is the second major problem I have had with this phone (first was the SIM card issue where I had no service because the software of the phone wouldn't read the SIM card, has been fixed by an update I downloaded in December).
I really would like to know what my options are, and if I am eligible to get a new phone. This has been by far the worst phone I have ever experienced and am disappointed that I am forced into a two year contract with a phone that has consistently failed me. I am a college kid who is going through job/phone interviews and it is very important that I can rely on my personal phone.callahan.214,
If the home and back buttons are not working it has to be difficult to use the phone. Let's get that device working. Back up your phone and complete a reset: http://vz.to/1uBz20R . Before installing any applications test out the phone for a day to ensure it is working properly. Let us know how it is working.
BrianP_VZW
Follow Us on Twitter @VZWSupport -
My wireless keyboard keeps losing connection but this is random
after upgrading to mavericks i can log on to the operting system but sometimes this can happen right after log on or this might take hours or a few days. my keybpard will just stop working.
this is a new keybpard only 1 month old the apple wireless keyboard. and in the bluetooth in seems connected fine.
but for no reason at all i can link to any action my keyboard will just stop sending keystrokes to the computer.
1. the keyboard is on
2. the bluetooth shows the keyboard and i can selects disconnect and connect.
the only way i can reconnect the keybpard is reboot. by holding the power button in.
i have a spercial mouse with 6 buttons on as i need this to work and that mouse works through another dongle bluged in via usb. i have tried disconnecting this but the keyboard still wont connect.
this is really getting bad now as i have 3D renders going on in the background 24 hours a day. and a reboot rrally upsets my work.
i have a mac 27 inch mid 2011
Hardware Overview:
Model Name: iMac
Model Identifier: iMac12,2
Processor Name: Intel Core i5
Processor Speed: 2.7 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 6 MB
Memory: 16 GB
Boot ROM Version: IM121.0047.B1F
SMC Version (system): 1.72f2
Apple Bluetooth Software Version: 4.2.0f6 12982
Hardware Settings:
Address: 7C-C3-A1-58-F0-90
Manufacturer: Broadcom
Name: Mike’s iMac
Chipset: 2046
Firmware Version: v207 c509
Bluetooth Power: On
Discoverable: On
Connectable: Yes
Auto Seek Keyboard: On
Auto Seek Pointing: Off
Remote wake: On
Vendor ID: 0x05AC
Product ID: 0x8215
HCI Version: 0x4
HCI Revision: 0x1FD
LMP Version: 0x4
LMP Subversion: 0x21CF
Device Type (Major): Computer
Device Type (Complete): Mac Desktop
Composite Class Of Device: 0x380104
Device Class (Major): 0x01
Device Class (Minor): 0x01
Service Class: 0x1C0
Devices (Paired, Configured, etc):
Apple Wireless Keyboard mikes:
Address: 28-CF-E9-6D-3E-E2
Major Type: Keyboard
Minor Type: Peripheral
Services: Apple Wireless Keyboard
Paired: Yes
Configured: Yes
Connected: Yes
Manufacturer: Apple (0x3, 0x31C)
Battery Level: 100%
Firmware Version: 0x0050
Vendor ID: 0x05AC
Product ID: 0x0256
Class of Device: 0x05 0x10 0x2540
AFH: On
AFH Map: FFDFFFFF1F00000
RSSI: -49
Role: Master
Host Connectable: Yes
EDR Supported: No
eSCO Supported: No
SSP Supported: No
Services:
Bluetooth File Transfer:
Folder other devices can browse: ~/Public
When receiving items: Prompt for each file
State: Enabled
Bluetooth File Exchange:
Folder for accepted items: ~/Downloads
When other items are accepted: Ask
When receiving items: Prompt for each file
State: Enabled
Bluetooth Internet Sharing:
State: Disabled
Incoming Serial Ports:
Bluetooth-Incoming-Port:
RFCOMM Channel: 3
Requires Authentication: No
Outgoing Serial Ports:
Bluetooth-Modem:
Address:
RFCOMM Channel: 0
Requires Authentication: No
System Software Overview:
System Version: OS X 10.9 (13A603)
Kernel Version: Darwin 13.0.0
Boot Volume: Main-SSD
Boot Mode: Normal
the only addon i have wich isnt apple is a USB hub that i use for secondary things like iphone charges headphones but nothing i need for fast data transportHello B:
One thing to try is to make the devices "favorites" Directions for that are in other posts of mine.
However, the keyboard (from your description) could be faulty. Since it is less than one year old, I suggest you call Applecare with a warranty issue. I had a KB replaced (in warranty) a couple of years ago. Apple replaced it and paid the shipping both ways.
Barry -
What's the maximum RAM for this notebook (ze2000)?
Hello,
i want to find out, what's the max memory for notebook ze2000 (p/n: EF062EA#ABU)
Andrius
LTUHi:
According to the service manual for your notebook at the link below, maximum is 2 x 512 MB for 1 GB.
Chapter 1, page 1-3.
http://h10032.www1.hp.com/ctg/Manual/c00400869.pdf
I would run the free Crucial Memory scanner and see what it reports. 1 GB seems pretty low for the hardware in your notebook.
http://www.crucial.com/systemscanner/
Paul -
my ipod is being mean and not connecting to my wifi. this just happened one day out of the blue. its so very irritating!
- Try a reset. Nothing is lost
Reset iPod touch: Hold down the On/Off button and the Home button at the same time for at
least ten seconds, until the Apple logo appears.
- Reset network settings: Settings>General>Reset>Reset Network Settings. Yu will have to reenter network passwords.
Maybe you are looking for
-
HP Officejet Pro 8100 driver for Mac OS 10.9
I am totally frustrated im usually v good with IT I have spent the past 3 hrs trying to wirelessly connect my macbook pro to my new 8100 because it is a new mac, it has now disc drive i have tried continuously to download the printer utility off th
-
Is it possible to install ODSI 10.3g as a web application via a WAR or EAR?
I only know how to install it from the single .exe that installs WebLogic and ODSI in one shot. My customer has an automated process for rolling out WebLogic servers and would like to know if ODSI can be installed from an EAR or WAR. Does anyone here
-
I connected my Ipod Video to the TV via a composite video cable from the line out jack on top of the Ipod to the RCA jacks on the TV. The movie played but the motion of the movie was consistently slurred (like a slow internet connection). Why is this
-
How to put widget full time on desktop? I found it is possible on display.
I noticed in a CompUSA store display, one of the widgets (calendar and clock) was ful time on the desktop. They did not know how it was or who did, anyone know how to without clicking dashboard?
-
How to Deploy ADF Pages in Oracle APPS R12.1.3
Hi, Every One How can i deploy adf pages in oracle apps R12.13 Thanks & Regards Venkat