patch at http://www.chronox.de/jent/jitterentropy-20130508.tar.bz2
A new version of the CPU Jitter random number generator is released at
http://www.chronox.de/ . The heart of the RNG is about 30 lines of easy
to read code. The readme in the main directory explains the different
In a previous attempt (http://lkml.org/lkml/2013/2/8/476), the first
iteration received comments for the lack of tests, documentation and
entropy assessment. All these concerns have been addressed. The
documentation of the CPU Jitter random number generator
(http://www.chronox.de/jent/doc/index.html and PDF at
http://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.pdf -- the graphs and
pictures are better in PDF) offers a full analysis of:
- the root cause of entropy
- a design of the RNG
- statistical tests and analyses
- entropy assessment and explanation of the flow of entropy
The document also explains the core concept to have a fully
decentralized entropy collector for every caller in need of entropy.
The appendix of the documentation contains example use cases by
providing link code to the Linux kernel crypto API, libgcrypt and
OpenSSL. Links to other cryptographic libraries should be straight
forward to implement. These implementations follow the concept of
decentralized entropy collection.
The man page provided with the source code explains the use of the API
of the CPU Jitter random number generator.
The test cases used to compile the documentation are available at the
web site as well.
Note: for the kernel crypto API, please read the provided Kconfig file
for the provided switches and which of them are recommended in regular
operation. These switches must currently be set manually in the
Signed-off-by: Stephan Mueller <[email protected]>