On Tue, Aug 20, 2013 at 05:33:05PM -0400, grarpamp wrote: > The subject thread is covering a lot about OS implementations > and RNG various sources. But what are the short list of open > source tools we should be using to actually test and evaluate > the resulting number streams?
As already mentioned in the thread, you can only identify a random source,
which in order to be truly random, must come from some chaotic random
source, such as radioactive decay. However, you can make statistical
judgements on the output, to determine if the source is 'random enough'.
This is where the Die Hard and FIPS 140-2 checks come into play. The trick
is sampling for a long period of time, rather than a few minutes here and
there.
# timeout 1h rngtest < /dev/random
rngtest 2-unofficial-mt.14
Copyright (c) 2004 by Henrique de Moraes Holschuh
This is free software; see the source for copying conditions. There is
NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
rngtest: starting FIPS tests...
rngtest: bits received from input: 79369360032
rngtest: FIPS 140-2 successes: 3965374
rngtest: FIPS 140-2 failures: 3094
rngtest: FIPS 140-2(2001-10-10) Monobit: 378
rngtest: FIPS 140-2(2001-10-10) Poker: 393
rngtest: FIPS 140-2(2001-10-10) Runs: 1205
rngtest: FIPS 140-2(2001-10-10) Long run: 1128
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=419.675; avg=25223.970;
max=28892.382)Kibits/s
rngtest: FIPS tests speed: (min=6.227; avg=143.700; max=155.069)Mibits/s
rngtest: Program run time: 3600000102 microseconds
~.078% failure rate for these tests.
--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
pgp9uG1y9f79F.pgp
Description: PGP signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
