debian-user:
I found some informative articles about Linux and the Intel Secure Key
processor feature:
https://software.intel.com/en-us/articles/performance-impact-of-intel-secure-key-on-openssl
http://blog.cloudflare.com/ensuring-randomness-with-linuxs-random-number-generator/
It appears that openssl gives you direct access to Secure Key, while the
Linux kernel uses Secure Key to stir an entropy pool that is fed into
SHA-1 to produce random numbers. So, openssl and /dev/random should
show speed improvements on a processor with Secure Key, and /dev/urandom
should have better entropy.
Below please find a Perl script for benchmarking the Linux entropy pool
and random numbers, and two sample runs on a Wheezy 7.7 i386 machine
with a Pentium 4 3.4E GHz HT processor (does not have Secure Key):
1. The first run was with an idling machine and a low entropy pool to
begin with.
2. The second run was started after rapidly typing random garbage into
another terminal and continuing to type during the run.
Could somebody with a Secure Key processor please run the script and
post the results?
David
$ cat `which entropy-random-bench `
#!/usr/bin/perl
eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
if 0; # not running under some shell
# $Id: entropy-random-bench,v 1.7 2014/11/27 21:58:22 dpchrist Exp $
#######################################################################
# Argument defaults -- edit to suit:
my $entropy = '/proc/sys/kernel/random/entropy_avail';
my $random = '/dev/urandom';
my $duration = 60.0; # seconds
my $entropy_upper = 4095; # bits
my $entropy_lower = 0; # bits
my $nap_upper = 10.0; # seconds
my $nap_lower = 1.0E-06; # seconds
my $gain = 10.0; # seconds / bit
#######################################################################
# The rest of the script should not be edited:
use strict;
use warnings;
use Getopt::Long qw(
:config
auto_help
auto_version
);
use Pod::Usage;
use Time::HiRes qw( sleep time );
$| = 1;
our $VERSION = sprintf("%d.%03d", q$Revision: 1.7 $ =~ /(\d+)/g);
my $man;
GetOptions(
"entropy=s" => \$entropy,
"random=s" => \$random,
"duration=f" => \$duration,
"entropy-upper=f" => \$entropy_upper,
"entropy-lower=f" => \$entropy_lower,
"nap-upper=f" => \$nap_upper,
"nap-lower=f" => \$nap_lower,
"gain=f" => \$gain,
"man" => \$man,
) or pod2usage(2);
pod2usage(-exitstatus => 0, -verbose => 2) if $man;
my $entropy_span = $entropy_upper - $entropy_lower;
my $entropy_setpoint = $entropy_upper / 2;
my $nap_span = $nap_upper - $nap_lower;
my $nap_offset = $nap_upper / 2;
my $err;
my $buf;
my $e1;
my $e2;
my $t1;
my $t2;
my $rate;
my $dt;
my $signal;
my $nap = $nap_lower;
my $lastprint;
open(my $random_fh, $random) or die "error opening $random: $!";
$err = sysread($random_fh, $buf, 1);
die "error reading $random: $!" unless defined $err && $err;
### /proc/sys/kernel/random/entropy_avail is not world-readable, but
### 'cat' can read it (?)
$e1 = `cat $entropy`;
chomp $e1;
print "time (seconds) entropy (bits) random (bytes/second)\n",
"============== ============== ======================\n";
my $begin = $lastprint = $t1 = time();
my $end = $begin + $duration;
do {
sleep($nap);
$err = sysread($random_fh, $buf, 1);
die "error reading $random: $!" unless defined $err;
$e2 = `cat $entropy`;
chomp $e2;
$t2 = time();
$dt = $t2 - $t1;
$rate = 1.0 / $dt;
if ($dt && ($lastprint + 1 < $t2)) {
$lastprint = $t2;
printf "%14.06f %14i %22.6f\n",
$t2 - $begin,
$e2,
$rate;
}
$signal = ($e2 - $entropy_setpoint) / $entropy_span;
$nap = -1.0 * $gain * $signal * $nap_span + $nap_offset;
$nap = $nap_lower if $nap < $nap_lower;
$nap = $nap_upper if $nap_upper < $nap;
$e1 = $e2;
$t1 = $t2;
} while ($t2 < $end);
DONE:
__END__
=head1 NAME
entropy-random-bench - Linux entropy pool / random number benchmark
=head1 SYNOPSIS
entropy-random-bench.pl [options]
Options:
--entropy path to entropy availble file
--random path to random number file
--duration duration of benchmark
--entropy-upper upper range value of entropy available
--entropy-lower lower range value of entropy available
--nap-upper upper range value for sleep() calls
--nap-lower upper range value for sleep() calls
--gain timing loop proportional gain
--man print manual page and exit
--help, -? print usage message and exit
=head1 DESCRIPTION
Interactive benchmark for Linux entropy pool
and random number generator.
$Revision: 1.7 $
=head1 SEE ALSO
=head1 AUTHOR
David Paul Christensen, E<lt>dpchr...@holgerdanske.come<gt>
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2014 by David Paul Christensen
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.14.2 or,
at your option, any later version of Perl 5 you may have available.
=cut
#######################################################################
$ entropy-random-bench ### idle machine
time (seconds) entropy (bits) random (bytes/second)
============== ============== ======================
10.003986 190 0.099976
20.005911 159 0.099981
30.007754 180 0.099982
40.009608 144 0.099981
50.011433 176 0.099982
60.013297 142 0.099981
$ entropy-random-bench ### typing random garbage in another terminal
time (seconds) entropy (bits) random (bytes/second)
============== ============== ======================
10.003555 2255 0.099981
13.066172 2182 0.326710
14.783609 2213 0.582263
17.803266 2195 0.485620
19.203198 2162 0.714320
21.409027 2198 0.453344
22.735703 2163 0.753764
24.917697 2217 0.458296
29.719910 2248 0.253836
32.861674 2249 0.329366
36.003314 2242 0.326750
39.169400 2253 0.343177
43.820115 2293 0.215147
45.954385 2212 0.468938
49.291394 2211 0.425120
50.300629 2154 0.990849
52.701802 2223 0.416463
57.431105 2269 0.249201
60.151455 2239 0.367843
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5477ad57.8070...@holgerdanske.com
