Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 23 Sep 2008 00:51:02 -0700
From:      "Ted Mittelstaedt" <tedm@toybox.placo.com>
To:        "Robert Huff" <roberthuff@rcn.com>, <questions@freebsd.org>
Subject:   RE: using /dev/random
Message-ID:  <BMEDLGAENEKCJFGODFOCAEOKCFAA.tedm@toybox.placo.com>
In-Reply-To: <18648.30321.369520.631459@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help 


> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org
> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Robert Huff
> Sent: Monday, September 22, 2008 9:54 PM
> To: questions@freebsd.org
> Subject: using /dev/random
> 
> 
> 
> 	What is the canonical way to get data from /dev/random?
> Specifically: having opened the file, how do I read the stream?
> I'm currently using
> 
> 
>   union {
>     float f;
>     char c[4];
>   } foo;
> 
>   foo.f = 0.0;
> 
>   fscanf(rand_fp,"%4c",foo.c);
> 
> 
> 	which doesn't seem to produce anywhere near "random bytes" as
> promised by the man page.
> 
> 
> 				Robert Huff
> 

The canonical way is to use the functions random(), or srandom()
or srandomdev() or arc4random() depending on what
you need the random data for.   /dev/random is really only
useful for seeding these functions (some of them pull data
from /dev/random internally)

The thrust behind the FreeBSD /dev/random device is that
we know that getting lots of real random data from /dev/random is
difficult, however getting non-repeating seeds from
/dev/random is easy.  The device has thus been optimized
for seed generation to feed these other functions.

If you really want to roll-your-own and not use these functions
then you could read blocks from /dev/random and run
a Chi-square and Monte Carlo test on each
block and discard the ones that don't pass.

I've done my experimenting with the ENT program:

http://www.fourmilab.ch/random/

ie: 

dd if=/dev/urandom bs=3000 count=100 of=random-sample

ent random-sample

Successive runs of that with different data sets and blocksizes
clearly illustrates the generator can't pass Chi-square quite
a lot of times.

Ted

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BMEDLGAENEKCJFGODFOCAEOKCFAA.tedm>