[clug-talk] Random numbers in Linux: an example

Mark Lane mark at harddata.com
Thu Sep 8 10:32:13 PDT 2005


Mark Carlson wrote:
> Hello everybody,
> 
> This is my first email to the list, so forgive me if this is off-topic
> or formatted incorrectly.
> 
> Last night at the meeting during the GPG demonstration someone asked
> why you should move your mouse around during the key generation.  I
> had mistakenly said that it was the standard C library that offers two
> methods of obtaining random numbers.  When I got home I looked for the
> functions and found out I was incorrect.  It is the kernel itself that
> offers these two methods.  And if you want to check it out, it's
> pretty cool (and it only takes a couple seconds to do.)
> 
> At your shell, type in the command: 
> od -t x1 /dev/random
> 
> Notice that it only spits out a small amount of data (if nothing else
> on your system is doing any I/O).  Now move your mouse around (from
> corner to corner on your screen) or hit a bunch of keys on your
> keyboard.  Hopefully there will be more data generated as you do this.
> 
> The other way of obtaining random numbers using the kernel is to get
> it from /dev/urandom.  To test this out, get ready to hit Ctrl+C to
> kill the program as it generates a lot of data very quickly.  Now type
> into your shell:
> od -t x1 /dev/urandom
> 
> Anyways, I had fun at the first meeting I attended and I hope to see
> you all next month :-)

The reason you need to move mouse is because /dev/random is 
based on entropy generated from i/o (such as mouse and keyboard 
input) and the more i/o generated the more random the numbers. 
The Linux kernel by default doesn't use network traffic for 
generating entrophy so often headless systems like network 
servers and clusters will either have to add a hardware random 
number generator or recompile the kernel if they require good 
random numbers.

-- 
Mark Lane, CET <mark at harddata.com>
Sales Manager, Hard Data Ltd. <http://www.harddata.com>
11060 166 Ave, Edmonton, Alberta, T5X 1Y3
Phone: 01-780-456-9771 Fax: 01-780-456-9772
############## Check Out Our New Laptops ##############



More information about the clug-talk mailing list