lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aXMOsCsUMpCQRy6Y@gondor.apana.org.au>
Date: Fri, 23 Jan 2026 14:01:20 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Aleksander Jan Bajkowski <olek2@...pl>
Cc: benjamin.larsson@...exis.eu, olivia@...enic.com, martin@...ser.cx,
	ansuelsmth@...il.com, linux-crypto@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] hwrng: airoha set rng quality to 900

On Mon, Jan 05, 2026 at 09:41:49PM +0100, Aleksander Jan Bajkowski wrote:
> Airoha uses RAW mode to collect noise from the TRNG. These appear to
> be unprocessed oscillations from the tero loop. For this reason, they
> do not have a perfect distribution and entropy. Simple noise compression
> reduces its size by 9%, so setting the quality to 900 seems reasonable.
> The same value is used by the downstream driver.
> 
> Compare the size before and after compression:
> $ ls -l random_airoha*
> -rw-r--r-- 1 aleksander aleksander 76546048 Jan  3 23:43 random_airoha
> -rw-rw-r-- 1 aleksander aleksander 69783562 Jan  5 20:23 random_airoha.zip
> 
> FIPS test results:
> $ cat random_airoha | rngtest -c 10000
> rngtest 2.6
> Copyright (c) 2004 by Henrique de Moraes Holschuh
> This is free software; see the source for copying conditions.  There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> 
> rngtest: starting FIPS tests...
> rngtest: bits received from input: 200000032
> rngtest: FIPS 140-2 successes: 0
> rngtest: FIPS 140-2 failures: 10000
> rngtest: FIPS 140-2(2001-10-10) Monobit: 9957
> rngtest: FIPS 140-2(2001-10-10) Poker: 10000
> rngtest: FIPS 140-2(2001-10-10) Runs: 10000
> rngtest: FIPS 140-2(2001-10-10) Long run: 4249
> rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
> rngtest: input channel speed: (min=953.674; avg=27698.935; max=19073.486)Mibits/s
> rngtest: FIPS tests speed: (min=59.791; avg=298.028; max=328.853)Mibits/s
> rngtest: Program run time: 647638 microseconds
> 
> In general, these data look like real noise, but with lower entropy
> than expected.
> 
> Fixes: e53ca8efcc5e ("hwrng: airoha - add support for Airoha EN7581 TRNG")
> Suggested-by: Benjamin Larsson <benjamin.larsson@...exis.eu>
> Signed-off-by: Aleksander Jan Bajkowski <olek2@...pl>
> ---
>  drivers/char/hw_random/airoha-trng.c | 1 +
>  1 file changed, 1 insertion(+)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ