audio-entropyd is a small program to reseed the Linux kernel random number generator with data from soundcard.
Audio is ready periodically from a stereo soundcard, the difference is taken between the left and right channels, the difference is hashed and credited to the KRNG.
Using the difference between the left and the right channels should eliminate some external signals (e.g. 50/60hz power cycle).
audio-entropyd also contains code to set all input gains to maximum prior to audio reads. This should help get as many bits changing as possible.
Additional protection against signals whose frequency is equal to, or a multiple of the buffer size is given by randomly delaying a few additional milliseconds between reads.
NB: The default settings are intended for the author's configuration blindly adopting them could result in insecure seeding of the kernel random number generator.
Statistical measures of entropy on the difference between left and right channels on the author's sound card average just over 0.3 bits per byte. (measured eith 'ent' from http://www.fourmilab.ch/random/)
To test the raw differenced output, make a dump of the raw and seed material without updating the kernel:
audio-entropyd --no-update --wait 0 --raw-output /tmp/raw.out
Let this run for a minute or two and then kill it:
kill `cat /var/run/audio-entropyd.pid`
You should now have two files in /tmp - raw.out and seed.out containing
the raw difference data and the hash of it which would have been written
to the kernel (had you not specified --no-update).
Run you favourite tests on the data and calculate how much entropy you are getting from the raw data. You should also check the seed file and ensure that it is random looking. Once you have an entropy estimate you can decide how that you are going to actually credit to the kernel RNG. It pays to be paranoid here, so take only a small percentage of this.
It is possible to control how much data is collected is a read operation (--read-size), what size seed it is hashed to (--seed-size) and how many bits entropy are credited to the kernel RNG after each read (--credit).
The author's defaults are:
read-size: 65536 (bytes)
seed-size: 60 (bytes)
credit: 320 (bits)
This means that each read will sample 65536 bytes of data (about 400ms), hash it down to 60 bytes and credit only 320 bits of it into the kernel (a 60000+ fold reduction).
A few limitations here: the read-size must be a power of two and the seed-size must be a multiple of 20 (the length of an SHA1 hash).
Please report any problems or suggestions for improvement.
What's New in This Release:
No longer exits when random data is not random enough, it now skips it and continues when data is random enough again
Version 0.0.4 is a massive rewrite: the method for entropy-gathering was completely rewritten.
This version also includes some patches by Udo van den Heuvel which makes it more intelligent for when it should add data to the entropy-pool.