Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] RNG in Raspberry Pi

Andy Isaacson adi at
Thu Oct 3 01:44:28 PDT 2013

On Wed, Oct 02, 2013 at 11:57:24PM -0500, Paul Elliott wrote:
> What is the quality of the Hardware RNG in the Raspberry Pi?

Fairly unknown.  The current driver used in Raspbian and so on, which
exposes the RNG directly at /dev/hwrng is definitely *not* safe to use
raw -- it needs a mixing pool at the very least, and should ideally be
simply another input to the /dev/random entropy pool along with all of
the standard sources of entropy.

> I have heard about the controversy about the intel chip
> and wondered if there were any parallel questions about
> the Raspberry Pi.

The Intel chip at least has a published design -- the design is fairly
easy to poke holes in, but at least they did *that* much.

The Broadcom RNG has no public design documentation AFAIK.

This is not a good sign for security.

The best I've seen is the VIA independent evaluation:

> Near as I can figure out if an Hardware RNG does not
> come automaticly with your desktop or laptop, the Raspberry Pi
> seems to be about the cheapest source of random numbers you
> can get.

Far cheaper (in currency if not in time) is to use the audio amplifier
on your computer.  Here's one document on how: 

There's also a RNG firmware for the FST-01 programmable USB peripheral:

> Entropy key are only 36 pounds, but they seem to have a long
> backlog.

Apparently the small company that made them is having issues.  I haven't
seen any evidence of them coming back to life, unfortunately.

> What about using and Raspberry Pi for hard random number 
> generation?

Might work.  I'd be cautious.  The FST-01 hardware is perhaps better
documented and easier to reverse engineer than the Broadcom chip.


More information about the liberationtech mailing list