A few days ago I ordered a small batch of the ChaosKey, a small USB dongle for generating entropy created by Bdale Garbee and Keith Packard. Yesterday it arrived, and I am very happy to report that it work great! According to its designers, to get it to work out of the box, you need the Linux kernel version 4.1 or later. I tested on a Debian Stretch machine (kernel version 4.9), and there it worked just fine, increasing the available entropy very quickly. I wrote a small test oneliner to test. It first print the current entropy level, drain /dev/random, and then print the entropy level for five seconds. Here is the situation without the ChaosKey inserted:
% cat /proc/sys/kernel/random/entropy_avail; \ dd bs=1M if=/dev/random of=/dev/null count=1; \ for n in $(seq 1 5); do \ cat /proc/sys/kernel/random/entropy_avail; \ sleep 1; \ done 300 0+1 oppføringer inn 0+1 oppføringer ut 28 byte kopiert, 0,000264565 s, 106 kB/s 4 8 12 17 21 %
The entropy level increases by 3-4 every second. In such case any application requiring random bits (like a HTTPS enabled web server) will halt and wait for more entrpy. And here is the situation with the ChaosKey inserted:
% cat /proc/sys/kernel/random/entropy_avail; \ dd bs=1M if=/dev/random of=/dev/null count=1; \ for n in $(seq 1 5); do \ cat /proc/sys/kernel/random/entropy_avail; \ sleep 1; \ done 1079 0+1 oppføringer inn 0+1 oppføringer ut 104 byte kopiert, 0,000487647 s, 213 kB/s 433 1028 1031 1035 1038 %
Quite the difference. :) I bought a few more than I need, in case someone want to buy one here in Norway. :)
Update: The dongle was presented at Debconf last year. You might find the talk recording illuminating. It explains exactly what the source of randomness is, if you are unable to spot it from the schema drawing available from the ChaosKey web site linked at the start of this blog post.