NAME

       jitterentropy-rngd - CPU Jitter Random Number Generator Daemon

SYNOPSIS

       jitterentropy-rngd [OPTION]

DESCRIPTION

       The  jitterentropy-rngd  application  provides  a source of good entropy by collecting CPU execution time
       jitter.  The  collected  entropy  is  injected  into  the  Linux  kernel  /dev/random  device  using  the
       RNDADDENTROPY ioctl described in random(4).

       The  entropy in the CPU execution time jitter is magnified by the CPU Jitter Random Number Generator. The
       CPU Jitter Random Number Generator uses the CPU execution timing jitter to generate a  bit  stream  which
       complies with different statistical measurements that determine the bit stream is random.

       The CPU Jitter Random Number Generator works equally well in virtualized environments as well as on bare-
       metal provided a high-resolution timer is made available with the clock_gettime() function. The currently
       used         timer         can         be         checked        by        reading        the        file
       /sys/devices/system/clocksource/clocksource0/current_clocksource.  If the clock source shall be  changed,
       one       of       the       available       clock       sources       listed       in      the      file
       /sys/devices/system/clocksource/clocksource0/available_clocksource can  be  written  into  the  mentioned
       current_clocksource file and the kernel immediately changes the use clock.

       The  CPU Jitter Random Number Generator unconditionally injects 256 bits of entropy into the Linux kernel
       during startup time before it daemonizes. Thus, when the invocation of  the  jitterentropy-rngd  returns,
       the  Linux  kernel is seeded with at least 256 bits of entropy. The reader should consider that the Linux
       kernel performs a schedule operation during the injection of data which implies  that  immediately  after
       starting  the  jitterentropy-rngd  the kernel may still complain about insufficient entropy available for
       /dev/urandom.

       In addition, the jitterentropy-rngd  injects  256  bits  of  entropy  every  10  minutes  unconditionally
       irrespective whether the kernel has sufficient entropy or not.

       The following options are supported when invoking jitterentropy-rngd:

       -v, --verbose
              enable  a  verbose  operation  of  the  daemon.  Using  this  option  multiple times increases the
              verbosity. Using this option implies that the jitterentropy-rngd will not daemonize.

       -p, --pid [FILE]
              triggers the creation of a PID file at the given location.

       -h, --help
              displays the help text

       --version
              returns the version number of the jitterentropy-rngd.

       -s, --sp800-90b
              triggers a specific seeding strategy of the kernel  /dev/random  device  to  insert  entropy  that
              ensures the ChaCha20 DRNG behind /dev/random receives 256 bits of entropy as defined by SP800-90B.

       -f, --flags [FLAGS]
              allows specifying the flags value documented with jitterentropy(3) when allocating the Jitter RNG.

       -o, --osr [OSR]
              allows  specifying the oversampling rate (OSR) as documented with jitterentropy(3) when allocating
              the Jitter RNG.

NOTES

       The jitterentropy-rngd does not perform write operations on any file system  object.   Thus,  it  can  be
       executed on a fully read-only mounted file system.

       The  random  bit  stream  generated  by jitterentropy-rngd is NOT processed by a cryptographically secure
       whitening function.  Nonetheless,  it  is  believed  that  the  output  can  be  used  as  a  source  for
       cryptographically secure key material or other cryptographically sensitive data.

SEE ALSO

       random(4) clock_gettime(2)

                                                   2017-02-11                              JITTERENTROPY-RNGD(1)