urandom vs haveged
Pádraig Brady
P at draigBrady.com
Mon Mar 26 22:31:09 UTC 2012
On 03/26/2012 08:56 PM, Chris Murphy wrote:
>
> Performance:
>
> dd if=/dev/zero ~56MB/s CPU < 10%
> dd if=/dev/urandom ~12MB/s CPU 99%
> haveged ~54MB/s CPU < 25%
>
>
> The dd relative values are consistent with kernels in Fedora 16. However these tests were done with 3.3.0-1. The questions are:
>
> Is the urandom performance expected?
>
> What is the quality of pseudo-random data produced by urandom vs haveged?
>
> If the qualities are similar, or haveged's is better, is there anything that can be done to improve urandom's performance? It really takes quite a bit longer to prepare a disk/volume for encryption.
Well if you're just writing huge amounts of "random" data
to clear existing space, then you don't need it to be cryptographically secure.
Why are you doing this exactly? Would /dev/zero suffice?
In any case it seems you could use shred rather than dd to clear data?
It has been changed to use a much faster internal generator:
http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commit;h=v7.2-21-gaf5723c
cheers,
Pádraig.
More information about the devel
mailing list