OS Integration
Linux: /dev/qradom0 - replacement for /dev/random
The Remote QRNG service project is a unique solution designed to
fetch random bytes from a remote QRNG.
and provide them to the user through a special file
similar to /dev/random and /dev/urandom.
The project is composed of a character device and an userspace service working together to provide a reliable source of random bytes.
This repository holds all the necessary files and instructions to build and install the character device and the userspace service.
GitHub repository
Github repository is located at https://github.com/LUMII-Syslab/qrng-dev-qrandom.
The repository contains a Makefile which will build and install both a character device
and a userspace service.
The userspace service feeds random bytes into the
kernelspace character device driver.
These bytes can then be read from /dev/qrandom0 which serves as a replacement for /dev/random.
The solution is intended to fetch random bytes from a remote QRNG provided by qrng.lumii.lv but can be adapted to suit other requirements. By default, it uses a PRNG.
Usage
Reading operation will be blocked until data is available unless O_NONBLOCK
flag is specified when opening the file with open.
The random bytes retrieved can be seen by running the od -vAn -N256 -tu1 < /dev/qrandom0 command.
Requirements
Building the project requires kernel header files. Acquiring them is described in LKMPG#headers.
To fetch random bytes from the remote QRNG
provided by qrng.lumii.lv,
the project also requires qrng-client library
as well as swapping out /userspace/src/main.cpp PRNG in line RNG *rng = new PRNG(); with QRNG.
qrng-client is provided in the repo with both install and uninstall scripts for ease of use.
However, it is not included in the Makefile and has to be installed manually.
Compilation
To build and install the service, cd into the root of the repo and run make install.
The /dev/qrandom0 file can then be read from.
Kernel module
The kernel module is installed into /usr/lib/modules/$(shell uname -r)/extra
and listed in /etc/modules-load.d/qrng-driver.conf for automatic load during boot.
The module registers and creates a character device file /dev/qrandom0.
The file can be read from, written to, polled with sudo privileges.
As of now on linux kernel version 6.4.3 the module compiles successfully.
This might not be the case in the near future as there were breaking changes recently.
To check the kernel version one can run uname -r.
Userspace service
The userspace service executable is installed into /opt/qrng-service and a .service file placed in /etc/systemd/system/qrng.service for access by Systemd and automatic load during boot.
The userspace qrng service polls /dev/qrandom0 and is blocked in an interruptible manner until data can be written to the file.
Its logs can be viewed through the systemctl status qrng command.
The userspace process can crash either because it can’t find shared object file
or because it lacks permissions to write to /dev/qrandom0.
To fix the former issue one can create .conf file in /etc/ld.so.conf.d that includes /usr/lib.
The service keeps a buffer of random bytes fetched through RNG interface for use in the future.
Benchmarks
Reading byte by byte leads to the following results:
DEVICE_PATH |
32 bit integers | time (seconds) |
|---|---|---|
| /dev/random | 1000000 | 0.244270 sec |
| /dev/qrandom0 | 1000000 | 0.592094 sec |
There is also /testing/distribution.py which plots the distribution of bytes among fetched.