Linux 5.17 Random Number Generator Seeing Speed-Ups, Switching From SHA1 To BLAKE2s

Written by Michael Larabel in Linux Kernel on 7 January 2022 at 12:00 AM EST. 7 Comments
Ahead of the Linux 5.17 merge window officially opening next week, random (RNG) subsystem maintainer Jason Donenfeld has submitted an exciting batch of updates for this next kernel cycle.

As covered at the end of December, Linux is replacing SHA1 usage with BLAKE2s as part of its entropy extractor code. The BLAKE2s code is not only more secure than SHA1 but also faster. This BLAKE2s usage was found to improve the entropy extraction by 131%.

Beyond phasing out SHA1 in the RNG code, there is also avoiding of an unnecessary RdRand call in a hot path, which in turn yields a whopping 370% increase in RNG performance by avoiding that extra call to the slow RdRand.

RNG improvements for Linux 5.17 are rounded out by fixing a variety of different bugs/issues, some prep work around PREEMPT_RT changes, and other fixes.

The most exciting random/RNG update to the Linux kernel code in quite a while... See the pull request for the full list of random number generator changes this cycle.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week