| |||||||||||||
Holes in the Linux random number generator?Holes in the Linux random number generator?Posted Jul 4, 2006 16:51 UTC (Tue) by unruh (guest, #32389)In reply to: Holes in the Linux random number generator? by kleptog Parent article: Holes in the Linux random number generator?
I think that the main source of the confusion about /dev/random and /dev/urandom is the man pages. There is (almost) no case in which /dev/random is a better choice than /dev/urandom. While the claim on the man page that /dev/urandom uses a PRNG which might be in danger of attack, it is like saying that eating grapes might make you susceptible to Alzheimers and lowered sperm count. Yes, it might. There is absolutely no evidence thereof, and using /dev/random WILL cause far more problems by its blocking. Ie, the man page leaves exactly the wrong impression for a naive reader. (I just responed to a newgroup article where someone was doing
Also the claim that /dev/urandom will use up the entropy pool for /dev/random on Linux does not seem to be born out tests.
(Log in to post comments)
Your tests do not agree w/ mine. Posted Nov 15, 2006 7:30 UTC (Wed) by simoncion (guest, #41674) [Link] > Also the claim that /dev/urandom will use up the entropy pool for /dev/random on Linux does not seem to be born out tests.
My tests do not agree with yours:
dd if=/dev/urandom of=/tmp/rand1 &
Wait for a few hundred MB (This takes a couple of minutes)
dd if=/dev/random of=/tmp/rand2 &
Wait a couple of minutes, check the size of /tmp/rand2... It's 512 bytes in size.
cat /proc/sys/kernel/random/entropy_avail
And I get a number in the low double digits. When I terminate the first instance of dd, /tmp/rand2 (the file fed by /dev/random) begins increasing in size much more quickly. catting /proc/.../entropy_avail still returns a number in the single digits, as is expected. When I terminate the remaining instance of dd, catting /proc/.../entropy_avail reveals a number that increases to ~3500; also as expected.
Cheers,
|
|||||||||||||