Holes in the Linux random number generator?
Posted Jul 4, 2006 16:51 UTC (Tue) by unruh
In reply to: Holes in the Linux random number generator?
Parent article: Holes in the Linux random number generator?
I think that the main source of the confusion about /dev/random and /dev/urandom is the man pages. There is (almost) no case in which /dev/random is a better choice than /dev/urandom. While the claim on the man page that /dev/urandom uses a PRNG which might be in danger of attack, it is like saying that eating grapes might make you susceptible to Alzheimers and lowered sperm count. Yes, it might. There is absolutely no evidence thereof, and using /dev/random WILL cause far more problems by its blocking. Ie, the man page leaves exactly the wrong impression for a naive reader. (I just responed to a newgroup article where someone was doing
dd if=/dev/random of=/dev/hdb1
and wondering why the program seemed to hang).
Also the claim that /dev/urandom will use up the entropy pool for /dev/random on Linux does not seem to be born out tests.
dd if=/dev/urandom of=/tmp/tt &
Wait a minute ( or a few GB in /tmp/tt) and while that comand continues running do
dd if=/dev/random of=/tmp/t bs=1024 count=1
It does not block for me. It fulfills its request immediately
(Linux kernel 2.6.12-22mdk on Mandrake 2006)
(Then of course kill the first dd before you run out of disk space)
to post comments)