Re: /dev/random broken?

Valdis.Kletnieks@vt.edu
Sat, 28 Jun 2003 22:36:04 -0400


--==_Exmh_1681803940P
Content-Type: text/plain; charset=us-ascii

On Sat, 28 Jun 2003 19:10:18 PDT, Justin Pryzby said:
> /dev/urandom is what you want; it makes up its own entropy. /dev/random
> uses entropy from user input (low order bits I imagine).

Strictly speaking, urandom doesn't "make up" any entropy - it generates
a pseudorandom stream of bits of arbitrary length using a small chunk of
entropy from the entropy pool. That's why it's able to generate multi-megabyte
streams of bits even when the entropy pool is empty - it is generating a
fixed but unpredictable stream based on the initial entropy.

The distinction is important mostly to cryptographers - for almost all
practical uses, the pseudorandom stream of bits produced by urandom
is quite sufficient, much faster, and leaves the entropy pool untouched
for those applications that *do* care about the difference....

--==_Exmh_1681803940P
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001

iD8DBQE+/lCUcC3lWbTT17ARAq9pAJ91EWCX4Qs6tL0ISLBd3BSUM2XGrQCg7+I/
+6OnTN6xUMzeYBLuqT+uSsM=
=e6ko
-----END PGP SIGNATURE-----

--==_Exmh_1681803940P--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/