tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: /dev/random is hot garbage
> On Jul 21, 2019, at 4:55 PM, Edgar Fuß <ef%math.uni-bonn.de@localhost> wrote:
>
>
> [EXTERNAL EMAIL]
>
> TRC> There is no reason in modern cryptography to read more than one byte
> TRC> from /dev/random ever in a single application; once you have done
> TRC> that, or confirmed some other way that the the entropy pool is seeded,
> TRC> you should generate keys from /dev/urandom.
>
> DAH> There should be some way to do that without throwing away 8 random
> DAH> bits.
> Isn't that called poll()/select() etc?
> As far as I understand, it's not about actually reading from /dev/random,
> but checking whether you could read without blocking, isn't it?
I don't agree with this reasoning.
If /dev/random is implemented right, it won't block later once it unblocks for the first time. Given that, an application that needs a cryptographic random number should simply fetch all the bits it needs from /dev/random.
The only reason to read from /dev/urandom is that you want random numbers but they don't need to be strong.
If people do these hacks because we still have the "entropy is used up" notion in the code, the answer is to remove that.
paul
Home |
Main Index |
Thread Index |
Old Index