FreeBSD's urandom versus random

Ian G iang at systemics.com
Wed Jan 5 11:57:45 EST 2005


While we're on the subject of /dev/[u]random, has anyone
looked at the new FreeBSD 5.3 version?  I recently installed
5.3, and much to my surprise they have got rid of the random
component, and are now only using the urandom part (they
have a symlink in place).

localhost$ ls -l /dev/*random
crw-rw-rw-  1 root  wheel  249,   0 Dec 26 11:41 /dev/random
lrwxr-xr-x  1 root  wheel         6 Dec 26 11:41 /dev/urandom -> random

localhost$ time dd if=/dev/random bs=1k count=100000 of=/dev/null
100000+0 records in
100000+0 records out
102400000 bytes transferred in 7.526354 secs (13605525 bytes/sec)

real    0m7.532s
user    0m0.125s
sys     0m6.979s

(Also, there is a startup script that asks for initial type-in
entropy on install - mine broke and didn't clearly indicate
its state...).

Personally, I quite liked the random v. urandom separation.
It gave you choice.  Now, I feel tempted to go back to doing
the entropy in my own code and not relying on FreeBSD,
because I lack a feel-good factor represented by the block
that occurs when entropy runs out.

But, these are ignorant, external speculations...

iang


Enzo Michelangeli wrote:

>
>This "entropy depletion" issue keeps coming up every now and then, but I
>still don't understand how it is supposed to happen. If the PRNG uses a
>really non-invertible algorithm (or one invertible only with intractable
>complexity), its output gives no insight whatsoever on its internal state.
>As entropy is a measure of the information we don't have about the
>internal state of a system, it seems to me that in a good PRNGD its value
>cannot be reduced just by extracting output bits. If there is an entropy
>estimator based on the number of bits extracted, that estimator must be
>flawed.
>
>Enzo
>  
>


-- 
News and views on what matters in finance+crypto:
        http://financialcryptography.com/


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list