FreeBSD's urandom versus random
Ian G
iang at systemics.com
Wed Jan 5 11:57:45 EST 2005
While we're on the subject of /dev/[u]random, has anyone
looked at the new FreeBSD 5.3 version? I recently installed
5.3, and much to my surprise they have got rid of the random
component, and are now only using the urandom part (they
have a symlink in place).
localhost$ ls -l /dev/*random
crw-rw-rw- 1 root wheel 249, 0 Dec 26 11:41 /dev/random
lrwxr-xr-x 1 root wheel 6 Dec 26 11:41 /dev/urandom -> random
localhost$ time dd if=/dev/random bs=1k count=100000 of=/dev/null
100000+0 records in
100000+0 records out
102400000 bytes transferred in 7.526354 secs (13605525 bytes/sec)
real 0m7.532s
user 0m0.125s
sys 0m6.979s
(Also, there is a startup script that asks for initial type-in
entropy on install - mine broke and didn't clearly indicate
its state...).
Personally, I quite liked the random v. urandom separation.
It gave you choice. Now, I feel tempted to go back to doing
the entropy in my own code and not relying on FreeBSD,
because I lack a feel-good factor represented by the block
that occurs when entropy runs out.
But, these are ignorant, external speculations...
iang
Enzo Michelangeli wrote:
>
>This "entropy depletion" issue keeps coming up every now and then, but I
>still don't understand how it is supposed to happen. If the PRNG uses a
>really non-invertible algorithm (or one invertible only with intractable
>complexity), its output gives no insight whatsoever on its internal state.
>As entropy is a measure of the information we don't have about the
>internal state of a system, it seems to me that in a good PRNGD its value
>cannot be reduced just by extracting output bits. If there is an entropy
>estimator based on the number of bits extracted, that estimator must be
>flawed.
>
>Enzo
>
>
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list