questions about RNGs and FIPS 140

John Denker jsd at
Fri Aug 27 13:05:50 EDT 2010

On 08/26/2010 11:34 PM, Thomas wrote:

> Luckily /dev/random is re-seeded during run-time. 

I would have said something different:  *IF* you are
lucky, then /dev/random gets reseeded during run time.

> So even if you do
> a roll-back of a system and the new input it non-deterministic it will
> generate different output immediately.

Depending on details of the system, there is no guarantee
that /dev/random gets reseeded at all, much less reseeded

There exist lots of small and/or embedded and/or virtual 
Linux systems that have no useful sources of entropy.

The kernel attempts to collect entropy, but there are no
positive lower bounds on the effectiveness of the built-in

You could always add a source, but that is a topic for a 
whole new discussion.  For more on this, see

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list