[Cryptography] Mac OS 10.7.5 Random Numbers

Bill Frantz frantz at pwpconsult.com
Sat Feb 1 01:06:27 EST 2014

The man page for random/urandom on MacOS is an interesting contribution to the random
number debate:

XXXXX:~ yyyyy$ man random

RANDOM(4)                BSD Kernel Interfaces Manual                RANDOM(4)

     random , urandom -- random data source devices.

     pseudo-device random

     The random device produces uniformly distributed random byte values of
     potentially high quality.

     To obtain random bytes, open /dev/random for reading and read from it.

     To add entropy to the random generation system, open /dev/random for writing
     and write data that you believe to be somehow random.

     /dev/urandom is a compatibility nod to Linux. On Linux, /dev/urandom will
     produce lower quality output if the entropy pool drains, while /dev/random
     will prefer to block and wait for additional entropy to be collected.  With 
     Yarrow, this choice and distinction is not necessary, and the two devices behave
     identically. You may use either.

     The random device implements the Yarrow pseudo random number generator algorithm 
     and maintains its entropy pool.  Additional entropy is fed to the generator
     regularly by the SecurityServer daemon from random jitter measurements of the 
     kernel.  SecurityServer is also responsible for periodically saving some
     entropy to disk and reloading it during startup to provide entropy in early system 

     You may feed additional entropy to the generator by writing it to the random device,
     though this is not required in a normal operating environment.

     Yarrow is a fairly resilient algorithm, and is believed to be resistant to non-root.
     The quality of its output is however dependent on regular addition of appropriate 
     entropy. If the SecurityServer system daemon fails for any reason, output quality 
     will suffer over time without any explicit indication from the random device itself.

     Paranoid programmers can counteract this risk somewhat by collecting entropy of their 
     choice (e.g. from keystroke or mouse timings) and seeding it into
     random directly before obtaining important random numbers.


     A random device appeared in the Linux operating system.

Darwin                         September 6, 2001                        Darwin

Cheers - Bill

Bill Frantz        | The first thing you need when  | Periwinkle
(408)356-8506      | using a perimeter defense is a | 16345 Englewood Ave
www.pwpconsult.com | perimeter.                     | Los Gatos, CA 95032

More information about the cryptography mailing list