[Cryptography] Random numbers only once
James A. Donald
Jamesd at echeque.com
Thu Feb 6 03:17:31 EST 2014
On 2014-02-04 17:19, Tony Arcieri wrote:
> On Mon, Feb 3, 2014 at 9:12 PM, Watson Ladd <watsonbladd at gmail.com
> <mailto:watsonbladd at gmail.com>> wrote:
>
> Why does /dev/random not do this and so avoid blocking after startup?
>
>
> The /dev/random vs /dev/urandom distinction is probably a mistake.
> Also making these things files in /dev is also probably a mistake.
> Ideally there would just be a system call to obtain some randomness
> from the kernel, then an awful lot of work to ensure that randomness
> is good. It shouldn't block.
If not blocking, every install needs some randomness supplied on disk,
at least sixteen bytes, thirty two to be on the safe side. During normal
usage, that little bit of randomness on disk slowly has some true
randomness added, perhaps only sixteen bytes a day. There can be no
system that does not have that much unpredictability available.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140206/f3797ac7/attachment.html>
More information about the cryptography
mailing list