[Cryptography] Random numbers only once

James A. Donald Jamesd at echeque.com
Thu Feb 6 03:17:31 EST 2014

On 2014-02-04 17:19, Tony Arcieri wrote:
> On Mon, Feb 3, 2014 at 9:12 PM, Watson Ladd <watsonbladd at gmail.com 
> <mailto:watsonbladd at gmail.com>> wrote:
>     Why does /dev/random not do this and so avoid blocking after startup?
> The /dev/random vs /dev/urandom distinction is probably a mistake. 
> Also making these things files in /dev is also probably a mistake. 
> Ideally there would just be a system call to obtain some randomness 
> from the kernel, then an awful lot of work to ensure that randomness 
> is good. It shouldn't block.

If not blocking, every install needs some randomness supplied on disk, 
at least sixteen bytes, thirty two to be on the safe side. During normal 
usage, that little bit of randomness on disk slowly has some true 
randomness added, perhaps only sixteen bytes a day. There can be no 
system that does not have that much unpredictability available.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140206/f3797ac7/attachment.html>

More information about the cryptography mailing list