[Cryptography] The Crypto Pi
Ben Laurie
benl at google.com
Mon Jan 26 12:03:08 EST 2015
On 26 January 2015 at 13:12, ianG <iang at iang.org> wrote:
> On 25/01/2015 16:35 pm, Ralf Senderek wrote:
>
>> When I read bytes from /dev/random with dd and immediately check this
>> file again, n bits are missing as a result of the read operation.
>> So, IMHO, the whole system now has less entropy to feed to /dev/random.
>> Am I wrong, when I assume that if the content of entropy_avail drops to
>> zero, /dev/random is supposed to block?
>
>
>
> Once upon a time, it might have meant that. Now it doesn't.
>
> What it "means" is more to do with whatever is implemented by the primary
> unix system you are using, and as it happens, Linux and BSD do differently.
> So meaning is out the window, we're back to implementation.
>
> My advice: applications should use /dev/urandom.
On FreeBSD, they do (urandom and random are the same).
>
>
>
> iang
>
> ps; more long-winded stuff here
> http://iang.org/ssl/hard_truths_hard_random_numbers.html
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the cryptography
mailing list