[Cryptography] OpenSSL and random
marksteward at gmail.com
Tue Nov 29 08:23:15 EST 2016
Are you aware that the getrandom/etc interfaces have just this blocking
Sure, if an OS decides to fix /dev/urandom so it blocks, then people
compiling for that platform can add --with-dev-urandom-its-safe-really. But
there's no way other than flags to know if you're on such a system, so if
you do any lobbying, please make it to allow both /dev/random and
/dev/urandom to die.
On Tue, Nov 29, 2016 at 6:35 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> I think I see some potential for consensus here: Read from /dev/urandom,
> but only once it is properly seeded. It is the OS's job to properly seed
> /dev/urandom and to make it block until this has happens.
> Since Linux does not do this today, I'll stick with my "Don't change
> OpenSSL" advice for now, but if we can, we should lobby for /dev/urandom to
> stop feeding us predictable bits before proper seeding. Predictable bits
> suck for crypto.
> The cryptography mailing list
> cryptography at metzdowd.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography