[Cryptography] Is Ron right on randomness

Bill Cox waywardgeek at gmail.com
Wed Nov 30 08:59:24 EST 2016

On Sat, Nov 26, 2016 at 6:38 AM, Salz, Rich <rsalz at akamai.com> wrote:

> > Absolutely right.  Only TRNGs that make raw data available should be
> trusted.  Further, the source should have a simple physical model which is
> proven out by measurements, preferably continuously.
> Meanwhile, back in the real world...  What should OpenSSL do, given the
> wide number of platforms and huge uninformed community that depends on it,
> do?

I just learned on another thread that Linux provided a fixed API.  The new
right answer on Linux is to call getrandom:


It's in linux 3.17.  My Ubuntu 14.04 laptop upgraded to 3.19, so I had
it... Then it upgraded to 4.2.0, and now I no longer have it.  Grrr...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161130/602eeaed/attachment.html>

More information about the cryptography mailing list