[Cryptography] Fast-key-erasure RNG and fork()ing
Yann Droneaud
ydroneaud at opteya.com
Sat Jun 30 06:59:03 EDT 2018
Hi,
Le vendredi 29 juin 2018 à 00:46 +0200, Yann Ylavic a écrit :
> while "/dev/urandom" never blocks but doesn't garanty good randoms
> either
Linux's /dev/urandom is a CSPRNG: it's designed to be cryptographically
strong. If correctly initialized, it garanties "good randoms".
https://www.2uo.de/myths-about-urandom
http://man7.org/linux/man-pages/man7/random.7.html
http://man7.org/linux/man-pages/man4/urandom.4.html
> (w/o enough entropy, how could it),
That's one drawback of /dev/urandom versus getrandom(): without
GRND_RANDOM, the syscall might block when called early after kernel
boot, as the underlying CSPRNG will wait for some entropy to be
gathered. Once initialized, it should like /dev/urandom.
> not to talk about mostly unusable "/dev/random" for modern needs of
> randoms.
Except for long term keys, one should not need "/dev/random".
Regards.
--
Yann Droneaud
OPTEYA
More information about the cryptography
mailing list