Re: ssh, /dev/urandom
Werner a écrit :
> On Tue, 17 Dec 2002 13:36:21 +0100, Gaël Le Mignot said:
>> And /dev/urandom is not really done for "cryptographic secure" randomness,
>> it's the goal of /dev/random, not /dev/urandom (and AFAIK ssh only uses
> That is not really true. The common implementations of /dev/[u]random
> for *BSD and Linux use only one entropy pool and the only difference
> between random and urandom ist that urandom never blocks on low
> entropy but continues to yield random bytes using a pesudo random
> number generater (i.e. hashing the pool again). So, as long as enough
> entropy is available both devices can be considered equal.
This is the current implementation, yes, but /dev/urandom doesn't guarantee
anything about the "quality" of the random bits. It can be secure, but it
can be pseudo-random too, and any program that use /dev/urandom as a secure
source of random bits is flawed, so there is absolutely no problem, IMHO,
to use the current random translator for /dev/urandom.
--
Gael Le Mignot "Kilobug" - kilobug@nerim.net - http://kilobug.free.fr
GSM : 06.71.47.18.22 (in France) ICQ UIN : 7299959
Fingerprint : 1F2C 9804 7505 79DF 95E6 7323 B66B F67B 7103 C5DA
Member of HurdFr: http://hurdfr.org - The GNU Hurd: http://hurd.gnu.org
Reply to: