[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh, /dev/urandom



On Wed, 18 Dec 2002 11:58:52 +0100, Gaël Le Mignot said:

> This is the current implementation, yes, but /dev/urandom doesn't guarantee
> anything about the "quality" of the random bits. It can be secure, but it

It does.  It even blocks (well, I checked years ago) as long as the
entropy pools has never been filled to 100% then it won't block anymore
(thus the u in ist name).

If you really want to spend time on a intermediate solution, use
libgcrypt and its internal RNG (can be build using a similar scheme as
EGD) to write a /dev/random translator.

> can be pseudo-random too, and any program that use /dev/urandom as a secure
> source of random bits is flawed, so there is absolutely no problem, IMHO,

It depends on the usage of the random.  In many cases a good PRNG with
additional seending is sufficient.  It is even bad to waste precious
entropy for short living keys or padding.


Salam-Shalom,

   Werner



Reply to: