[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

/dev/random



As many of you know, /dev/random is a source of random bits that are
suitable for use in cryptographic analysis. The software supporting
/dev/random collects random time data from monitoring events that are
not generated by the functioning of the computer, but from something
like the keystroke times of a human asking for help on this list. It
differs from /dev/urandom in that /dev/random blocks and does not give
any bits if there have not been enough keystrokes since the last call
to replenish the supply of entropy in its entropy store. In contrast,
/dev/urandom gives the number of bits requested quickly, but with no
guarantee as to the quality of their randomness. Places where this
distinction is discussed suggest that a user of /dev/random 'randomly'
poke at the keys on his keyboard if he finds himself waiting for
/dev/random to un-block and give the needed random bits. Some users of
Debian are concerned about performing cryptographic analysis correctly
and I wonder: Just how often do you have to poke at the keyboard? And
when you do poke at it, about how many key presses do you make before
you get the number of bits you requested? I'm wondering is this a
event with which many Debianers are quite familiar, or is it more
like something of a rare event that people know about, but most
have never actually had it happen to them? Why do I ask?: Just wondering.

Thanks for reading, and please reply with 
whatever experience you want to share.

Best regards,

--
Paul E Condon           
pecondon@mesanetworks.net



Reply to: