Re: One-line password generator
On 2017-08-28, Thomas Schmitt <scdbackup@gmx.net> wrote:
>
> But i myself have two use cases for (pseudo-)random numbers:
> - Small but hard secrets which i need for security purposes.
> - 3 times 25 GB of random stream to surely shake up the bits on a BD-RE
> medium which previously contained embarassing data.
Here's a fresh (20 July of this year) view by Theodore Ts'o:
https://lkml.org/lkml/2017/7/20/993
Practically no one uses /dev/random. It's essentially a deprecated
interface; the primary interfaces that have been recommended for well
over a decade is /dev/urandom, and now, getrandom(2). We only need
384 bits of randomness every 5 minutes to reseed the CRNG, and that's
plenty even given the very conservative entropy estimation currently
being used.
> The first purpose is still assigned to /dev/random, according to the
> new man pages (at least if one is committed by one's first name to be
> a disbeliever).
>
> The second one is not a job for /dev/urandom either. It does not even
> need a strong seed, because the data do not have to be secret. In fact
> they are intended to be readable instead of the original data which i
> want to destroy.
>
>
> Have a nice day :)
>
> Thomas
>
>
--
"The purpose of art is to lay bare the questions that have been hidden by the answers."
— James Baldwin
Reply to: