From: "Theodore Ts'o" <tytso@mit.edu>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: David Wagner <daw-usenet@taverner.cs.berkeley.edu>,
linux-kernel@vger.kernel.org
Subject: Re: no entropy and no output at /dev/random (quick question)
Date: Mon, 29 Nov 2004 10:32:31 -0500 [thread overview]
Message-ID: <20041129153231.GA6060@thunk.org> (raw)
In-Reply-To: <E1CYIZ7-0005D3-00@gondolin.me.apana.org.au>
On Sun, Nov 28, 2004 at 05:29:45PM +1100, Herbert Xu wrote:
> David Wagner <daw@taverner.cs.berkeley.edu> wrote:
> >
> > Yes, for almost all purposes, applications should use /dev/urandom,
> > not /dev/random. (The names for these devices are unfortunate.)
> > Sadly, many applications fail to follow these rules, and consequently
> > /dev/random's entropy pool often ends up getting depleted much faster
> > than it has to be.
>
> I agree with your conclusion that applications should use urandom.
> However, IIRC /dev/urandom depletes the entropy pool just as fast
> as /dev/random...
More specifically, most applications should use /dev/urandom to seed a
cryptographic random number generator which operates in userspace.
- Ted
next prev parent reply other threads:[~2004-11-29 15:32 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-27 2:59 no entropy and no output at /dev/random (quick question) Javier Villavicencio
2004-11-27 4:38 ` Javier Villavicencio
2004-11-27 19:20 ` David Wagner
2004-11-28 6:29 ` Herbert Xu
2004-11-29 15:32 ` Theodore Ts'o [this message]
2004-11-30 12:49 ` Horst von Brand
2004-11-30 16:48 ` Javier Villavicencio
2005-01-07 19:17 ` Denis Vlasenko
2004-11-27 19:24 ` Jan Engelhardt
2004-11-27 19:22 ` Jan Engelhardt
2004-11-27 19:42 ` Andreas Steinmetz
2004-11-27 21:35 ` David Schwartz
2004-11-27 21:44 ` Jan Engelhardt
2004-11-29 22:47 ` Javier Villavicencio
2004-11-29 22:51 ` Javier Villavicencio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041129153231.GA6060@thunk.org \
--to=tytso@mit.edu \
--cc=daw-usenet@taverner.cs.berkeley.edu \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.