Re: /dev/random is hot garbage

To: tech-kern%netbsd.org@localhost
Subject: Re: /dev/random is hot garbage
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Sun, 21 Jul 2019 23:03:42 +0200

On Sun, Jul 21, 2019 at 08:50:30PM +0000, Paul.Koning%dell.com@localhost wrote:
> /dev/urandom is equivalent to /dev/random if there is adequate entropy,
> but it will also deliver random numbers not suitable for cryptography before that time.

This is somewhat misleading. The problem is that with an unknown entropy
state, the system cannot ensure that an attacker couldn't predict the
seed used for the /dev/urandom stream. That doesn't mean that the stream
itself is bad. It will still pass any statistical test etc.

Note that with the option of seeding the CPRNG at boot time, a lot of
the distinction is actually moot.

Joerg

Follow-Ups:
- Re: /dev/random is hot garbage
  - From: Paul.Koning

References:
- Re: /dev/random is hot garbage
  - From: Taylor R Campbell
- Re: /dev/random is hot garbage
  - From: Paul.Koning

Prev by Date: Re: /dev/random is hot garbage
Next by Date: Re: /dev/random is hot garbage
Previous by Thread: Re: /dev/random is hot garbage
Next by Thread: Re: /dev/random is hot garbage
Indexes:

Home | Main Index | Thread Index | Old Index