tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /dev/random is hot garbage

On Sun, Jul 21, 2019 at 08:50:30PM +0000, wrote:
> /dev/urandom is equivalent to /dev/random if there is adequate entropy,
> but it will also deliver random numbers not suitable for cryptography before that time.

This is somewhat misleading. The problem is that with an unknown entropy
state, the system cannot ensure that an attacker couldn't predict the
seed used for the /dev/urandom stream. That doesn't mean that the stream
itself is bad. It will still pass any statistical test etc.

Note that with the option of seeding the CPRNG at boot time, a lot of
the distinction is actually moot.


Home | Main Index | Thread Index | Old Index