Re: /dev/random is hot garbage

To: <ef%math.uni-bonn.de@localhost>
Subject: Re: /dev/random is hot garbage
From: <Paul.Koning%dell.com@localhost>
Date: Sun, 21 Jul 2019 21:03:10 +0000

> On Jul 21, 2019, at 4:55 PM, Edgar Fuß <ef%math.uni-bonn.de@localhost> wrote:
> 
> 
> [EXTERNAL EMAIL] 
> 
> TRC> There is no reason in modern cryptography to read more than one byte
> TRC> from /dev/random ever in a single application; once you have done
> TRC> that, or confirmed some other way that the the entropy pool is seeded,
> TRC> you should generate keys from /dev/urandom.
> 
> DAH> There should be some way to do that without throwing away 8 random
> DAH> bits.
> Isn't that called poll()/select() etc?
> As far as I understand, it's not about actually reading from /dev/random, 
> but checking whether you could read without blocking, isn't it?

I don't agree with this reasoning.

If /dev/random is implemented right, it won't block later once it unblocks for the first time.  Given that, an application that needs a cryptographic random number should simply fetch all the bits it needs from /dev/random.

The only reason to read from /dev/urandom is that you want random numbers but they don't need to be strong.

If people do these hacks because we still have the "entropy is used up" notion in the code, the answer is to remove that.  

	paul

References:
- Re: /dev/random is hot garbage
  - From: Manuel Bouyer
- Re: /dev/random is hot garbage
  - From: Taylor R Campbell
- Re: /dev/random is hot garbage
  - From: David Holland
- Re: /dev/random is hot garbage
  - From: Edgar Fuß

Prev by Date: Re: /dev/random is hot garbage
Next by Date: Re: /dev/random is hot garbage
Previous by Thread: Re: /dev/random is hot garbage
Next by Thread: Re: /dev/random is hot garbage
Indexes:

Home | Main Index | Thread Index | Old Index