At startup, likely to be short of entropy.
Actual behavior, and even existence, of /dev/random and /dev/urandom
varies substantially from one implementation to another.
If /dev/random blocks when short of entropy, then likely to block at
startup, which is good. Services that need entropy do not need to start
immediately. If they take a while to come up, no big deal.
If /dev/urandom seeded at startup, and then seeded no further, bad, but
not very bad.
If /dev/urandom seeded at startup from /dev/random, then should block at
startup.
If /dev/urandom never blocks, bad. Should block at startup waiting to
receive 160 bits from /dev/random, and never block again.
Ron Peterson reports /dev/random not very random
<http://bytes.com/topic/c/answers/219952-dev-urandom-vs-dev-random>
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
