Hi Aaron, While I generally agree that using urandom is good advice, there is a serious problem that the Heninger paper points out: Early boot time entropy.
There used to be no easy fix, but now there is: The getrandom() function supports a mode that will block if the RNG hasn't been seeded yet, but will not block afterwards. (there is a fake way of achieving the same: Read one byte from /dev/random and afterwards from /dev/urandom) getrandom() is only available with relatively recent kernels and very recent glibc. But I think this is the future solution. It also avoids situations where applications may not be allowed to access /dev/. Ideally I'd like to see getrandom become a de-facto-standard and adopted by other OSes. -- Hanno Böck https://hboeck.de/ mail/jabber: [email protected] GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
pgpSMbT809XuD.pgp
Description: OpenPGP digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
