On Wed, 5 Jan 2005 08:49:36 +0800, Enzo Michelangeli said:

>> That's basically what /dev/urandom does, no?  (Except that it has the
>> undesirable side-effect of depleting the entropy estimate maintained
>> inside the kernel.)

> This "entropy depletion" issue keeps coming up every now and then, but I
> still don't understand how it is supposed to happen. If the PRNG uses a

It is a practical issue: Using /dev/urandom to avoid waiting for a
blocked /dev/random will let other processes wait infinitely on a
blocked /dev/random.

The Linux implementation of /dev/urandom is identical to /dev/random
but instead of blocking, (as /dev/random does on a low entropy
estimation) it continues to give output by falling back to a PRNG mode
of operation.

For services with a high demand of random it is probably better to
employ its own PRNG and reseed it from /dev/random from time to time.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to