Crawford Nathan-HMGT87 writes: >One of the problems with the Linux random number generator >is that it happens to be quite slow, especially if you need a lot of >data.
/dev/urandom is blindingly fast. For most applications, that's all you need. (Of course there are many Linux applications that use /dev/random simply because they don't know any better, but that's a pretty weak argument for a fast hardware RNG.) A fast hardware RNG could be useful but I'm not convinced high speed matters all that much for most applications. Grab 128 bits for a hardware RNG, feed it through AES-CTR to generate an unending stream of pseudorandom bits -- that's good enough for most applications. (Yes, I know there are exceptions where pseudorandomness is not enough. But even the exceptions rarely need true random numbers at a rate of several Mbps.) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]