Shachar Shemesh <[EMAIL PROTECTED]> writes: > Oleg Goldshmidt wrote: > > >Switch to /dev/urandom - it exists exactly for that purpose. I read > >through the thread - your assertion that /dev/urandom is "of lower > >quality" is wrong. > > > > That depends. If no entropy is being generated, then urandom is indeed > of poorer quality. If Entropy is being generated, but is being > deplated by someone else rapidly, then urandom is probably of > indistinguishable quality from random.
This is technically true. Let me explain what I meant. On several occasions I generated millions of integers using /dev/urandom in a tight loop (read from /dev/urandom, write to a file, nothing else). I think this should have depleted the pool significantly. I then ran a known, well-regarded battery of randomness tests written by an authority on the subject (DIEHARD by G. Marsaglia) on the sequence and the result was very random (all tests passed with flying colors). The tests were designed to satisfy a wide range of applications (most pseudo-random generators fail at least some of the tests, btw, in fact it is not easy to find one that succeeds). To say that for your particular application this is not good enough will imply intimate knowledge of the application and its peculiarities. I think the OP mentioned in passing that his application was a third-party one etc, so I assume this is not the case. Hence my comment. -- Oleg Goldshmidt | [EMAIL PROTECTED] ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
