Frank Balluffi wrote:
> Can someone explain to me the difference between /dev/random and
> /dev/urandom or point me to a reference. I am particularly interested in
> when each blocks and the amount of entropy each supplies. Thanks.
>From the FreeBSD manpage for random, urandom
The two other interfaces are two character devices /dev/random and
/dev/urandom. The /dev/random device is suitable for use when very high
quality randomness is desired (e.g. for key generation), as it will only
return a maximum of the number of bits of randomness (as estimated by the
random number generator) contained in the entropy pool.
The /dev/urandom device does not have this limit, and will return as many
bytes as are requested. As more and more random bytes are requested
without giving time for the entropy pool to recharge, this will result in
lower quality random numbers. For many applications, however, this is
acceptable.
On FreeBSD /dev/random does not block, but may return fewer bytes than
requested. This may be alleviated with a code snippet such as
for (j=0; j<n; )
j += read(fd, (void *) buf+j, (size_t) n-j);
There is a command 'rndcontrol' which is particularly helpful --
it allows you to select which IRQs will stir the entropy pool. Under Linux,
where /dev/random blocks, you can wait a long time on an unattended
server for a read to return, since the default is to use the keyboard
and mouse to stir the entropy pool, and these may not even be present.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
