On 29 Jun 2017, at 06:03, Ben Laurie <b...@links.org> wrote: > > On 28 June 2017 at 03:41, Theodore Ts'o <ty...@mit.edu> wrote: > On Wed, Jun 28, 2017 at 11:41:11AM +1000, Peter Waltenberg wrote: > > And FYI. On systems not backed with hardware RNG's /dev/random is > > extremely slow. 1-2 bytes/second is a DOS attack on it's own without any > > other effort required. > > Please, stop suggesting the use /dev/random. The right answer is > /dev/urandom or getrandom(2). > > a) On Linux. > > b) If its the right answer, why is there a difference between /dev/random and > /dev/urandom?
The Linux random(4) manpage says:
The /dev/random device is a legacy interface which dates back
to a time where the cryptographic primitives used in the impleā
mentation of /dev/urandom were not widely trusted. It will
return random bytes only within the estimated number of bits of
fresh noise in the entropy pool, blocking if necessary.
/dev/random is suitable for applications that need high quality
randomness, and can afford indeterminate delays.
and:
Usage
The /dev/random interface is considered a legacy interface, and
/dev/urandom is preferred and sufficient in all use cases, with
the exception of applications which require randomness during
early boot time; for these applications, getrandom(2) must be
used instead, because it will block until the entropy pool is
initialized.
In short, almost everybody should use /dev/urandom, and /dev/random is
kept alive for old programs.
-Dimitry
signature.asc
Description: Message signed with OpenPGP
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
