Ok thanks for the quick response, but still i have again the same doubt in the order of preferencing the definition for DEVRANDOM.
I just came to know they two behave differently as ive listed below. So since /dev/random produce high quality random numbers, then should it appear first in the list? I appreaciate all sorts of suggestions in this : ) i) While Applications (openSSL), retrieve random bytes by reading these special files, the /dev/random interface returns random bytes only when sufficient amount of entropy has been collected. If there is no entropy to produce the requested number of bytes, /dev/random blocks until more entropy can be obtained. whereas, The /dev/urandom interface returns bytes regardless of the amount of entropy available. It does not block on a read request due to lack of entropy. ii) Bytes retrieved from /dev/random provide the highest quality random numbers and can be used to generate long term keys and other high value keying material. But comparitively bytes produced by the /dev/urandom interface are of lower quality than bytes produced by /dev/random, they are nonetheless suitable for less demanding and shorter term cryptographic uses such as short term session keys, paddings, and challenge strings. ----- Original Message ----- From: "Lutz Jaenicke" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 04, 2003 6:40 PM Subject: Re: which device openssl 0.9.7c prefers /dev/random or /dev/urandom > On Thu, Dec 04, 2003 at 05:23:26PM +0530, usha wrote: > > Hi all, > > > > Im using openssl 0.9.7c, and I got the info from homesite that is uses > > /dev/random if /dev/urandom is unavailable, > > Which is the prefered one that i can use. > > The devices are queried one after the other until enough entropy is > collected. The sequence is defined in openssl-0.9.7c/e_os.h: > #define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" > > Best regards, > Lutz > -- > Lutz Jaenicke [EMAIL PROTECTED] > http://www.aet.TU-Cottbus.DE/personen/jaenicke/ > BTU Cottbus, Allgemeine Elektrotechnik > Universitaetsplatz 3-4, D-03044 Cottbus > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.535 / Virus Database: 330 - Release Date: 11/1/2003 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
