On 2007-09-03, Paul Rubin <http> wrote:
> Antoon Pardon <[EMAIL PROTECTED]> writes:
>> If I understand correctly that you are using urandom as a random
>> generator I wouldn't trust too much on this performance. Urandom
>> uses the systemwide entropy-pool. If other programs need this pool
>> too, your performance can drop spectaculary.
>
> No the idea is that once there's enough entropy in the pool to make
> one encryption key (say 128 bits), the output of /dev/urandom is
> computationally indistinguishable from random output no matter how
> much data you read from it.
If you were talking about /dev/random I would agree. But this is what
the man page on my system says about /dev/urandom
A read from the /dev/urandom device will not block waiting for
more entropy. As a result, if there is not sufficient
entropy in the entropy pool, the returned values are
theoretically vulnerable to a cryptographic attack on the algorithms
used by the driver. Knowledge of how to do this is not available
in the current non-classified literature, but it is the-
oretically possible that such an attack may exist. If this is a
concern in your application, use /dev/random instead.
And reading from /dev/random can block if there is not enough entropy.
--
Antoon Pardon
--
http://mail.python.org/mailman/listinfo/python-list
