On Fri, 21 Feb 2020 at 03:59, Jens Alfke <j...@mooseyard.com> wrote: > > On Feb 20, 2020, at 10:48 AM, Richard Hipp <d...@sqlite.org> wrote: > > > > That assumption is not correct for SQLite, which does you a > > cryptographically strong PRNG. And the SQLite PRNG is seeded from > > /dev/random on unix. > > Not quite; I'm looking at the function unixRandomness() in SQLite 3.28. > It's seeded from /dev/urandom, which on Linux "will produce lower quality > output if the entropy pool drains, while /dev/random will prefer to block > and wait for additional entropy to be collected." (I'm quoting the macOS > man page, which goes on to say that on macOS it always returns high-quality > randomness.) >
There are a lot of myths in this area, but from what I gather /dev/urandom is totally fine for cryptographic purposes in modern linux, and any advantages of /dev/random are highly overstated. https://www.2uo.de/myths-about-urandom/ -Rowan _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users