lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 17/01/10 13:06, Rob Kendrick wrote:
> On Sun, 17 Jan 2010 12:55:56 +0000
> startx <startx@plentyfact.org> wrote:
[...]
>> i assume by "unsafe" you mean "unreliable", meaning that if there is
>> not enought entropy it will block? thats the nature of /dev/random ,
>> if you want non-blocking entropy /dev/urandom is what you need.
> 
> No, it won't block.  It's PRNG that is occasionally reseeded by people
> writing to it.

For clarity:

On Linux, /dev/random will return truly random values from the entropy
pool. If the entropy pool is empty, it *will* block.

/dev/urandom is a variant of /dev/random that, when the entropy pool is
empty, will return fake random numbers generated with a PRNG. As such it
is not suitable for crypto purposes.

By default, Linux's entropy pool size is 4096 bits. Processes will only
get woken up when at least 64 bits of entropy are available. There's a
warning in the documentation that /dev/random is suitable for reading
very small quantities of data only, such as crypto key seeds (not crypto
keys themselves!), and that unless you really know what you're doing
/dev/urandom is almost certainly the one you want.

(From random(4).)

- -- 
┌─── dg@cowlark.com ───── http://www.cowlark.com ─────
│
│ "Under communism, man exploits man. Under capitalism, it's just the
│ opposite." --- John Kenneth Galbrith
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFLU2EUf9E0noFvlzgRAmnIAJ9T7WA08wtyzt/bPzKGxRMyBTBd6wCgkPo0
IAnzVE4qJmmeCF4xX6I8FKs=
=LTQF
-----END PGP SIGNATURE-----