[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Getting randomic integers
- From: David Given <dg@...>
- Date: Sun, 17 Jan 2010 20:03:39 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 17/01/10 19:27, Florian Weimer wrote:
[...]
>> /dev/urandom is a variant of /dev/random that, when the entropy pool is
>> empty, will return fake random numbers generated with a PRNG. As such it
>> is not suitable for crypto purposes.
>
> This is not true, the data is perfectly usable for almost any purpose
> (unless there are bugs or breathtaking advancements in the open crypto
> literature).
Hey, I'm just paraphrasing the man page:
> A read from the /dev/urandom device will not block waiting for more
> entropy. As a result, if there is not sufficient entropy in the
> entropy pool, the returned values are theoretically vulnerable to a
> cryptographic attack on the algorithms used by the driver. Knowledge
> of how to do this is not available in the current non-classified liter‐
> ature, but it is theoretically possible that such an attack may exist.
> If this is a concern in your application, use /dev/random instead.
I'll agree that the chance of anybody successfully exploiting
/dev/urandom's lack-of-randomness are so close to nil as not to be worth
worrying about, but when dealing with cryptography one always equates
'theoretically possible' to 'danger, Will Robinson!'.
Of course, must people *aren't* interested in cryptography, even the
ones who think they are. We use this stuff at work for our gaming
platform; all we do with it is to read four bytes from /dev/random to
seed our own general purpose PRNG. We used to have a hideous bug
perpetrated by a now ex-coworker who decided that since we *might* use
our random number stream for crypto purposes one day we should be
reading numbers directly from /dev/random. This had the entertaining
result that some games would run for five seconds and then lock up until
you touched the mouse.
- --
┌─── dg@cowlark.com ───── http://www.cowlark.com ─────
│
│ "Under communism, man exploits man. Under capitalism, it's just the
│ opposite." --- John Kenneth Galbrith
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iD8DBQFLU20bf9E0noFvlzgRAmw6AJkBXIioDyaVAeb/2qghmFHJVt3D4ACfe95k
H1exzpdzx/djLUGf1CRerCU=
=axKe
-----END PGP SIGNATURE-----
- References:
- Getting randomic integers, Luciano de Souza
- Re: Getting randomic integers, Eike Decker
- Re: Getting randomic integers, Luciano de Souza
- Re: Getting randomic integers, Gé Weijers
- Re: Getting randomic integers, Majic
- Re: Getting randomic integers, Alex Davies
- Re: Getting randomic integers, Majic
- Re: Getting randomic integers, Alex Davies
- Re: Getting randomic integers, Eike Decker
- Re: Getting randomic integers, Luiz Henrique de Figueiredo
- Re: Getting randomic integers, Rob Kendrick
- Re: Getting randomic integers, startx
- Re: Getting randomic integers, Rob Kendrick
- Re: Getting randomic integers, David Given
- Re: Getting randomic integers, Florian Weimer