Speed and security of /dev/urandom
Andrey Chernov
ache at freebsd.org
Fri Jul 18 20:37:30 UTC 2014
On 18.07.2014 3:41, Steven Chamberlain wrote:
> Is there a good reason arc4random_buf() can't take bytes directly from
> /dev/urandom or sysctl KERN_ARND? Therefore no longer needing to seed
> first, periodically reseed, or use any stream cipher?
One of the reason I hear is that true random entropy bits can be quickly
exhausted if every userland program will drain them so much.
--
http://ache.vniz.net/
More information about the freebsd-security
mailing list