Speed and security of /dev/urandom
Steven Chamberlain
steven at pyro.eu.org
Fri Jul 18 20:53:07 UTC 2014
On 18/07/14 21:37, Andrey Chernov wrote:
> One of the reason I hear is that true random entropy bits can be quickly
> exhausted if every userland program will drain them so much.
True of Linux at least, I assume that's why they must make /dev/random
block when the estimated entropy in the pool is low. Applications have
been encouraged to not excessively read even from /dev/urandom, for the
same reason, so it makes sense on Linux to stretch with RC4 or something.
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
More information about the freebsd-security
mailing list