Date: Sat, 19 Jul 2014 00:37:17 +0400 From: Andrey Chernov <ache@freebsd.org> To: Steven Chamberlain <steven@pyro.eu.org>, freebsd-security@freebsd.org Subject: Re: Speed and security of /dev/urandom Message-ID: <53C9857D.6000806@freebsd.org> In-Reply-To: <53C85F42.1000704@pyro.eu.org> References: <53C85F42.1000704@pyro.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18.07.2014 3:41, Steven Chamberlain wrote: > Is there a good reason arc4random_buf() can't take bytes directly from > /dev/urandom or sysctl KERN_ARND? Therefore no longer needing to seed > first, periodically reseed, or use any stream cipher? One of the reason I hear is that true random entropy bits can be quickly exhausted if every userland program will drain them so much. -- http://ache.vniz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53C9857D.6000806>