Date: Fri, 18 Jul 2014 21:53:01 +0100 From: Steven Chamberlain <steven@pyro.eu.org> To: freebsd-security@freebsd.org Subject: Re: Speed and security of /dev/urandom Message-ID: <53C9892D.1050002@pyro.eu.org> In-Reply-To: <53C9857D.6000806@freebsd.org> References: <53C85F42.1000704@pyro.eu.org> <53C9857D.6000806@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18/07/14 21:37, Andrey Chernov wrote: > One of the reason I hear is that true random entropy bits can be quickly > exhausted if every userland program will drain them so much. True of Linux at least, I assume that's why they must make /dev/random block when the estimated entropy in the pool is low. Applications have been encouraged to not excessively read even from /dev/urandom, for the same reason, so it makes sense on Linux to stretch with RC4 or something. Regards, -- Steven Chamberlain steven@pyro.eu.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53C9892D.1050002>