Ben Laurie wrote:
William Allen Simpson wrote:
Why then restrict it to non-communications usages?
Because we are starting from the postulate that observation of the output could (however remotely) give away information about the underlying state of the entropy generator(s).
Surely observation of /dev/urandom's output also gives away information?
ummm, no, not by definition.
/dev/random blocks on insufficient estimate of stored entropy useful for indirect measurement of system characteristics (assumes no PRNG)
/dev/urandom blocks only when insufficient entropy for initialization of state computationally infeasible to determine underlying state (assumes robust PRNG)
These are the definitions we've been using around here for many years. It does help when everybody is talking about the same things.
I'll note that many systems (including the MacOSX that I'm using to write this) have made /dev/random and /dev/urandom the same....
-- William Allen Simpson Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]