On Wed, 15 Apr 2015 08:30:04 -0700 David Christensen <dpchr...@holgerdanske.com> wrote:
... > /dev/random is for cryptographically secure random numbers, such as for > cryptographic keys. It requires a source of entropy to operate, and > will block until entropy is available. Thus, on most desktop computers, > it is only suitable for small amounts of random numbers. ... > /dev/urandom is for non-cryptographic/ low-security random numbers, such > as for games. It will use entropy as available, otherwise it will > mathematically generate pseudo-random numbers. It does not block and > can generate large amounts of random data quickly, but is vulnerable to > attack. I don't think it's quite this simple: 1) OpenSSl thinks /dev/urandom is good enough for crypto: https://www.openssl.org/support/faq.html#USER1 2) Perl's Math::Random::Secure also thinks it's generally good enough: http://search.cpan.org/~mkanat/Math-Random-Secure-0.06/lib/Math/Random/Secure.pm#Making_Math::Random::Secure_Even_More_Secure 3) Read these guys (don't know how correct they are): http://www.2uo.de/myths-about-urandom/ http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ Celejar -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150416215613.b9117149f674e461d19e4...@gmail.com
