Yo Hal! On Sat, 28 Jan 2017 23:19:32 -0800 Hal Murray <hmur...@megapathdsl.net> wrote:
> g...@rellim.com said:
> > rand() and RAND_pseudo_rand() are not random, just psuedo random,
> > thus not for NTP.
>
> Do you think fuzzing needs cryptographically strong randomness?
You are asking the wrong guy. I'm not sure we need any fuzzing.
> I timed RAND_pseudo_bytes() rather than RAND_bytes() because I didn't
> want to get mixed up with not enough randomness and it seemed good
> enough for what we needed.
You can't run out of randomness with RAND_bytes(). And as your
later tests showed, they had different performance.
> > What about the OpenSSL RAND_bytes()?
>
> It's slightly faster than RAND_pseudo_bytes() :) ??
Dunno, the point is that it is actually random.
> The man page says both will return 1 if the bytes generated are
> cryptographically strong. I wasn't able to use up the system
> entropy. Seems suspicious.
Modern Linux will no run out of entropy, except on startup.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
g...@rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpc8vxzs0yPY.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
