ansaurus

Question

Answer 1

+4 A:

Please check the man page:

Yarrow is a fairly resilient algorithm, and is believed to be resistant
     to non-root.  The quality of its output is however dependent on regular
     addition of appropriate entropy. If the SecurityServer system daemon
     fails for any reason, output quality will suffer over time without any
     explicit indication from the random device itself.

     Paranoid programmers can counteract this risk somewhat by collecting
     entropy of their choice (e.g. from keystroke or mouse timings) and seed-
     ing it into random directly before obtaining important random numbers.

ennuikiller 2009-12-08 18:35:50

But lets say you are pulling from random or urandom. and the system is just sitting there on lets say a live cd. Wouldn't the entropy be similar every time the same scenario occurred,.

Recursion 2009-12-08 19:08:20

That's a link to a BSD man page, and in this case the Linux behavior is different: /dev/random is "stronger" than /dev/urandom.

Eric Seppanen 2009-12-08 19:31:55

Answer 2

+3 A:

If you're generating cryptographic keys on Linux, you want /dev/random, even if it blocks-- you don't need that many bits.

For just about anything else, like generating random test data or unpredictable session IDs, /dev/urandom is fine. There are enough sources of entropy in most systems (timing of keyboard and mouse events, network packets, etc) that the output will be unpredictable.

Eric Seppanen 2009-12-08 19:35:50

+1, though its often easier and faster to gather your own entropy rather than waiting on a blocking /dev/random. I fill large files in this manner for 'bottled' entropy when working on monte carlo simulations, its much faster to bang the keys and move the mouse than it is to wait on /dev/random

Tim Post 2009-12-09 00:29:16

I'm confused: how is this better than using /dev/urandom?

Eric Seppanen 2009-12-09 00:41:37

Last time I looked /dev/urandom on linux returned the same output as /dev/random *as long as there is entropy in the pool* because they both use the pool. The difference is that urandom will fall back on a plain rehashing algorithm when there is no stored entropy, while random will wait until new entropy has been added.

dmckee 2009-12-09 01:53:18

Answer 3

A:

is it possible to get a constant stream of 1's.

Recursion 2009-12-08 20:01:59

A stream of n 1's is as valid a result as any other unique string of n bits, so if it were impossible for your random number generator to get a stream of n 1's, then it wouldn't be a very good random number generator. (Your follow-up question would be better expressed as an edit to your original question.)

Josh Kelley 2009-12-08 20:17:25

ansaurus

tags:

views:

answers:

How random is urandom?

related questions