Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:26
David R. Conrad (drc@adni.net)
Sun, 7 Feb 1999 09:49:46 -0500 (EST)
On Sat, 6 Feb 1999, bram wrote:
> On Sat, 6 Feb 1999, David R. Conrad wrote:
> > > I think it's a good idea for any CSPRNG to be able to say that it doesn't
> > > have enough entropy at the moment. For example, /dev/random could be made
> > > to encounter an I/O problem if the RNG has been unavailable for too long.
> >
> > Doesn't it already block if it doesn't think it has enough entropy in its
> > pool? I thought the distinction between /dev/random and /dev/urandom was
> > just that.
>
> I did not know that.
Here are a couple of quotes from linux/drivers/char/random.c; I have not
made any attempt to check that the code operates as advertised (and I was
mistaken some time ago about the secure deletion attribute of the ext2
filesystem, which apparently is still non-functional under linux 2.2.0),
but I do believe that it does:
[There is mention of an API interface that the kernel can employ, then:]
* The two other interfaces are two character devices /dev/random and
* /dev/urandom. /dev/random is suitable for use when very high
* quality randomness is desired (for example, for key generation or
* one-time pads), as it will only return a maximum of the number of
* bits of randomness (as estimated by the random number generator)
* contained in the entropy pool.
*
* The /dev/urandom device does not have this limit, and will return
* as many bytes as are requested. As more and more random bytes are
* requested without giving time for the entropy pool to recharge,
* this will result in random numbers that are merely cryptographically
* strong. For many applications, however, this is acceptable.
[And, somewhat later:]
/*
* The minimum number of bits to release a "wait on input". Should
* probably always be 8, since a /dev/random read can return a single
* byte.
*/
#define WAIT_INPUT_BITS 8
/*
* The limit number of bits under which to release a "wait on
* output". Should probably always be the same as WAIT_INPUT_BITS, so
* that an output wait releases when and only when a wait on input
* would block.
*/
#define WAIT_OUTPUT_BITS WAIT_INPUT_BITS
David R. Conrad <drc@adni.net> PGP keys (0x1993E1AE and 0xA0B83D31):
DSS Fingerprint20 = 9942 E27C 3966 9FB8 5058 73A4 83CE 62EF 1993 E1AE
RSA Fingerprint16 = 1D F2 F3 90 DA CA 35 5D 91 E4 09 45 95 C8 20 F1
This message brought to you by the letter '6' and the number 0xDEADBEEF.
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:26