[147738] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] on RNGs, VM state, rollback, etc.
daemon@ATHENA.MIT.EDU (Nico Williams)
Fri Oct 18 19:38:26 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 18 Oct 2013 18:08:34 -0500
From: Nico Williams <nico@cryptonector.com>
To: Christoph Anton Mitterer <calestyo@scientia.net>
In-Reply-To: <1382128394.16207.38.camel@heisenberg.scientia.net>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Fri, Oct 18, 2013 at 10:33:14PM +0200, Christoph Anton Mitterer wrote:
> On Fri, 2013-10-18 at 11:54 -0700, John Denker wrote:
> > Blocking /dev/urandom is a bad idea.
>
> Why? If the system is correctly set up, a good seed should be loaded and
> no problem will arise.
> If not, it's better to have failing programs or even a completely broken
> system, than one that does insecure things.
The problem is that many apps expect /dev/urandom never to block. This
is a severe problem if such an app is invoked early in boot and blocks
the rest of the bootup procedure. But, then again, that would be a
serious bug, therefore blocking until seeded would be very useful
behavior: it would allow one to find such bugs.
Now, once seeded, /dev/urandom should not block again (apps that use
/dev/urandom should be OK with indefinitely stretched entropy), but it
should get periodically reseeded.
Nico
--
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
