[148146] in cryptography@c2.net mail archive
Re: [Cryptography] randomness +- entropy
daemon@ATHENA.MIT.EDU (Bear)
Tue Nov 12 19:32:26 2013
X-Original-To: cryptography@metzdowd.com
From: Bear <bear@sonic.net>
To: jamesd@echeque.com
Date: Tue, 12 Nov 2013 15:11:06 -0800
In-Reply-To: <5281E597.4020003@echeque.com>
Cc: cryptography@metzdowd.com, RNG mlist <rng@lists.bitrot.info>,
John Denker <jsd@av8n.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Tue, 2013-11-12 at 18:23 +1000, James A. Donald wrote:
> On 2013-11-12 16:44, John Denker wrote:
> > The fact is, there are some applications that cannot make do with
> > low-quality randomness *and* cannot afford to wait.
>
> I don't think so.
>
> I think this is a configuration bug. By the time you have completed the
> boot process, you have accumulated lots of entropy, and there is no
> cryptographic application so urgent it cannot wait for the boot process
> to complete.
>
> However, some idiot puts a process needing true randomness early in the
> boot process for no good reason.
>
> A process needing true randomness should fail by design in such case.
I'm inclined to agree. IMO the kernel ought to simply terminate any
process that attempts to read /dev/random before the boot process is
complete.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
