From: Russ Dill <Russ.Dill@asu.edu>
To: linux-kernel@vger.kernel.org
Subject: Re: Why does reading from /dev/urandom deplete entropy so much?
Date: Tue, 4 Dec 2007 18:49:40 +0000 (UTC) [thread overview]
Message-ID: <loom.20071204T184742-19@post.gmane.org> (raw)
In-Reply-To: 20071204114125.GA17310@torres.zugschlus.de
Marc Haber <mh+linux-kernel <at> zugschlus.de> writes:
>
> While debugging Exim4's GnuTLS interface, I recently found out that
> reading from /dev/urandom depletes entropy as much as reading from
> /dev/random would. This has somehow surprised me since I have always
> believed that /dev/urandom has lower quality entropy than /dev/random,
> but lots of it.
>
> This also means that I can "sabotage" applications reading from
> /dev/random just by continuously reading from /dev/urandom, even not
> meaning to do any harm.
An application either needs to be cryptographically secure, or it doesn't. If it
doesn't, then just use /dev/urandom to seed a PRNG.
prev parent reply other threads:[~2007-12-04 19:13 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-04 11:41 Why does reading from /dev/urandom deplete entropy so much? Marc Haber
2007-12-04 14:16 ` Eric Dumazet
2007-12-04 16:18 ` Adrian Bunk
2007-12-04 16:47 ` Alan Cox
2007-12-04 18:17 ` Eric Dumazet
2007-12-05 21:26 ` Matt Mackall
2007-12-06 7:02 ` Eric Dumazet
2007-12-06 16:09 ` Matt Mackall
2007-12-09 12:42 ` Marc Haber
2007-12-09 16:16 ` Matt Mackall
2007-12-10 23:06 ` Marc Haber
2007-12-10 23:35 ` Matt Mackall
2007-12-11 1:34 ` Theodore Tso
2007-12-11 19:46 ` Phillip Susi
2007-12-11 20:02 ` Ray Lee
2007-12-12 5:34 ` David Schwartz
2007-12-04 16:54 ` Ray Lee
2007-12-04 16:55 ` Alan Cox
2007-12-04 18:02 ` Matt Mackall
2007-12-04 19:50 ` Theodore Tso
2007-12-04 20:36 ` Matt Mackall
2007-12-04 20:40 ` Alan Cox
2007-12-04 20:48 ` Mike McGrath
2007-12-04 21:54 ` Matt Mackall
2007-12-04 22:03 ` Theodore Tso
2007-12-04 22:12 ` Mike McGrath
2007-12-04 22:28 ` Matt Mackall
2007-12-04 21:08 ` Matt Mackall
2007-12-04 21:18 ` Mike McGrath
2007-12-04 22:15 ` Matt Mackall
2007-12-04 22:23 ` Mike McGrath
2007-12-04 22:33 ` Matt Mackall
2007-12-05 14:26 ` Mike McGrath
2007-12-05 14:49 ` Theodore Tso
2007-12-08 7:38 ` Jon Masters
2007-12-08 17:32 ` Theodore Tso
2007-12-08 17:33 ` Mike McGrath
2007-12-08 17:49 ` Theodore Tso
2007-12-08 17:54 ` Jon Masters
2007-12-08 18:15 ` Matt Mackall
2007-12-08 18:24 ` Theodore Tso
2007-12-08 19:36 ` entropy gathering (was Re: Why does reading from /dev/urandom deplete entropy so much?) Jeff Garzik
2007-12-08 19:53 ` Matt Mackall
2007-12-08 20:04 ` Jeff Garzik
2007-12-08 20:19 ` Matt Mackall
2007-12-08 21:07 ` Willy Tarreau
2007-12-08 20:31 ` Theodore Tso
2007-12-08 20:47 ` Jeff Garzik
2007-12-08 20:42 ` Willy Tarreau
2007-12-08 23:47 ` Theodore Tso
2007-12-09 1:07 ` Jon Masters
2007-12-08 18:31 ` Why does reading from /dev/urandom deplete entropy so much? Jeff Garzik
2007-12-08 20:26 ` David Schwartz
2007-12-08 17:43 ` Matt Mackall
2007-12-08 17:47 ` Jon Masters
2007-12-08 18:05 ` Theodore Tso
2007-12-08 17:45 ` Jon Masters
2007-12-10 16:37 ` Pavel Machek
2007-12-04 18:01 ` Matt Mackall
2007-12-06 20:08 ` Bill Davidsen
2007-12-05 12:23 ` Marc Haber
2007-12-05 12:29 ` Marc Haber
2007-12-05 13:33 ` Theodore Tso
2007-12-05 15:10 ` Marc Haber
2007-12-06 19:32 ` Bill Davidsen
2007-12-08 22:03 ` Adrian Bunk
2007-12-08 22:10 ` Ismail Dönmez
2007-12-08 23:46 ` Theodore Tso
2007-12-09 5:21 ` Willy Tarreau
2007-12-09 6:52 ` Jon Masters
2007-12-09 6:21 ` Ismail Dönmez
2007-12-09 12:31 ` Theodore Tso
2007-12-09 14:06 ` Ismail Dönmez
2007-12-11 15:42 ` Bill Davidsen
2007-12-20 22:27 ` Marc Haber
2007-12-26 18:27 ` Phillip Susi
2007-12-04 18:49 ` Russ Dill [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=loom.20071204T184742-19@post.gmane.org \
--to=russ.dill@asu.edu \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.