[PLUG] Re: WipeInfo Equivalent

Elliott Mitchell ehem at m5p.com
Fri Dec 22 19:36:33 UTC 2006


>From: Aaron Burt <aaron at bavariati.org>
> On Thu, Dec 21, 2006 at 12:38:08PM -0800, Russ Gilman-Hunt wrote:
> > Just out of curiosity, what makes urandom so much better, and why don't
> > we just link /dev/random to /dev/urandom? 
> 
> /dev/random is a source of honest-to-goodness truly random numbers,
> carefully collected from the wild.  It is impossible to guess what the
> next number will be based on the previous ones.
> 
> /dev/urandom is a source of pseudo-random numbers, which are generated
> by an algorithm.  Algorithms always do the same thing, so it's possible
> to guess what the next number will be based on the previous ones.

Closer but not quite. /dev/urandom will also give you random numbers, but
will always give data back. In order to fill in for true random numbers,
urandom will also use pseudo-random numbers, but if a sufficient amount
of randomness is available urandom will give true random numbers. urandom
isn't pure psuedo-random, just you might merely get pseudo-random numbers
instead of truely random ones.

> So you use /dev/urandom if you need a whole lot of somewhat-random
> numbers real fast, and you use /dev/random if you want a handful of
> truly-random numbers.  Quantity vs. quality, y'see.

Got it here. You use /dev/random for things like public/private key pair
generation, where quality is much more important. /dev/urandom is used
for session keys where randomness is important, but getting some
randomness is much more important.


-- 
(\___(\___(\______          --=> 8-) EHM <=--          ______/)___/)___/)
 \BS (    |         EHeM at gremlin.m5p.com PGP 8881EF59         |    )   /
  \_CS\   |  _____  -O #include <stddisclaimer.h> O-   _____  |   /  _/
    \___\_|_/82 04 A1 3C C7 B1 37 2A*E3 6E 84 DA 97 4C 40 E6\_|_/___/





More information about the PLUG mailing list