RE: randomization

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


-----Original Message-----
From: Jeffrey Walton <noloader@xxxxxxxxx>
Sent: Friday, May 26, 2023 4:20 AM
To: Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: randomization

On Thu, May 25, 2023 at 9:18 PM Bill Cunningham <bill.cu1234@xxxxxxxxx> wrote:
>
>      How would you access randomization at the system level? No via
> srand or rand, but the randomization the system offers through
> /dev/random. Would this be a fedora level system call ?
>
>      I intend to take a 512 or 1024, for example, size chunk and fill
> that with system randomization. Not what you get with srand and rand I
> believe they are inferior to system randomization.

You should use /dev/urandom nowadays, not /dev/random. According to Theodore Ts'o on the Linux Kernel Crypto mailing list, /dev/random has been deprecated for a decade.

>From Re: [RFC PATCH v12 3/4] Linux Random Number Generator:[1]

Practically no one uses /dev/random. It's essentially a deprecated interface; the primary interfaces that have been recommended for well over a decade is /dev/urandom, and now, getrandom(2).


There is a difference between random and urandom, mainly the "quality of it randomness"
Especially when doing crypto related tasks (VPNs) on a virtual machine, you might find that your entropy pool is small and easiliy depleted.
In such cases, reading from /dev/random will block (bad), but reading from /dev/urandom get bad quality (perhaps even worse)
However, there are ways to replenish the entropy buffer...



Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux