Re: arc4random - are you sure we want these?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



* Theodore Ts'o:

> But even if you didn't take the latest kernels, I think you will find
> that if you actually benchmark how many queries per second a real-life
> secure web server or VPN gateway, even the original 5.15.0 /dev/random
> driver was plenty fast enough for real world cryptographic use cases.

The idea is to that arc4random() is suitable in pretty much all places
that have historically used random() (outside of deterministic
simulations).  Straight calls to getrandom are much, much slower than
random(), and it's not even the system call overhead.

Thanks,
Florian




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux