| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20121030185403.GA5044@thunk.org> Date: Tue, 30 Oct 2012 14:54:03 -0400 From: Theodore Ts'o <tytso@....edu> To: Lasse Kärkkäinen <ljkarkk2@...hut.fi> Cc: linux-kernel@...r.kernel.org Subject: Re: urandom is too slow On Tue, Oct 30, 2012 at 04:55:22PM +0200, Lasse Kärkkäinen wrote: > Apparently there has been little or no development on urandom even > though the device is in widespread use for disk shredding and such > use. The device emits data at rather slow rate of 19 MB/s even on > modern hardware where other software-based PRNGs could do far > better. An even better option seems to be utilizing AES for > encrypting zeroes, using a random key, allowing for rates up to 500 > MB/s with hardware that has AES-NI instructions. > > Why is urandom so slow and why isn't AES hardware acceleration utilized? If you can use a software-based PRNG, you should use one in userspace. The intended use of urandom is for cryptographic purposes (i.e., generating random session keys, long-term public keys, etc.). If you just want to wipe a disk, you shouldn't be using /dev/urandom for that purpose. Regards, - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists