| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Jun 2016 09:32:13 +0200 From: Stephan Mueller <smueller@...onox.de> To: Nikos Mavrogiannopoulos <nmav@...tls.org> Cc: Theodore Ts'o <tytso@....edu>, Pavel Machek <pavel@....cz>, Herbert Xu <herbert@...dor.apana.org.au>, Andi Kleen <andi@...stfloor.org>, Sandy Harris <sandyinchina@...il.com>, Jason Cooper <cryptography@...edaemon.net>, John Denker <jsd@...n.com>, "H. Peter Anvin" <hpa@...ux.intel.com>, Joe Perches <joe@...ches.com>, George Spelvin <linux@...izon.com>, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v5 0/7] /dev/random - a new approach Am Dienstag, 21. Juni 2016, 09:12:07 schrieb Nikos Mavrogiannopoulos: Hi Nikos, > On Mon, Jun 20, 2016 at 5:43 PM, Stephan Mueller <smueller@...onox.de> wrote: > >> Personally, I don't really use /dev/random, nor would I recommend it > >> for most application programmers. At this point, getrandom(2) really > >> is the preferred interface unless you have some very specialized > >> needs. > > > > I fully agree. But there are use cases for /dev/random, notably as a seed > > source for other DRNG. > > Is that really the case? I believe all DRNG's use /dev/urandom anyway > for seeding since they cannot afford indeterminate blocking. It would > be a gain for everyone if /dev/random was the same as /dev/urandom in > Linux. For standard approaches, this is true. But there are regulations, notably in the German realm, /dev/random shall be used, at least partially (see AIS 20/31). Ciao Stephan
Powered by blists - more mailing lists