Date: Mon, 17 Sep 2007 02:20:17 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "RW" <fbsd06@mlists.homeunix.com>, <freebsd-questions@freebsd.org> Subject: RE: /dev/random question Message-ID: <BMEDLGAENEKCJFGODFOCMEGICAAA.tedm@toybox.placo.com> In-Reply-To: <20070916215550.65e09a71@gumby.homeunix.com.>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of RW > Sent: Sunday, September 16, 2007 1:56 PM > To: freebsd-questions@freebsd.org > Subject: Re: /dev/random question > > > That's a poor analogy because they haven't improved /dev/random so it > doesn't block, they've taken a /dev/urandom implementation and renamed > it. In terms of your analogy they've blocked off the road, diverted > everyone onto the highway, and renamed it to main street. > > Using Yarrow for /dev/random is not an intrinsically bad idea, but it > is controversial. I really don't see what the issue is here. If you really want a /dev/urandom on your system then fine - symlink /dev/random to /dev/urandom and be done with it. Historically on UNIXes, /dev/urandom has been LESS random than /dev/random. In short, it forced the application developer to make a tradeoff - if they needed a lot of random numbers quickly, they had to be content with the stream of numbers being less random. Where you often saw this is in game programming - and less-random inputs to games made them predictable, and thus, not as fun to play. With crypto apps, they just made those apps run -slower- as the app waited for the random device to give it randomness. if you really want a source that is kind of random but really isn't then use the rand library call which doesen't use yarrow. And as for using Yarrow for /dev/random, well the /dev/random device uses the hardware random generator on the VIA C3 Nehemiah (stepping 3 or greater) CPU, not Yarrow, if such a CPU is present. For those that think Yarrow is controversal then fine - add in support for the hardware random generator of your favorite processor (most have one now) and quit complaining. Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BMEDLGAENEKCJFGODFOCMEGICAAA.tedm>