[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: [RFC] Support for /dev/urandom in kdelibs
From:       Michael Buesch <mbuesch () freenet ! de>
Date:       2004-12-27 17:49:30
Message-ID: 200412271849.39305.mbuesch () freenet ! de
[Download RAW message or body]


Quoting Ingo Klöcker <kloecker@kde.org>:
> >       int fd = open("/dev/urandom", O_RDONLY);
> > // Why only read the seed from /dev/urandom and not directly
> > // the random data itself?
> 
> Because truly random bytes are extremely expensive and you'd run out of 
> random bytes very quickly. You'll notice this when you try to generate 
> an OpenPGP key just after starting your computer. Most likely gpg will 
> use up all random bytes and ask you to play with the mouse and the 
> keyboard so that some more entropy can be gathered.

No. That's the reason why we have /dev/urandom and /dev/random.
/dev/urandom does not run out of random bytes. If the entropy pool
in the kernel shrinks below a predefined level, pseudo random data
(which is as good as random data in that case) is emitted.

> There could of course be an additional method 
> KApplication::trulyRandomButVeryExpensiveSoDontUseUnlessYouHaveVeryGoodReasons().
> 
> Regards,
> Ingo
> 

-- 
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]



[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]