[cryptography] urandom vs random

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Aug 17 03:57:34 EDT 2013


Nico Williams <nico at cryptonector.com> writes:

>It might be useful to think of what a good API would be. 

The problem isn't the API, it's the fact that you've got two mutually
exclusive requirements, the security geeks want the (P)RNG to block until
enough entropy is available, everyone else wants execution to continue without
being blocked.  In other words a failure of security is preferred to a failure
of functionality.  Until you resolve that conflict, no API (re)design is going
to help you.

Peter.


More information about the cryptography mailing list