[cryptography] urandom vs random
yboukerr at vt.edu
Wed Aug 21 01:29:06 EDT 2013
In terms of usability engineering, /dev/random is fairly cumbersome and in dire need of reform and expansion.
A user, might want more control of /dev/random - which sources of entropy, when, and which applications. e.g. I want my Geiger counter to feed communications and radio noise to feed data. I want 3000 from 9am-5pm and 200 otherwise. I want all this'd in a GUI or config file.
A developer, might want to tell /dev/random "don't give me keyboard and mouse crap, instead give me 80% rdrand and 20% audio source."
Naturally, the better alternative is a widely implemented open sources TRNG, but good luck convincing manufacturers. So why concentrate on what you can't fix. Reform /dev/random and empower user and developer with choice over quality and amount of randomness!
Randomness is hard to prove but you can test quality with dierharder.
Open eSignForms <yozons at gmail.com> wrote:
>We all know that randomness is required for good crypto, but what is
>measurable difference in the quality of the crypto if using a Linux
>(or in our case the Java SecureRandom PRNG)? How much easier is it to
>crack an encrypted file done with such weaker PRNGs compared to the
>hardware RNGs, especially if it's so hard to determine the quality of
>On Tue, Aug 20, 2013 at 4:10 PM, James A. Donald <jamesd at echeque.com>
>> On 2013-08-21 7:33 AM, grarpamp wrote:
>>> The subject thread is covering a lot about OS implementations
>>> and RNG various sources. But what are the short list of open
>>> source tools we should be using to actually test and evaluate
>>> the resulting number streams?
>> You cannot test and evaluate a supposedly random number stream. True
>> randomness and cryptographically strong pseudo randomness are not
>> observable qualities.
>> You have to look at the underlying generation mechanism and deduce
>> randomness, or the lack thereof.
>> If you apply a whitening expander to the source stream
>> output stream will look convincingly random, but will be completely
>> random to anyone who knows the whitening expander and knows or
>> that the source stream is completely non random
>> cryptography mailing list
>> cryptography at randombit.net
>cryptography mailing list
>cryptography at randombit.net
More information about the cryptography