[whatwg] Cryptographically strong random numbers

Mark S. Miller erights at google.com
Wed Feb 16 11:31:23 PST 2011


On Wed, Feb 16, 2011 at 11:13 AM, David Wagner <daw at cs.berkeley.edu> wrote:

> Shabsi Walfish wrote (quoting from the urandom(4) man page):
> > A read from the */dev/urandom* device will not block waiting for more
> > entropy. As a result, if there is not sufficient entropy in the entropy
> > pool, the returned values are theoretically vulnerable to a cryptographic
> > attack on the algorithms used by the driver. Knowledge of how to do
> > this is not available in the current non-classified literature, but it
> > is theoretically possible that such an attack may exist. If this is a
> > concern in your application, use */dev/random* instead.
>
> This is total FUD.  I've long complained about the fact that this is in
> the urandom(4) man page, as it leads to widespread misconceptions, but
> it's never been fixed.  I don't want to waste the time of people on this
> mailing list deconstructing this statement in detail,


Hi David, please feel free to, or to point at pages where we can read more
about this specific issue. This issue seems to be the only significant
remaining controversy here, so more words settling it more decisively would
be welcome. Thanks.




> so I'll just say:
>
> Please ignore this part of the /dev/urandom man page.  It's bogus and
> not a good source for how to think about crypto-quality randomness.
>
> (To share an analogy, the quote above is analogous to saying
> "SSL is theoretically vulnerable to a cryptographic attack on the
> algorithms it uses.  Knowledge of how to do this is not available in
> the non-classified literature, but it is theoretically possible that
> such an attack may exist.  If this is a concern in your application,
> turn off your computer instead.")
> _______________________________________________
> es-discuss mailing list
> es-discuss at mozilla.org
> https://mail.mozilla.org/listinfo/es-discuss
>



-- 
    Cheers,
    --MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20110216/75e89056/attachment.html>


More information about the es-discuss mailing list