Message267663
What I'm trying to tell you is that /dev/random is a bad implementation and practically every cryptographer agrees that everyone should use /dev/urandom and they all also agree that on Linux /dev/urandom has a bad wart of giving bad randomness at the start of the system. The behavior of getrandom is a fix to that. In addition, almost nobody needs hardware RNG, /dev/urandom (minus the intialization problem on Linux) is the right answer for almost every single application (and if it's not the right answer, you're a cryptographer who knows that it's not the right answer). On most systems, /dev/random and /dev/urandom have the exact same behavior (which is the behavior of getrandom()-- blocks on intialization, otherwise doens't), it's just linux being brain dead here. |
|
Date |
User |
Action |
Args |
2016-06-07 13:07:10 | dstufft | set | recipients:
+ dstufft, lemburg, rhettinger, doko, vstinner, larry, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, Lukasa, thomas-petazzoni, Colm Buckley |
2016-06-07 13:07:10 | dstufft | set | messageid: <1465304830.92.0.672455167664.issue26839@psf.upfronthosting.co.za> |
2016-06-07 13:07:10 | dstufft | link | issue26839 messages |
2016-06-07 13:07:10 | dstufft | create | |
|