Re: Speed and security of /dev/urandom
> On Sat, 19 Jul 2014, Mateusz Guzik wrote:
>> I believe the idea here is to have reliable source for reseeding after
>> fork.
That is one issue, for which getrandom(2) may be an improvement, but I
mentioned other problems.
On 19/07/14 22:07, Benjamin Kaduk wrote:
> I don't think that's quite right; there are issues in reliably detecting
> that fork has occurred and a reseed performed.
> Always getting random bits from the kernel avoids the need to detect fork.
Precisely. A syscall may be fast enough (uniquely on FreeBSD) to
provide arc4random_buf output, and perhaps be already as fast as doing
getpid on each call and running a stream cipher in userland.
RW mentioned kernels without RANDOM, being an awkward situation for
which it seems necessary to fall back to the PRNG in userland.
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 21 之 24 篇):