Random number generation, simple question.
Andrew Kuchling
akuchlin at mems-exchange.org
Wed Jul 5 10:34:19 EDT 2000
"Andrew Dalke" <dalke at acm.org> writes:
> What I saw, though, was a compile time option to use /dev/random if
> it exists. I would have thought that would be enabled by default, but
> it made some comment about how the read will block if there isn't enough
> entropy in the source pool. Is this ever a problem in real life?
Yes, because the entropy pool is only 4096 bits, and entropy is added
fairly slowly, since an interrupt or other event only adds a few bits
of entropy. A different device, /dev/urandom, never blocks, so you
can read enough data to theoretically compute the initial state of the
pool. For generating a long-term thing like an RSA key, this would
matter (or least be psychologically unsettling); for an IV, I think
/dev/urandom would be fine.
--amk
More information about the Python-list
mailing list