The tradeoff is that sometimes you need TRUE randomness, which is created from random events that happen in hardware. Right after systems boot, and especially in VMs distant from the hardware, enough true randomness (entropy) doesn't exist yet.
-
Show this thread
-
So what should your software do, continue running with whatever randomness it can get? or wait, often indefinitely, from enough randomness to happen before continuing?
1 reply 0 retweets 3 likesShow this thread -
The general solution, when you look in crypto libraries like OpenSSL, is to read from /dev/urandom AND gather some of your own entropy to "mix" in. Because crypto, we can endlessly mix extra data in and it'll never make it worse.
2 replies 0 retweets 5 likesShow this thread -
FYI: /dev/urandom gets you the best randomness the operating system can give you without blocking, which is 99.99% of the time good enough, except on boot. /dev/random blocks, possibly indefinitely, until it can give you the number of truly random bits you asked for.
3 replies 3 retweets 7 likesShow this thread -
Reading crypto library code gives the sad tail of how this doesn't really work universally: https://github.com/openbsd/src/blob/b0510ced780f5cbd1d8e820bedd5c8be2840072f/lib/libcrypto/arc4random/getentropy_linux.c …
1 reply 0 retweets 2 likesShow this thread -
Robᵉʳᵗ Graham 😷 Retweeted Will Dormann
So there's is a long running debate about whether /dev/random is more secure than /dev/urandom, but I don't believe the debate actually exists, despite clear evidence to the contrary:https://twitter.com/wdormann/status/1136021564376436736 …
Robᵉʳᵗ Graham 😷 added,
1 reply 0 retweets 1 likeShow this thread -
So what happened is that some documentation, like a man page for /dev/random, claimed /dev/urandom was insecure, and this has made many people confused. But everyone knows that once /dev/urandom has been seeded correctly, it's absolutely secure.
1 reply 0 retweets 3 likesShow this thread -
By "absolutely" I of course mean "relatively", as secure as anything else in our insecure world. :-)
3 replies 0 retweets 3 likesShow this thread -
Robᵉʳᵗ Graham 😷 Retweeted Saleem Rashid
So in response to this tweet, no "getrandom()" doesn't work because it's a relatively new function in the Linux kernel, and does exist in a lot of other operating systems.https://twitter.com/saleemrash1d/status/1136022947750141952 …
Robᵉʳᵗ Graham 😷 added,
2 replies 0 retweets 0 likesShow this thread -
So take my 'rdpscan' tool, for example. I had to fix an issue brought up because it didn't compile quite right on Linux kernel version 2.6.32 (CentOS 6.10). The 'getrandom()' function wasn't available until 3.17 of the Linux kernel. And it's not available for macOS.
4 replies 0 retweets 2 likesShow this thread
Linux is the only modern system with a flaky /dev/urandom at boot. Solved with get random or by poll(2)ing on /dev/random and using /dev/urandom as soon as it doesn’t block any more. macOS doesn’t have getrandom() but it has getentropy() which is quite portable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.