The general solution, when you look in crypto libraries like OpenSSL, is to read from /dev/urandom AND gather some of your own entropy to "mix" in. Because crypto, we can endlessly mix extra data in and it'll never make it worse.
-
Show this thread
-
FYI: /dev/urandom gets you the best randomness the operating system can give you without blocking, which is 99.99% of the time good enough, except on boot. /dev/random blocks, possibly indefinitely, until it can give you the number of truly random bits you asked for.
3 replies 3 retweets 7 likesShow this thread -
Reading crypto library code gives the sad tail of how this doesn't really work universally: https://github.com/openbsd/src/blob/b0510ced780f5cbd1d8e820bedd5c8be2840072f/lib/libcrypto/arc4random/getentropy_linux.c …
1 reply 0 retweets 2 likesShow this thread -
Robᵉʳᵗ Graham 😷 Retweeted Will Dormann
So there's is a long running debate about whether /dev/random is more secure than /dev/urandom, but I don't believe the debate actually exists, despite clear evidence to the contrary:https://twitter.com/wdormann/status/1136021564376436736 …
Robᵉʳᵗ Graham 😷 added,
1 reply 0 retweets 1 likeShow this thread -
So what happened is that some documentation, like a man page for /dev/random, claimed /dev/urandom was insecure, and this has made many people confused. But everyone knows that once /dev/urandom has been seeded correctly, it's absolutely secure.
1 reply 0 retweets 3 likesShow this thread -
By "absolutely" I of course mean "relatively", as secure as anything else in our insecure world. :-)
3 replies 0 retweets 3 likesShow this thread -
Robᵉʳᵗ Graham 😷 Retweeted Saleem Rashid
So in response to this tweet, no "getrandom()" doesn't work because it's a relatively new function in the Linux kernel, and does exist in a lot of other operating systems.https://twitter.com/saleemrash1d/status/1136022947750141952 …
Robᵉʳᵗ Graham 😷 added,
2 replies 0 retweets 0 likesShow this thread -
So take my 'rdpscan' tool, for example. I had to fix an issue brought up because it didn't compile quite right on Linux kernel version 2.6.32 (CentOS 6.10). The 'getrandom()' function wasn't available until 3.17 of the Linux kernel. And it's not available for macOS.
4 replies 0 retweets 2 likesShow this thread -
Replying to @ErrataRob
Also arc4random() is available on BSD, macOS and WebAssembly (WASI).
1 reply 0 retweets 1 like -
It’s still called arc4random() but at least on OpenBSD, FreeBSD and WebAssembly, it’s not using RC4 any more.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.