Hacker Newsnew | comments | show | ask | jobs | submit login

Reads from /dev/random will block when the entropy pool is empty. You can see the number of bits of entropy available on a Linux systems via:

$ cat /proc/sys/kernel/random/entropy_avail

If you need more, better randomness, check out the Entropy Key:

http://www.entropykey.co.uk/




Blocking /dev/random when entropy is low is the correct behaviour, but it is a system-dependent behaviour. Darwin (Mac OSX) has the two sources behave identically.

The Darwin man page justifies this behaviour saying:

     /dev/urandom is a compatibility nod to Linux. On Linux, /dev/urandom will produce lower quality output if the
     entropy pool drains, while /dev/random will prefer to block and wait for additional entropy to be collected.  With
     Yarrow, this choice and distinction is not necessary, and the two devices behave identically. You may use either.
and then contradicts itself later by saying:

    Yarrow is a fairly resilient algorithm, and is believed to be resistant to non-root.  The quality of its output is
    however dependent on regular addition of appropriate entropy.

-----




Guidelines | FAQ | Support | API | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: