Re: Why does reading from /dev/urandom deplete entropy so much?

From: Adrian Bunk <bunk@xxxxxxxxxx>
Date: Tue, 4 Dec 2007 17:18:11 +0100

On Tue, Dec 04, 2007 at 12:41:25PM +0100, Marc Haber wrote:

While debugging Exim4's GnuTLS interface, I recently found out that
reading from /dev/urandom depletes entropy as much as reading from
/dev/random would. This has somehow surprised me since I have always
believed that /dev/urandom has lower quality entropy than /dev/random,
but lots of it.

man 4 random

This also means that I can "sabotage" applications reading from
/dev/random just by continuously reading from /dev/urandom, even not
meaning to do any harm.

Before I file a bug on bugzilla,
...

The bug would be closed as invalid.

No matter what you consider as being better, changing a 12 years old and
widely used userspace interface like /dev/urandom is simply not an
option.

Greetings
Marc

cu
Adrian

--

"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Follow-Ups:
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Bill Davidsen
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Marc Haber
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Ray Lee
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Alan Cox

References:
- Why does reading from /dev/urandom deplete entropy so much?
  - From: Marc Haber

Prev by Date: MRS GREGGE VAN DER HOOFD.
Next by Date: [git pull] scheduler fixes
Previous by thread: Re: Why does reading from /dev/urandom deplete entropy so much?
Next by thread: Re: Why does reading from /dev/urandom deplete entropy so much?
Index(es):
- Date
- Thread

Relevant Pages

Re: 2.6.19-rc1: known regressions (v2)
... It was the sum of two independent bugs, and one of them was a kernel bug. ... Without reading the sources but only the bug report, ... There had been need of rain for many days. ...
(Linux-Kernel)
Re: I hate to bitch but bitch I must
... > wanted to point out a bug, the bug means that there is an anomaly under ... much experience reading man pages, and seem to expect them to conform to ... some sort of English Literary standards that are entirely inapplicable. ... You can tune a file system, but you can't tune a fish. ...
(freebsd-questions)
[AMG] New TV series, 3rd DVD...
... spoilers will be revealed in this post... ... stop reading now... ... A bug stealing the disc had nothing to do with the rise of bug activity? ... PERVERT PERVERT PERVERT... ...
(rec.arts.anime.misc)
Re: [AMG] New TV series, 3rd DVD...
... stop reading now... ... mirrors, Urd out of TVs, and Skuld out of water & water-based fluids so ... A bug stealing the disc had nothing to do with the rise of bug activity? ... The Mighty Light of ten thousand suns ...
(rec.arts.anime.misc)
Re: Status of Bug 8094 - ipaq oops on connecting "Vodafone VPA-II" ?
... But that bug is marked as "CLOSED CODE_FIX", though reading through ... the fix from that bug report _was_ merged as commit ... 9aebfd6bda789891e6d296bb49b5fb32d1057f18 (written by Greg). ...
(Linux-Kernel)