[PATCH v2] getrandom: new applet

Etienne Champetier champetier.etienne at gmail.com
Thu Jun 30 08:12:30 UTC 2016


Hi Rob,

2016-06-29 23:04 GMT+02:00 Rob Landley <rob at landley.net>:
> On 06/29/2016 10:31 AM, Daniel Thompson wrote:
>> On 29/06/16 16:04, Etienne Champetier wrote:
>> Thanks for the explanation. I had indeed overlooked that the getrandom
>> applet does not consume any entropy.
>
> His use case was saving a random seed and not consuming entropy is an
> advantage?

TLDR: getrandom() is safe for any use

a good read
http://www.2uo.de/myths-about-urandom/

Also
https://en.wikipedia.org/wiki//dev/random

Is there any serious argument that adding new entropy all the time is
a good thing? The Linux /dev/urandom manual page claims that without
new entropy the user is "theoretically vulnerable to a cryptographic
attack",[16] but (as I've mentioned in various venues) this is a
ludicrous argument—how can anyone simultaneously believe that

we can't figure out how to deterministically expand one 256-bit secret
into an endless stream of unpredictable keys (this is what we need
from urandom), but
we can figure out how to use a single key to safely encrypt many
messages (this is what we need from SSL, PGP, etc.)?

Regards
Etienne

>
> Rob


More information about the busybox mailing list