Generating Unique Keys

Paul Rubin phr-n2003b at NOSPAMnightsong.com
Wed Jan 29 17:13:22 CET 2003


Nagy László <nagylzs at freemail.hu> writes:
> >Sorry to be off topic, but why especially?  At least on Linux,
> >/dev/random is determined by various hardware factors chosen for the
> >difficulty to guess them (i.e. the float between keyboard controller
> >clock and the CPU clock generator) and then passed through a one way
> > hash function.

> Isn't it used for initializing only? I thought that initial PRNG
> state is choosen randomly by those factors but after that only the
> PRNG algorithm is used. I'm not familiar with the Linux source code
> but I wonder how can they assure the correct distributions
> otherwise?  (You cannot examine those true random factors
> theoretically.)

/dev/random is supposed to return real physical entropy.  /dev/urandom
feeds the entropy through a cryptographic RNG.  /dev/urandom is the
right interface to use for session tokens, because /dev/random stalls
if there's not enough entropy in the system.  You can get a few bits
per second from it at most.




More information about the Python-list mailing list