Solaris random device
Andreas Pommer
apommer@cosy.sbg.ac.at
Sat, 13 May 2000 10:59:24 +0200
On May 12, Lars Hecking wrote:
[..]
> But still, I'd like to hear some good arguments for using this device
> at all. I am basically unclued about crypto, but I understand that a
> "good" random source is instrumental. From a user perspective, is the
> Solaris device appropriate? Is there a danger of creating weakly encrypted
> files with it?
Currently it is more similar to the linux /dev/urandom , less to /dev/random.
At every call to the device some entropy is added (from a high resolution
timer, and sometimes process id) and subsequently mangled by some hash
algorithms (IIRC SHA?). Still todo: More entropy sources have to be added.
The solaris kstat interface provides access to a large number of kernel
counters which can be used for that purpose. However, the "good" ones
have to be determined.
> Thanks a lot for being so helpful, guys, I really appreciate it!
> (Ok with me if you want to move this discussion over to -users)
I didn't subscribe to users, maybe I should ...
Andreas