Solaris random device

Andreas Pommer apommer@cosy.sbg.ac.at
Sat, 13 May 2000 10:59:24 +0200


On May 12, Lars Hecking wrote:
[..]

> But still, I'd like to hear some good arguments for using this device
> at all. I am basically unclued about crypto, but I understand that a
> "good" random source is instrumental. From a user perspective, is the
> Solaris device appropriate? Is there a danger of creating weakly encrypted
> files with it?
Currently it is more similar to the linux /dev/urandom , less to /dev/random. At every call to the device some entropy is added (from a high resolution timer, and sometimes process id) and subsequently mangled by some hash algorithms (IIRC SHA?). Still todo: More entropy sources have to be added. The solaris kstat interface provides access to a large number of kernel counters which can be used for that purpose. However, the "good" ones have to be determined.
> Thanks a lot for being so helpful, guys, I really appreciate it!
> (Ok with me if you want to move this discussion over to -users)
I didn't subscribe to users, maybe I should ... Andreas