[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Nikos Mavrogiannopoulos
nmav at gnutls.org
Thu Jul 6 16:37:03 CEST 2006
On Thu 06 Jul 2006 16:16, Jeremiah Foster wrote:
> I think there is a cron shell script fix provided on the debian exim
> web site, and I have heard that /dev/urandom is somewhat more secure
> on linux than /dev/random, but that the security and efficiency
> issues are as you say, that is problematic.
This is a common misunderstanding. /dev/urandom and /dev/random are the
same random generator. The only difference is that /dev/random blocks
when it thinks there is no entry available. And according to the author
it is more "secure".
However there is no evidence to support that claim (and currently there
is only evidence to the contrary). There are more efficient CPRNGs such
as the yarrow (freebsd) which are better studied than the Linux' and
considered secure.
regards,
Nikos
More information about the Gnutls-help
mailing list