[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Jul 6 16:37:03 CEST 2006


On Thu 06 Jul 2006 16:16, Jeremiah Foster wrote:

> I think there is a cron shell script fix provided on the debian exim
> web site, and I have heard that /dev/urandom is somewhat more secure
> on linux than /dev/random, but that the security and efficiency
> issues are as you say, that is problematic.

This is a common misunderstanding. /dev/urandom and /dev/random are the 
same random generator. The only difference is that /dev/random blocks 
when it thinks there is no entry available. And according to the author 
it is more "secure". 
 However there is no evidence to support that claim (and currently there 
is only evidence to the contrary). There are more efficient CPRNGs such
as the yarrow (freebsd) which are better studied than the Linux' and 
considered secure. 

regards,
Nikos





More information about the Gnutls-help mailing list