/dev/random does not block, emits poor entropy
Corinna Vinschen
corinna-cygwin@cygwin.com
Tue Oct 15 15:01:00 GMT 2013
On Oct 15 10:19, starlight.2013z3@binnacle.cx wrote:
> Hardware RNG marketing is deceiving
> when it talks about "true" RNG since
> even quantum-effect number generators
> have non-random patterns that must
> be algorithmically cleansed.
> Rather than a "true" RNG or TRNG, one
> wants as CSPRNG (cryptographically
> secure pseudorandom number generator)
> that combines a good source of hardware
> entropy and appropriate purifying
> algorithms.
The Windows RtlGenRandom (the underlying implementation of
CryptGenRandom which Cygwin will use from now on) already is a CSPRNG.
It's sort of reassuring that it already shows pretty good results when
used in the simple /dev/urandom form, given the latest NIST/NSA
entanglements. This is on Vista SP1 and later. The implementation on
older systems is somewhat weaker.
> People get quite hot about the topic,
> and apparently the Dilbert cartoon
> applies at all times, regardless:
>
> http://dilbert.com/strips/comic/2001-10-25/
:)
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20131015/872e6333/attachment.sig>
More information about the Cygwin
mailing list