urandom 有多随机?

发布于 2024-08-14 04:26:39 字数 84 浏览 8 评论 0原文

在 Linux 中,/dev/urandom/ 的随机性到底有多大?它被认为是安全的吗?

还有可能得到1的流吗?

In Linux, just how random is /dev/urandom/? Is it considered safe?

Also is it possible to get a stream of 1's?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

╰沐子 2024-08-21 04:26:39

注意 4.5 年后:这是一个糟糕的建议。请参阅这些之一 链接了解详细信息。

如果您在 Linux 上生成加密密钥,则需要 /dev/random,即使它阻塞——你也不需要那么多位。

对于任何其他事情,例如生成随机测试数据或不可预测的会话 ID,/dev/urandom 都可以。大多数系统中都有足够的熵源(键盘和鼠标事件的计时、网络数据包等),因此输出将是不可预测的。

Note 4.5 years later: this is bad advice. See one of these links for details.

If you're generating cryptographic keys on Linux, you want /dev/random, even if it blocks-- you don't need that many bits.

For just about anything else, like generating random test data or unpredictable session IDs, /dev/urandom is fine. There are enough sources of entropy in most systems (timing of keyboard and mouse events, network packets, etc) that the output will be unpredictable.

遥远的她 2024-08-21 04:26:39

请查看手册页

Yarrow is a fairly resilient algorithm, and is believed to be resistant
     to non-root.  The quality of its output is however dependent on regular
     addition of appropriate entropy. If the SecurityServer system daemon
     fails for any reason, output quality will suffer over time without any
     explicit indication from the random device itself.

     Paranoid programmers can counteract this risk somewhat by collecting
     entropy of their choice (e.g. from keystroke or mouse timings) and seed-
     ing it into random directly before obtaining important random numbers.

Please check the man page:

Yarrow is a fairly resilient algorithm, and is believed to be resistant
     to non-root.  The quality of its output is however dependent on regular
     addition of appropriate entropy. If the SecurityServer system daemon
     fails for any reason, output quality will suffer over time without any
     explicit indication from the random device itself.

     Paranoid programmers can counteract this risk somewhat by collecting
     entropy of their choice (e.g. from keystroke or mouse timings) and seed-
     ing it into random directly before obtaining important random numbers.
浅唱々樱花落 2024-08-21 04:26:39

使用 /dev/urandom,其加密安全。

好读:http://www.2uo.de/myths-about-urandom/

“如果您不确定是否应该使用 /dev/random 还是 /dev/urandom,那么您可能想使用后者。”

当在早期启动时有疑问时,您是否收集了足够的熵。请改用系统调用getrandom()。 [1]
它是两全其美的,它会阻塞直到(仅一次!)收集到足够的熵,之后它就不会再阻塞。

[1] git 内核提交< /a>

use /dev/urandom, its cryptographically secure.

good read: http://www.2uo.de/myths-about-urandom/

"If you are unsure about whether you should use /dev/random or /dev/urandom, then probably you want to use the latter."

When in doubt in early boot, wether you have enough entropy gathered. use the system call getrandom() instead. [1]
Its best of both worlds, it blocks until (only once!) enough entropy is gathered, after that it will never block again.

[1] git kernel commit

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文