Menu
In Linux, just how random is /dev/urandom/? Is it considered safe?
Also is it possible to get a stream of 1's?
599
The /dev/urandom device provides a reliable source of random output, however the output will not be generated from an equal amount of random input if insufficient input is available. Reads from the /dev/urandom device always return the quantity of output requested without blocking.
Implementation Specifics. The /dev/random and /dev/urandom devices are created from major and minor numbers assigned by the device configuration subsystem when the random number generator is loaded, so the device names should always be used when attempting to locate or open the devices.
In Unix-like operating systems, /dev/random, /dev/urandom and /dev/arandom are special files that serve as pseudorandom number generators.
'Urandom' is used where there is constant need of random numbers and its randomness is not much important while 'random' is used where there is a security concern and its randomness should be reliable as it blocks outputting random numbers if entropy is not up to the mark.
Note 4.5 years later: this is bad advice. See one of these links for details.
If you're generating cryptographic keys on Linux, you want /dev/random, even if it blocks-- you don't need that many bits.
For just about anything else, like generating random test data or unpredictable session IDs, /dev/urandom is fine. There are enough sources of entropy in most systems (timing of keyboard and mouse events, network packets, etc) that the output will be unpredictable.
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
