Menu
I've been looking at ways to generate a strong 256 bit/32 byte symmetric key for the HMAC_SHA256 algorithm. I stumbled upon the /proc/sys/kernel/random/uuid file.
According to man random(4): "The read-only files uuid and boot_id contain random strings like 6fd5a44b-35f4-4ad4-a9b9-6b9be13e1fe9. The former is generated afresh for each read, the latter was generated once."
The string from cat /proc/sys/kernel/random/uuid looks ideal for this purpose. I can remove the '-' chars and end up with a 32 bytes of randomness.
Is this a valid approach to generate a cryptographically strong source of keying material?
791
An old question but in case anyone stumbles on it, I wouldn't advise this.
/proc/sys/kernel/random/uuid is a type 4 (random) UUID with certain semantics - it's not just a string of random hex characters. For example you'll see the first digit in the third group is always a 4.
For 256 random bits just read 32 bytes from /dev/random (uses external entropy, can block) or /dev/urandom (never blocks).
130
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
