[GTALUG] Crypto Question: Where do you get your entropy

D. Hugh Redelmeier hugh at mimosa.com
Fri Nov 14 07:19:15 UTC 2014


| From: William Muriithi <william.muriithi at gmail.com>

[Your MUA seems to muck up linebreaks in quoting.  It also converted
some of what I typed to non-ASCII.  I've tried to fix that.]

| >Adversaries can easily break your cryptosystem if
| >you don't have sufficient entropy. It's that bad.
| 
| >What sources do you use? /dev/random and
| >/dev/urandom are the Linux
| >channel for entropy. There are various sources
| >that can be pooled by the kernel:
| 
| 
| /dev/urandom does not generate entropy I think. It depends on 
| /dev/random. The firmer just stretch the later entropy.

Neither generates entropy.  That's why I described them as channels.  I 
tried to be fairly careful in what I said.

You are right that /dev/random only yields as many bytes as the
kernel estimates there are bytes of entropy in the pool and that
/dev/urandom will give as many bytes as you ask for, even if the
entropy estimate says that there is none remaining.

Entropy is a tricky topic.  Maybe this talk next Monday will be
enlightening:
<http://www.fields.utoronto.ca/programs/scientific/fieldsmedalsym/14-15/Images/fms_po_final.pdf>
I'm thinking of going.

| The problem is more acute with servers though unfortunately as most run 
| on virtualized environment these day and since there is no console, they 
| gave little entropy during start up.

Good point: virtual servers are even worse off than real servers.


More information about the talk mailing list