[Ach] Recomendation on haveged in Bettercrypto chapter 3.3.3

Manuel Kraus ach at lsd.is
Wed Apr 29 19:08:17 CEST 2015

Am 29.04.2015 um 13:37 schrieb Maciej Soltysiak:
> The author writes quite convincingly that low entropy does not matter;
> that there is no count of entropy, but an estimate and given the fact
> that in actuality /dev/random and /dev/urandom are fed by the same
> CSPRNG, the only difference is that /dev/random blocks and
> /dev/urandom is - given the computational security we're aiming to get
> - a safe bet.

Haveged was at least a solution to make /dev/random not blocking any
more. If unpredictability itself is enough security, instead of having
some academical argued real-true-whatever random generator, I'm fine
with that (well, as long urandom does not throw series of zeroes of
course ;-).

So, the remaining question is: Which random device is actually used by
the different programs and how to switch all of them to /dev/urandom?

If there is no simple approach, I tend to keep using havged to simply
avoid blocking. ;-)


More information about the Ach mailing list