On 2017-08-28, Thomas Schmitt <scdbac...@gmx.net> wrote: > > But i myself have two use cases for (pseudo-)random numbers: > - Small but hard secrets which i need for security purposes. > - 3 times 25 GB of random stream to surely shake up the bits on a BD-RE > medium which previously contained embarassing data.
Here's a fresh (20 July of this year) view by Theodore Ts'o: https://lkml.org/lkml/2017/7/20/993 Practically no one uses /dev/random. It's essentially a deprecated interface; the primary interfaces that have been recommended for well over a decade is /dev/urandom, and now, getrandom(2). We only need 384 bits of randomness every 5 minutes to reseed the CRNG, and that's plenty even given the very conservative entropy estimation currently being used. > The first purpose is still assigned to /dev/random, according to the > new man pages (at least if one is committed by one's first name to be > a disbeliever). > > The second one is not a job for /dev/urandom either. It does not even > need a strong seed, because the data do not have to be secret. In fact > they are intended to be readable instead of the original data which i > want to destroy. > > > Have a nice day :) > > Thomas > > -- "The purpose of art is to lay bare the questions that have been hidden by the answers." — James Baldwin
