- From: Glenn Maynard <glenn@zewt.org>
- Date: Mon, 14 Feb 2011 19:15:24 -0500
On Mon, Feb 14, 2011 at 6:43 PM, Shabsi Walfish <shabsi at google.com> wrote: > OpenSSL is not exactly a reliable source of cryptographic best practices. > :) In any case, see here http://linux.die.net/man/4/urandom : No single implementation is; neither are Linux manpages. The question is whether there are security issues when generating long-term keys from a secure PRNG (RC4, Yarrow, Fortuna) from an entropy pool that's been seeded but exhausted. I suspect that question has been examined at great length by others in the past, so I doubt there's new ground for us to cover on this. It would be interesting if anyone knows of any competent analysis of this question (preferably in a form written for non-cryptographers). In any case, an API which returns random data with a guarantee of entropy inherently must block, like /dev/random does. That implies an asynchronous API, taking a callback which is called when the requested data is available. Even if that's ultimately wanted, it would be a separate API. (Of course, if that API is created later, then it should be similar to this one--an asynchronous version of this synchronous API. I can think of some minor speed bumps to making an async version of this API--you don't want to write to the array asynchronously, while other code is running--but nothing unreasonable.) -- Glenn Maynard
Received on Monday, 14 February 2011 16:15:24 UTC