Highest Voted 'devrandom' Questions - IT Security Stack Exchange

9

votes

1 answer

Is reading from /dev/urandom on macOS Catalina a safe way to produce cryptographically secure data?

I'm reading a lot about entropy on macOS... I know it doesn't use Yarrow anymore as per this FIPS 140-02 doc a NIST compliant DRBG. I read a lot: https://github.com/briansmith/ring/pull/398 How can I measure (and increase) entropy on Mac OS…

asked Dec 11 '19 at 15:44

Woodstock

679
6
20

4

votes

1 answer

Does rngd -r /path/to/file inject into /dev/urandom in addition to /dev/random?

I'm new to the /dev/random and /dev/urandom pipes in general and have an application calling from /dev/urandom which I'm attempting to inject entropy into. I'd prefer not to change the source for this application, but an additional process calling…

linux random entropy devrandom pseudo-random-number-generator

asked Apr 17 '20 at 15:29

CoryG

143
3

4

votes

1 answer

An alternative for /dev/urandom

I like to overwrite my harddisk with random data. Since /dev/urandom as source is too slow to overwrite a large amount of data in a reasonable time, I'm looking for a good alternative. These two options meet my speed requirements: (1) openssl with…

linux aes devrandom chacha20 cryptoshredding

asked Sep 22 '19 at 11:16

dev_new

4

votes

1 answer

Is pressing random keys a secure way to seed a key generator?

There's a couple of programs that I've been using recently that ask you to type random keys as a source of randomness to seed an RNG for key generation. Is this considered a good practice still, or is it better to rely on /dev/urandom and company as…

cryptography random devrandom

asked Feb 26 '19 at 23:25

Stack Tracer

514
2
5
14

3

votes

1 answer

Randomly generating invoice IDs

I'm in the process of setting up a local (i.e. offline and very limited) business, and I'm thinking of generating invoice IDs randomly to avoid the clients knowing that they're customer number #00000001 (and because I prefer something like #30549805…

random identity bash pseudo-random-number-generator devrandom

asked Jun 23 '20 at 17:17

Hashim Aziz

969
8
21

3

votes

1 answer

Would `cat /dev/random` be a denial of service to any other users of `/dev/random`?

As in the question. Wouldn't cat /dev/random decrease the entropy estimate until it blocks, which forces the random device to block for all applications on the current system?

random entropy devrandom

asked Jun 08 '18 at 15:40

oink

157
5

3

votes

2 answers

Is it still secure if a cryptographic key generated with OpenSSL while a backdoored HWRNG used?

Assuming I plugged a HWRNG in to my Linux machine, use OpenSSL to generate a RSA key pair and encrypted some text with AES. Later then, a researcher posted the HWRNG was backdoored. Should I consider those key are safe to use since Linux kernel…

cryptography linux hardware random devrandom

asked Sep 03 '17 at 14:57

Hartman

426
2
11

2

votes

1 answer

Can I use /dev/urandom for generating cryptographic keys?

I need to generate thousands of cryptographic keys. Can I just read the bits from /dev/urandom on a Red Hat system, or do I need to run it through a PRNG? My understanding is that /dev/urandom should be good enough, but I've had some push-back, so…

cryptography devrandom

asked Apr 06 '18 at 20:58

vy32

515
2
9

2

votes

2 answers

Token generation and random numbers

I have a swift server, where currently authentication is handled through a simple email+hashed password combination. I want to replace this with an access token ( + expiration ) so I can remove the storage of email/password on the end-users device…

token devrandom chacha20

asked Jun 19 '17 at 19:54

Antwan van Houdt

748
1
6
9

2

votes

1 answer

Windows .NET equivalent to Linux /dev/random

Is there a pseudo device-based random data stream/file that can be used in Windows .NET programming in the same way as /dev/random can be read and used as a source of random values on Linux based systems? I’m not asking whether .NET can provide a…

windows random .net devrandom

asked Jun 02 '17 at 17:28

David Scholefield

1,824
12
21

1

vote

2 answers

Is it bad to reveal random bytes from a system?

Let's say you cat /dev/random or /dev/urandom all day from boot to system shutdown, either redirecting the output to a file, or just catting it (in a terminal, or whatever) doesn't matter. Is this insecure, or a bad idea? If so, why? Revealing…

random pseudo-random-number-generator devrandom

asked Mar 19 '21 at 11:44

William Martens

177
9

1

vote

1 answer

Feeding entropy pool with my own data

Let's state that I have a huge bunch of truly unpredictable random data in file "random.bin". The random data has been created outside of my system and has been securely transfered into my system. Questions: How could I feed this file to the OS…

entropy unix devrandom

asked Sep 11 '20 at 15:07

Algiz

111
2

-1

votes

1 answer

What is "environmental noise"?

I'm looking at way to generate random numbers for cryptographic purposes. More specifically, I looked at the Linux /dev/urandom function, which is considered a real random number generator. There are others number generators such as the glibc rand()…

linux random pseudo-random-number-generator devrandom

asked Sep 24 '20 at 08:34

Sam The Sid

1
2

Questions tagged [devrandom]