Does /dev/random in virtual guests provide good random data?
Yuri
yuri at rawbw.com
Mon Jul 13 08:26:40 UTC 2015
On 07/12/2015 18:14, Tim Kientzle wrote:
> http://www.2uo.de/myths-about-urandom/
>
> In particular, it has this interesting comment:
>
> FreeBSD does the right thing: they don't have the distinction
There are two approaches in random stream generation. One is to have the
sufficient random seed, and keep generating the following pseudo-random
numbers only from this seed. The second approach is to also continuously
feed the stream from some external source of entropy.
The fact that the long running linux VM still blocks on /dev/random
indicates that linux tries to collect more entropy on the go, following
the latter approach (intuitively I would also agree this is better for
randomness).
So it isn't clear why FreeBSD random stream would be of the same
quality, if it doesn't collect entropy on the go. Because both Linux and
BSD have exactly the same entropy sources in VM.
Yuri
More information about the freebsd-hackers
mailing list