Kevin Buettner wrote:
> If you read the code which implements /dev/random, you'll see that it
> does use timings (I'm not sure if keyboard keypresses are considered
> or not) from various of your computer's I/O subsystems in order to
> generate its entropy pool. The numbers that you get out of
> /dev/random are pretty good random numbers so long as you do not ask
> for them too fast. (If you use up the entropy in the entropy pool too
> quickly, it falls back on pseudo-random techniques for a while...)
cat /dev/random
spits out randomness at a medium pace. Also makes it pretty clear that
keystrokes (or the interupts they generate) are definitly part of the
package. Im not sure how one can use this up too fast, it seems to me
that cat would use them up as fast as possible, and result in a
constant stream of pseudorandom garbage if the above were true.
according to /usr/src/linux/Documentation/devices.txt,
/dev/random Nondeterministic random number gen.
/dev/urandom Faster, less secure random number gen.
/dev/urandom is the one that spits out data endlessly when subjected
to cat...
Perhaps the /dev/random in current distributions is really
/dev/urandom? I cant say - I had to use mknod per the docs in the
Linux source as there was no /dev/random on my system prior to me
reading about it in a kernel upgrade (That means, BTW, that not only
is relying on /dev/random not platform independant, but that it also
will not function on older linux releases as well!)
--
jkenner @ mindspring . com__
I Support Linux: _> _ _ |_ _ _ _|
Working Together To <__(_||_)| )| `(_|(_)(_|
To Build A Better Future. | <s>