> > seconds). The same test with /dev/urandom returns instantly. Perhaps
there
> > should be an option to use either. For instances where only a few truly
> > random bytes is needed (i.e. one session key), use /dev/random. When you
> > need many random bytes quickly, use /dev/urandom?
>
> Not sure if this is intuitive. How many bytes is "a few"? Maybe just be
> honest about it and name them randomstr and urandomstr or such.
>
In the patch that I sent last night, I explicitly limited /dev/random to 64
bytes. I agree that this is not very intuitive, but for specific purposes,
such as generating a session key for tripledes (24 byte/192 bit random
string yielding 168 bits for a the key) periodically, it is quite useful.
There's a tradeoff here between cryptographic strength (favoring
/dev/random) and application performance (favoring /dev/urandom) that will
vary significantly from application to application. It's nice to have the
option depending on your needs.
Having said that, I'm not married to the idea that we should provide access
to both /dev/random and /dev/urandom. I'd be happy to roll another patch,
limited to just urandom, and renaming the function if you feel strongly
about it. (should we move this discussion back to hackers to get a wider
audience?)
-- Joe
