在 Linux 中,随机性有多强/dev/urandom/
?它被认为是安全的吗?
还有可能得到1的流吗?
请检查手册页:
Yarrow is a fairly resilient algorithm, and is believed to be resistant
to non-root. The quality of its output is however dependent on regular
addition of appropriate entropy. If the SecurityServer system daemon
fails for any reason, output quality will suffer over time without any
explicit indication from the random device itself.
Paranoid programmers can counteract this risk somewhat by collecting
entropy of their choice (e.g. from keystroke or mouse timings) and seed-
ing it into random directly before obtaining important random numbers.
使用 /dev/urandom,它的密码是安全的。
好读:http ://www.2uo.de/myths-about-urandom/
“如果您不确定应该使用 /dev/random 还是 /dev/urandom,那么您可能想要使用后者。”
如果在早期启动有疑问,您是否收集了足够的熵。改用系统调用getrandom()
。[1] 两全其美,它会阻塞直到(仅一次!)收集到足够的熵,之后它将永远不会再阻塞。
[1] git 内核提交