Cryptographically strong random - /dev/urandom ?

[Luke Gorrie]

Roger Larsson <roger.larsson@REDACTED> writes:

> On Monday 18 April 2005 18.57, klacke@REDACTED wrote:
> > On Mon, Apr 18, 2005 at 12:58:50PM +0300, joel reymont wrote:
> > > Folks,
> > >
> > > I understand that SSL in Erlang is based on OpenSSL. That library also
> > > comes with a cryptographically strong random implementation but that
> > > bit is not included in Erlang SSL.
> > >
> > > Is there a cryptographically strong implementation for Erlang?
> >
> > We do:
> >
> >
> > random_ascii_str(Length) ->
> >     random_ascii_str(Length, os:cmd("dd if=/dev/urandom count=1"), [], 0).
> 
> from "man urandom"
>        When  read,  /dev/urandom  device  will  return  as  many  bytes as are
>        requested.  As a result, if there is  not  sufficient  entropy  in  the
>        entropy  pool,  the  returned  values are theoretically vulnerable to a
>        cryptographic attack on the algorithms used by the  driver.   Knowledge
>        of how to do this is not available in the current non-classified liter‐
>        ature, but it is theoretically possible that such an attack may  exist.
>        If this is a concern in your application, use /dev/random instead.

The boring thing with /dev/random is that it can block until you
wiggle the mouse :-)

-Luke (not somebody to take any cryptography advice from)