3

Myths about /dev/urandom says that in rare cases very shortly after boot, the CSPRNG may not have had enough entropy to be properly seeded and /dev/urandom may not produce high-quality randomness.

How do I check to ensure that /dev/urandom has been properly seeded?

muru
  • 72,889
Tom Hale
  • 30,455
  • Many popular distros save a random seed upon shutdown, so there should be sufficient entropy when you are using one of those. Which distro are you using? – heemayl Jan 05 '17 at 04:36
  • Manjaro. I'm getting uninitialized urandom read (16 bytes read) at kernel boot. – Tom Hale Jan 05 '17 at 05:04
  • 1
    Try cat /proc/sys/kernel/random/entropy_avail – Kirill Sinitski Jan 05 '17 at 18:25
  • Good thought... how much /dev/random entropy available is needed to properly seed /dev/urandom? – Tom Hale Jan 06 '17 at 01:24
  • This depends on what you are doing and how concerned you are with security. Typically, you should Really Care about seeding your cryptographic random number generators. Assuming you are using OpenSSL's DRBG based on AES256-CTR with random nonce, you should have no less than 384 bits of entropy after you finished booting. – Kirill Sinitski Jan 06 '17 at 14:36
  • /dev/random and /dev/urandom are not seeded off each other. Depending on your kernel version, they are seeded from add_disk_randomness(), add_interrupt_randomness(), and add_input_randomness(). See drivers/char/random.c for details. – Kirill Sinitski Jan 06 '17 at 14:41

0 Answers0