[gnutls-dev] Re: alternative /dev/random

[Travis H.]

On 3/1/06, Nikos Mavrogiannopoulos <address@hidden> wrote:
> That would be trully a good idea. Of course you have to define
> your semantics, for random numbers, and try to emulate them using each host's
> available devices. Otherwise it would be unknown what to expect in
> every system. The problem in a library like that would be the emulation
> of these devices in systems that don't support them, and then you
> have to think about thread safety, forks (that might lead to producing
> the same numbers etc)... It sounds like lots of work... :)

Yes, well, I'd start by simply throwing an exception if the host OS
doesn't support what you requested, but obviously I'd want to emulate
eventually.

Of course, you can always create a PRNG with real random numbers, but
one cannot go the other direction.  So, FreeBSD could not have a
"really random" device.

I think the right solution will be an engineering one, where you make
careful tradeoffs between speed and requirements.  For example, can it
recover from state compromise?  How quickly?  How fast is the PRNG
reseeded?  With what exactly?  Does reading from it affect other
devices (/dev/urandom draining /dev/random too)?  How quickly does it
work?  How quickly _can_ it repeat?  Can it be distinguished from
"real random numbers", and if so, how and with how much data?

This to me is too complex to express with device major and minor
numbers, and when the various OSes try, they will make confusion. 
It's already happening.  Eventually it will shake out, but until the
differences go away (think AT&T vs. BSD) application developers need
something portable.

Plus it sounds like fun work.  I have two HWRNGs now with very little to do :)
--
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484