Timings for random
Gary E. Miller
gem at rellim.com
Sun Jan 29 21:17:00 UTC 2017
Yo Hal!
On Sat, 28 Jan 2017 23:19:32 -0800
Hal Murray <hmurray at megapathdsl.net> wrote:
> gem at rellim.com said:
> > rand() and RAND_pseudo_rand() are not random, just psuedo random,
> > thus not for NTP.
>
> Do you think fuzzing needs cryptographically strong randomness?
You are asking the wrong guy. I'm not sure we need any fuzzing.
> I timed RAND_pseudo_bytes() rather than RAND_bytes() because I didn't
> want to get mixed up with not enough randomness and it seemed good
> enough for what we needed.
You can't run out of randomness with RAND_bytes(). And as your
later tests showed, they had different performance.
> > What about the OpenSSL RAND_bytes()?
>
> It's slightly faster than RAND_pseudo_bytes() :) ??
Dunno, the point is that it is actually random.
> The man page says both will return 1 if the bytes generated are
> cryptographically strong. I wasn't able to use up the system
> entropy. Seems suspicious.
Modern Linux will no run out of entropy, except on startup.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20170129/57eb51ff/attachment.bin>
More information about the devel
mailing list