[PLUG] Random number generator changes in Linux 5.17 and 5.18

[Walt Mankowski via plug <plug@lists.phillylinux.org>]

Summary: /dev/random and /dev/urandom are becoming exactly the same thing.

https://www.zx2c4.com/projects/linux-rng-5.17-5.18/

/dev/random and /dev/urandom are devices on Linux system. Programs can read from them, and they will return random data. Historically the difference is that /dev/random returned data solely from the kernel's entropy pool (environmental noise gathered from device drivers and other sources), while /dev/urandom used a pseudorandom number generator that was initialized from the entropy pool. Another major difference is that /dev/random can block if the entropy pool is empty, while /dev/urandom never blocks. Because of that most applications are recommended to use /dev/urandom.

They're changing these devices to use the Fortuna random number generator. Fortuna uses a mix of entropy and pseudorandom number generator. As a result, the distinction between /dev/random and /dev/urandom is no longer needed. FreeBSD and macOS have already switched to Fortuna. Here's what random(4) on macOS has to say:

/dev/urandom is a compatibility nod to Linux. On Linux, /dev/urandom will produce lower quality output if the entropy pool drains, while /dev/random will prefer to block and wait for additional entropy to be collected. With Fortuna, this choice and distinction is not necessary, and the two devices behave identically. You may use either.

There's a LOT more detail about the changes at that link above, so if you're interested I encourage you to check it out.

Walt

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug