Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #7154

Re: How good is security via hashing

Show all headers | View raw

Robin Becker <robin@reportlab.com> writes:
> I have a vague memory that the original author felt that entropy might
> run out or something like that so reading from /dev/urandom always was
> not a good idea.

If there is enough entropy to begin with, then /dev/urandom should be
cryptographically strong.  The main danger is just after the system
boots and there has not yet been much entropy gathered from physical
events.

> FreeBSD re-uses the entropy, but the end target is Solaris so I'm not
> really sure about the details of /dev/urandom.

No idea about Solaris.  Another area of danger these days is virtual
hosts, since their I/O may be completely simulated.  They are not
certified for payment card processing, mostly for that reason.

Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread

Thread

How good is security via hashing Robin Becker <robin@reportlab.com> - 2011-06-07 11:18 +0100
  Re: How good is security via hashing Jean-Paul Calderone <calderone.jeanpaul@gmail.com> - 2011-06-07 04:40 -0700
    Re: How good is security via hashing Robin Becker <robin@reportlab.com> - 2011-06-07 13:27 +0100
      Re: How good is security via hashing Paul Rubin <no.email@nospam.invalid> - 2011-06-07 06:00 -0700
      Re: How good is security via hashing Nobody <nobody@nowhere.com> - 2011-06-07 22:23 +0100
        Re: How good is security via hashing Paul Rubin <no.email@nospam.invalid> - 2011-06-07 19:38 -0700
          Re: How good is security via hashing Nobody <nobody@nowhere.com> - 2011-06-08 08:18 +0100
            Re: How good is security via hashing Paul Rubin <no.email@nospam.invalid> - 2011-06-08 00:40 -0700

csiph-web