From: azet@... Date: 2016-01-02T01:48:21+00:00 Subject: [ruby-core:72661] [Ruby trunk - Bug #9569] SecureRandom should try /dev/urandom first Issue #9569 has been updated by Aaron Zauner. Tracker changed from Feature to Bug Assignee set to ruby-core Hi, This still seems to be the case according to the code available on GitHub. I urge the core team to move to `/dev/urandom`. It is an urban-legend (as Thomas Ptacek notes in the sockpuppet.org blog-post referenced two years ago) that one should use `/dev/random` or even fiddle nor interfere with seeding or entropy on Linux. The kernel does this for you. The only instance where you actually might wanna add entropy is during boot-strap or first boot of embedded devices or (cloned) virtual machines. Ask any cryptographer about this and they'll tell you that `random(4)` is just plainly wrong and nobody cared to update it yet. The issuer before me has linked to various cryptographers telling you in their blogs to use `/dev/urandom`. Why would you rather listen to an out-dated man page? Even how this works (CSPRNG and entropy) in the kernel has changed significantly since the man page was last updated. An OS does not "run out of entropy". This is not how a CSPRNG works [0]. Think of these constructions like you'd with entropy when considering the 2nd law of thermodynamics. :) Thanks, Aaron [0] Here a cryptographer explains it to you: http://crypto.stackexchange.com/a/12441 ---------------------------------------- Bug #9569: SecureRandom should try /dev/urandom first https://bugs.ruby-lang.org/issues/9569#change-55912 * Author: Corey Csuhta * Status: Rejected * Priority: Normal * Assignee: ruby-core * ruby -v: * Backport: ---------------------------------------- Right now, `SecureRandom.random_bytes` tries to detect an OpenSSL to use before it tries to detect `/dev/urandom`. I think it should be the other way around. In both cases, you just need random bytes to unpack, so SecureRandom could skip the middleman (and [second point of failure](http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)) and just talk to `/dev/urandom` directly if it's available. Is this a case of just re-ordering the two code chunks so that `/dev/urandom` is tried first? Relevant lines: https://github.com/ruby/ruby/blob/trunk/lib/securerandom.rb#L59-L90 -- https://bugs.ruby-lang.org/ Unsubscribe: