You should probably use your system urandom/random in preference to any applicat... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tptacek on Dec 5, 2012 | parent | context | favorite | on: Exploit Information Leaks in Random Numbers from P...

You should probably use your system urandom/random in preference to any application-layer CSPRNG. Your OS developers are charged with maintaining a high-profile high-value CSPRNG used for most applications on the system, and vulnerabilities in it are a hair-on-fire problem. The same is not true of application-layer replacements. The kernel RNG is also in a privileged position to collect entropy.

wglb on Dec 6, 2012 [–]

And what about them new-fangled Intel random number generating instructions?

tptacek on Dec 6, 2012 | [–]

You should trust that your OS will use them when it makes sense to use them. :)

(I'm being glib.)

wglb on Dec 6, 2012 | | [–]

And I was being a bit silly.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact