随机与乌兰多姆之间的差异 [英] differences between random and urandom

问题描述

我正在尝试找出/dev/random和/dev/urandom文件之间的区别

I'm trying to find out the differences between /dev/random and /dev/urandom files

1. /dev/random和/dev/urandom有什么区别?
2. 我什么时候应该使用它们?
3. 我什么时候不应该使用它们?

1. What are the differences between /dev/random and /dev/urandom?
2. When should I use them?
3. when should I not use them?

推荐答案

使用/dev/random可能需要等待结果，因为它使用了所谓的熵池，其中可能无法获得随机数据在这一刻.

Using /dev/random may require waiting for the result as it uses so-called entropy pool, where random data may not be available at the moment.

/dev/urandom返回的字节数与用户请求的字节数相同，因此随机性小于/dev/random.

/dev/urandom returns as many bytes as user requested and thus it is less random than /dev/random.

可以从手册页中读取:

随机

读取时，/dev/random设备将仅返回以下范围内的随机字节 熵池中估计的噪声位数. /dev/random 应该适合需要非常高品质随机性的用途 例如一次性键盘或密钥生成.当熵池为 为空，从/dev/random读取将被阻止，直到发生其他情况 收集到环境噪音.

When read, the /dev/random device will only return random bytes within the estimated number of bits of noise in the entropy pool. /dev/random should be suitable for uses that need very high quality randomness such as one-time pad or key generation. When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered.

urandom

从/dev/urandom设备进行的读取不会阻止等待更多 熵.结果，如果 熵池，从理论上讲，返回值很容易受到 对驱动程序使用的算法的加密攻击.知识 当前未分类中如何执行此操作 文献，但从理论上讲，这样的攻击可能会 存在.如果您的应用程序中有此问题，请使用/dev/random 代替.

A read from the /dev/urandom device will not block waiting for more entropy. As a result, if there is not sufficient entropy in the entropy pool, the returned values are theoretically vulnerable to a cryptographic attack on the algorithms used by the driver. Knowledge of how to do this is not available in the current unclassified literature, but it is theoretically possible that such an attack may exist. If this is a concern in your application, use /dev/random instead.

出于加密目的，由于返回的数据性质，您应该真正使用/dev/random.出于安全考虑，IMO应该考虑可能的等待权衡.

For cryptographic purposes you should really use /dev/random because of nature of data it returns. Possible waiting should be considered as acceptable tradeoff for the sake of security, IMO.

当您需要快速的随机数据时，当然应该使用/dev/urandom.

When you need random data fast, you should use /dev/urandom of course.

来源:维基百科页， 查看全文