Random numbers
Sandy Harris
sandyinchina at gmail.com
Wed Nov 3 05:30:22 UTC 2010
Things that might help get a handle on such problems:
A standard reference: "Randomness Requirements for Security"
http://tools.ietf.org/html/rfc4086
Well-designed true random number generator using a sound
card or on-board equivalent:
http://www.av8n.com/turbid/paper/turbid.htm
Overview article, partly my writing:
http://en.citizendium.org/wiki/Random_number
For the average desktop system, random(4) is likely enough.
Typical applications do not require all that much random
material, and most such machines have enough mouse,
keyboard & disk activity to produce it.
Where you need more is on servers that do a lot of crypto
such as a web server with many SSL connections, or on
machines without much random input -- diskless server
that has no keyboard, mouse or user, for example.
For those cases, if you do not have a true RNG in the
chipset, use Turbid (2nd link above).
More information about the ubuntu-users
mailing list