From Hackepedia
Jump to navigationJump to search

Randomness in some UNIX operating system can be achieved through cryptographically achieved randomness such as arc4random(3) which uses the interfaces /dev/random, /dev/arandom and /dev/urandom. This method is assumed to be pretty good, more on this at RFC 4086. Weak randomness can often lead to a system compromise.

Entropy sources

Sound cards and their white noise are a good means of entropy. Some CPU's provide random number generators which the Operating System may use. Crypto-accelerating cards usually provide a source of entropy.

Good randomness matters

In mid-may of 2008 a vulnerability was detected in Debian Linux. The developers at debian switched off a "random stirring" of random data, causing the seed of the randomness to be only a pid number which in debians case is 65535 possible seeds. Knowing that someone created an SSH key for example in the first 10,000 pids reduces the actual number of keys that can be generated significantly. Debian did this because it turned off a warning in some linting but acknowledged they were wrong in this and have advised everyone to upgrade their systems and redo their ssh keygens.