random(7)
NAME
random - overview of interfaces for obtaining randomness
DESCRIPTION
The kernel random-number generator relies on entropy gathered from
device drivers and other sources of environmental noise to seed a
cryptographically secure pseudorandom number generator (CSPRNG). It is
designed for security, rather than speed.
The following interfaces provide access to output from the kernel
CSPRNG:
* The /dev/urandom and /dev/random devices, both described in
random(4). These devices have been present on Linux since early
times, and are also available on many other systems.
* The Linux-specific getrandom(2) system call, available since Linux
3.17. This system call provides access either to the same source as
/dev/urandom (called the urandom source in this page) or to the same
source as /dev/random (called the random source in this page). The
default is the urandom source; the random source is selected by
specifying the GRND_RANDOM flag to the system call.
Initialization of the entropy pool
The kernel collects bits of entropy from the environment. When a
sufficient number of random bits has been collected, the entropy pool
is considered to be initialized.
Choice of random source
Unless you are doing long-term key generation (and most likely not even
then), you probably shouldn't be reading from the /dev/random device or
employing getrandom(2) with the GRND_RANDOM flag. Instead, either read
from the /dev/urandom device or employ getrandom(2) without the
GRND_RANDOM flag. The cryptographic algorithms used for the urandom
source are quite conservative, and so should be sufficient for all
purposes.
The disadvantage of GRND_RANDOM and reads from /dev/random is that the
operation can block for an indefinite period of time. Furthermore,
dealing with the partially fulfilled requests that can occur when using
GRND_RANDOM or when reading from /dev/random increases code complexity.
Monte Carlo and other probabilistic sampling applications
Using these interfaces to provide large quantities of data for Monte
Carlo simulations or other programs/algorithms which are doing
probabilistic sampling will be slow. Furthermore, it is unnecessary,
because such applications do not need cryptographically secure random
numbers. Instead, use the interfaces described in this page to obtain
a small amount of data to seed a user-space pseudorandom number
generator for use by such applications.
Comparison between getrandom, /dev/urandom, and /dev/random
The following table summarizes the behavior of the various interfaces
that can be used to obtain randomness. GRND_NONBLOCK is a flag that
can be used to control the blocking behavior of getrandom(2). The
final column of the table considers the case that can occur in early
boot time when the entropy pool is not yet initialized.
Interface Pool Blocking Behavior when pool
behavior is not yet ready
/dev/random Blocking If entropy too Blocks until
pool low, blocks enough entropy
until there is gathered
enough entropy
again
/dev/urandom CSPRNG Never blocks Returns output
output from uninitialized
CSPRNG (may be low
entropy and
unsuitable for
cryptography)
getrandom() Same as Does not block Blocks until pool
/dev/urandom once is pool ready
ready
getrandom() Same as If entropy too Blocks until pool
GRND_RANDOM /dev/random low, blocks ready
until there is
enough entropy
again
getrandom() Same as Does not block EAGAIN
GRND_NONBLOCK /dev/urandom once is pool
ready
getrandom() Same as EAGAIN if not EAGAIN
GRND_RANDOM + /dev/random enough entropy
GRND_NONBLOCK available
Generating cryptographic keys
The amount of seed material required to generate a cryptographic key
equals the effective key size of the key. For example, a 3072-bit RSA
or Diffie-Hellman private key has an effective key size of 128 bits (it
requires about 2^128 operations to break) so a key generator needs only
128 bits (16 bytes) of seed material from /dev/random.
While some safety margin above that minimum is reasonable, as a guard
against flaws in the CSPRNG algorithm, no cryptographic primitive
available today can hope to promise more than 256 bits of security, so
if any program reads more than 256 bits (32 bytes) from the kernel
random pool per invocation, or per reasonable reseed interval (not less
than one minute), that should be taken as a sign that its cryptography
is not skillfully implemented.
SEE ALSO
getrandom(2), random(4), urandom(4), signal(7)
COLOPHON
This page is part of release 4.09 of the Linux man-pages project. A description of the project, information about reporting bugs, and the latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.
Opportunity
Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.
Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.
Free Software
Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.
Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.
Free Books
The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.
Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.
Education
Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.
Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.
