[Ecls-list] ECL start and random numbers
Philipp Marek
philipp at marek.priv.at
Mon Jul 18 12:08:14 UTC 2011
I just saw that ECL read /dev/urandom on startup, obviously to initialize its
random number generator.
* Is that required by the specification? eg. SBCL gives always the same
numbers, unless (seed-random-state T) is called (or (make-random-state T)).
* ECL reads (on my machine) 8kB from /dev/urandom - but, if I read
init_random_state() correctly, half of that is immediately dropped.
* If the randomization at startup is wanted, how about reading much less
(eg. 3 words) and using a pseudo-random-number generator to fill the
random state?
My reasoning is that most people don't need cryptographically secure [1]
random numbers; if they need some, they can (and for portability _should_)
always initialize the state themselves.
Certainly there's no need to read 8kB of randomness, is there? That more or
less guarantees that any instance of ECL that tries to run GPG or ssh-keygen
has to wait until the entropy in the OS is replenished.
I'd be willing to provide a patch for the third point above - if there's a
chance to get it included.
Regards,
Phil
Ad 1: yes, it's "only" /dev/urandom, but this uses entropy as well (if
one is available).
More information about the ecl-devel
mailing list