david wong

Hey! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

Myths about /dev/urandom

posted December 2014

In one of my class the teacher advise against /dev/urandom.

I wondered why. I remembered reading some articles about random vs urandom and urandom being better, but that was years ago and my memory is not fresh. Wikipedia does advise against it, as does the manpage if you want to generate a long term key.

I also stumbled on one of Thomas Pornin's answer on the security SO also pointing to a blogpost from Thomas Hühn

tl;dr:

Fact: /dev/urandom is the preferred source of cryptographic randomness on UNIX-like systems.

Well done! You've reached the end of my post. Now you can leave me a comment :)